It seems like everyone is talking about moving to the cloud these days. The efficiencies, productivity, agility, elasticity, and cost savings all make a compelling case for migrating from traditional private networks and data centers to private clouds and other virtualized instances, and eventually into public and hybrid environments.
Because of these advantages, government agencies and private enterprises across industries are all looking at ways to effectively embrace cloud-first strategies.
I attended a security conference just a few weeks ago, and many of the CISOs there said it makes sense to move to public and hybrid cloud solutions. And yet, many of them remain hesitant.
“Have you actually moved from private clouds to public clouds?,” I asked. The answer from many CISOs was the same: “No, we haven’t. Our CFOs tell us it’s the right thing to do, and everyone says they’re doing it, but I don’t know anyone who actually is.”
Of course, many companies are clearly moving to the public cloud, as evidenced by the growth of Amazon Web Services, Microsoft Azure, and other cloud providers. But these CISOs, to a person, all said their greatest concern around a cloud migration is maintaining control of their companies’ data and computing resources.
The irony, however, is that most CISOs and CSOs don’t actually have complete visibility into or control of what’s in their environments today. How many actually have an up-to-date asset management plan? Shadow IT, job/personnel changes, network expansion, and mergers and acquisitions all make it difficult for CISOs to keep up with their environments.
The truth is that while many of us are operating in the blind, we also have this massive need for control.
Continue reading…
