Tag: cloud security
-
Handbook: Applying Zero Trust Principles in a Cloud-Centric World
Zero Trust … but to Which Cloud? In the cloud-centric world enterprises increasingly operate in, there are different interesting environments that zero trust principles should be applied to. One of them we’ve somewhat talked about the evolution of the enterprise IT network. That network is becoming more and more obsolete, slowly being replaced with different…
-
Handbook: Environments
One challenge of being a CISO is understanding scope: when a colleague tells you a truth (hypothetically “We patch our systems regularly”), in what environment is that true? Maybe they’re just referring to the core Windows Domain servers, or possibly to desktops, but it’s easy for executives, including CISOs, to hear that as “we do…
-
The cloud security emperor has no pants
“Shared responsibility” usually means that no one is responsible for minding the gap. Don’t fall in. As anyone who has worked on a cross-functional team with no clear owner knows, “shared” or “joint” responsibility often means that everyone assumes that someone else is taking care of the problem. Without clear effort to make sure that…