In honor of National Cybersecurity Awareness Month, we’re examining the ever-evolving security landscape on #cloudchat each week in October.
To kick off the four-part series, our #cloudchat experts set out to uncover what cybersecurity looks like in a multi-cloud world. A few themes prevailed, including that security should be at the forefront of planning with all parties involved, it’s not a one-size-fits-all model, and the Internet of Things, said Thomas Cameron, “scares the living hell” out of those paying attention.
Miss a #cloudchat? We have all the #cloudchat recaps here on the blog!
Joining us this week to hash out the ins-and-outs of multi-cloud security was Senior Manager of Cybersecurity Operations Travis Mercier and Racker Robert Sawyer. Also weighing in was CrowdStrike’s Dmitri Alperovitch, Microsoft’s Lee Holmes, MTM Techonologies’ Bill Kleyman, McAfee’s Wayne Anderson, Red Hat’s Thomas Cameron and Cybric’s mike d. kail. The group discussed the following:
- How has the fast-growing adoption of cloud computing changed #cybersecurity?
- Are there workloads you’d choose NOT to move to cloud specifically due to #cybersecurity or compliance concerns? Why or why not?
- What are the most important things to keep in mind when it comes to securing complex hybrid, multi-cloud environments?
- How do you access the #cybersecurity and cloud expertise required to protect your data? How difficult is it, and why?
- Are there any emerging technologies (e.g., IoT, big data, machine learning) that pose new/unique security challenges? Why?
- What’s the number one #cybersecurity risk for most businesses today?
Throughout the chat, all agreed that cloud computing has made cybersecurity extremely complex. Bill Kleyman shared an answer that aligns with almost every #cloudchat to date: that good cybersecurity revolves around people, process and education.
— Bill Kleyman (@QuadStack) October 5, 2017
Another theme emerged throughout the discussion: compliance is not the same as security and is no longer a reason not to move to the cloud.
A2: Very important to call out here that compliance /= security. Those are 2 different drivers and conversations. #cloudchat
— Diana Nolting (@DianaNolting) October 5, 2017
— Wayne Anderson (@DigitalSecArch) October 5, 2017
Lee Holmes, lead security architect for Azure, said the best way to access the cloud expertise required to protect your data is to “immerse yourself in reality.” Break it, fix it, and learn from it.
— Lee Holmes (@Lee_Holmes) October 5, 2017
With countless new technologies posing new threats, we asked our experts to share their biggest concerns and challenges. A resounding “IoT scares the hell out of me” could be heard from the rooftops.
— Thomas Cameron (@thomasdcameron) October 5, 2017
Q5: IoT: We are joining non-secure items to our secure networks. IoT is still in a honeymoon phase of play now secure later #cloudchat
— Eric Johnson (@edjgeek) October 5, 2017
Finally, CrowdStrike’s CTO Dmitri Alperovitch’s best piece of advice to consider when securing complex hybrid, multi-cloud environments is to “always assume you have been compromised and leverage your visibility to hunt for threats.”
— Dmitri Alperovitch (@DAlperovitch) October 5, 2017
Enjoy this week’s #cloudchat on cybersecurity in a multi-cloud world? Check out the Twitter Moment to catch all the expert conversation. Join us all month as we discuss the ins and outs of cybersecurity Thursday’s at 11 a.m. CST. Next up: Security breaches.