Cloud Security

Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.

To use Cloud computing securely requires companies to know where their data is stored and who has access to it. Ironically, the reason Cloud is so popular is because organisations don't want to worry about these details.

So can the issue be solved by adhering to standards? Increasing legislation? Maybe we need a global technical disaster to ‘sober up’ an industry drunk on the power of Moore's Law.

Information Security, IT Security, Technology Security, IT Risk and Security and IT Risk Services are all names that organisations use to define a functional unit within their enterprise that is responsible for the security, integrity and operational assurance of their information assets and operating environment.

Over the last 2-3 years cloud computing has promised, and in many instances delivered, a lower total cost of ownership. This has helped organisations return the focus of operation to their core activities—reducing the effort spent on managing IT infrastructure and applications.

The Industrial Revolution transformed four key aspects of society—innovation, transportation, communication and financial markets—changing the world forever. Although it began more than 200 years ago, there are surprising some parallels between this historically transformative period and IT security. The dynamics of the threat landscape and the increasing complexity of IT environments have given rise to a new era: The ‘Industrialisation of Hacking’.

The steady rise of cloud over the last few years across the software, infrastructure and platform domains has forced most technology business leaders to stop and take note. The voracity with which the perceived value and adoption of cloud computing and cloud Services has grown should be viewed and actioned as a strategic initiative and not a tactical undertaking with short term goals and limited benefits. To move things along and provide context I turn to Sun Tzu's "The Art of War", that helps identify strategy elements required by executives and senior management grappling with the challenge of cloud.

The word governance derives from the Greek verb κυβερνάω [kubernáo], which means to steer, and was used for the first time in a metaphorical sense by Plato (according to Wikipedia). Wikipedia further expands on the term, rightly calling it “the act of governing”. Governance relates to decisions that define expectations, grant power, or verify performance.