The Doppler Quarterly Fall 2016 - Page 83

Risk Management Minimum Viable Security Proactive Integrated Tools Your Cloud? • Correlation • Situational context • Common management • Threat and business risk context • Help identify & remediate risks • Automated responses Predictive • Advanced analytics to identify potential attacks via patterns and external data Layered Tools • Help people react faster Basics • Reactive • Point products Agility Figure 3: Security Program Maturity Vendor Management Multi-cloud strategies introduce a new dynamic for vendor management. Many cloud providers will offer credits tied to the level of spend on their specific platform. By choosing a multi-cloud strategy, you risk splitting the credits or losing them entirely. Multi-cloud strategies must constantly be evaluated against the potential spend of all IT capacity needs, to ensure that if additional spend comes from using multiple vendors, it will be offset by additional capabilities valuable to the business. In addition to vendor management for platforms, many cloud implementations require using new third-party tools and services. These third party tools provide organizations with the ability to manage capabilities across vendors, as well as add additional governance and management features not natively available on providers’ platforms. Third-party tools should be carefully assessed to ensure they have a pricing model that fits with organizational usage patterns. This pricing model should complement a strong set of capabilities and a long-term roadmap to continue to add value to the product, post ѥٕѵиQЁѡɑѽ́ɔ͕ѼЁЁ٥ͥѼ٥Յͥ́չ̰ٕɹɍЁ͕ɥ̸)ѥձѤՐɅѕ͡ձѡɽ́ȁɝѥɕհ͕͵ЁѡЁ͡ձ)ݕЁѡ́܁ȁ镐ɽ٥ȁݥɥѼ)ѡɝѥѡɽ՝ɕѕȁ䁅ѥ̸AɥȁѼ)她͕Րљɴԁ͡ձɍѕЁ5Y Ѽɔ)ɥ䁙ȁչѥ䁅ѡɽɍЁ͕ɥ̸)5ձѤՐѥɝѥѼٕɅЁɕ)ѕ́ɽمɥ䁽䁍مѥٕ̰ٔݡ)ɥх䰁͍䁅фɽѕѥ)10؁Q!=AA1H((