Security people are being pushed back on their heels, and the rest of the business is
only making it worse. So, where is the “hidden opportunity” in all of this?
What the Cloud Offers Organizations That is Different
Part of the “hidden opportunity” for security professionals is to take a step back and
re-evaluate how they approach security in their organizations. Moving to the public
cloud can be their catalyst. If done correctly, organizations will come back to the capa-
bilities that define their security posture, and then determine how those capabilities will
be executed in the public cloud.
This focus on capabilities will also help enterprises inherently understand their security
standards and regulatory implications. When organizations go to the capabilities level,
the conversation moves away from “how can I move a security tool out to the public
cloud?” to “what is the capability I am trying to satisfy?” Essentially, the organization
gets to rethink its security approach. Most importantly, it gets to try new methods and
approaches that embrace next-generation security. Are you smelling the “hidden
opportunity”?
Capabilities in the Public Cloud
It does not matter which public cloud you are moving to. Capabilities, by definition,
describe what you are trying to accomplish from a technology perspective – or for our
purposes, from a security perspective. How you accomplish those security capabilities
is a downstream event; therefore, the consideration of security capabilities should
always be cloud agnostic. The focus on security capabilities is also not just for a move to
public cloud. It holds true for any technology move, whether it involves IoT, SAP, private
cloud or any other shift you can think of. Those situations are not relevant to this con-
versation, but they are important when planning for the future.
8 | THE DOPPLER |
FALL 2019