Webinar Recording

Security Benefits of Cloud Solutions

Show description
Speaker
Dr. Barbara Mandl
Fellow Analyst
KuppingerCole
Dr. Barbara Mandl
Dr. Barbara Mandl is a KuppingerCole Fellow Analyst with a focus on topics related to the CISO role in large enterprises. Her previous role was Group CISO at Daimler until May 2017; She was also responsible for Global Identity and Access Management at Daimler and Security Architecture. Dr....
View profile
Lead Sponsor
KuppingerCole Analysts AG
Top related content
Webinar Recording
The Role of Data-Centric Security in the Cloud
Sep 29, 2020

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Webinar Recording
Bridging the Cloud Sign-on Gap
Feb 09, 2012

KuppingerCole Webinar recording

Webinar Recording
The Strategic Approach to Cloud Computing. From Tactics and Chaos to Efficiency
Nov 08, 2012

KuppingerCole Webinar recording

Event Recording
Practical Cloud Protection: A Guide for Modern Businesses
Nov 16, 2023

The realm of cloud security has been extensively covered in books and articles, yet a crucial aspect remains ripe for exploration. It revolves around the fundamental understanding of what your cloud service provider offers and, equally vital, where your responsibilities lie in the realm of cloud security.


When embarking on the journey of adopting a cloud service, the foremost question to answer is, "What aspects of security do I need to oversee?" In a traditional on-premises setting, roles are distinct: IT manages infrastructure, information and cybersecurity handles security, and application developers bear the responsibility for code integrity. However, the landscape is evolving, with many organizations embracing DevOps, where these responsibilities are often shared, and the lines between development and operations blur or vanish.

Regardless of organizational structure, the majority of security obligations reside within your company's domain when you use an on-prem environment. Transitioning from an on-premises environment to a cloud environment presents one of the most intricate challenges—a more intricate shared responsibility model for security.

In the context of cloud security, two paramount concerns need close attention. 

The first is the risk of misconfiguration. In a cloud environment, misconfigurations can inadvertently expose sensitive data and vulnerabilities, underscoring the critical importance of ensuring that cloud services and resources are set up correctly to mitigate such risks.

The second concern is insider attacks. Cloud users often lack influence over the staff of cloud service providers, making it essential to consider the possibility of insider threats. While cloud service providers typically promise robust security measures in place, it's crucial for organizations to implement their own layers of security to safeguard against insider attacks and unauthorized access, fortifying the shared responsibility model in the cloud.

In my presentation, I will delve into these intricacies, providing valuable insights and real-world examples of what your cloud service provider can do, irrespective of your specific needs and/or preferences.

 

Event Recording
CISO Talk: Cloud as a Security Enabler
Nov 09, 2022

More organizations are now moving to the cloud.  From a security perspective – refactoring the applications provides a major opportunity to improve security posture.  This session explores how the right approach towards can save time, increase inherent security, and ensure apps are compliant.

Webinar Recording
A Unified Approach to Modern Data Protection
Jul 01, 2021

Data is the lifeblood of business and government. Therefore, data breaches can be devastating in terms of disruption, damage to reputation, remediation costs, and data protection fines. But the ongoing high number of breaches shows that what many organizations are doing to protect their data is not working.

Webinar Recording
Managing Risk through Cloud App Authentication and 360° Control
Jun 24, 2016
The easy availability of IT services delivered as cloud services together with the revolution in the range of devices that are used to access these services has created challenges for organizations in the areas of security and compliance. Employees and associates can use their personal cloud services to perform their jobs without reference to their employer. Line of business managers can acquire cloud services without performing risk assessment or considering the impact of these on compliance. To compound the problem mobile devices can be used to access these services from outside of the organizational perimeter anytime and anywhere.
Webinar Recording
Data Sovereignty in Public Clouds
Mar 27, 2020

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Webinar Recording
Assuring and Implementing Cybersecurity and Data Protection for Public Clouds
Oct 17, 2018

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the enemy could enter.

But things have changed substantially: The traditional security perimeter is proving to no longer be an effective cybersecurity control and fast-growing technologies, such as cloud, mobile and virtualization make the boundaries of an organization blurry. Protecting sensitive resources of modern organisations, which are becoming increasingly logically and geographically distributed, is becoming a challenge. Sensitive data and critical business processes need to be adequately protected, no matter where they are deployed and from where they are accessed. The perimeter has moved, and organizations need to move with it.