Monday, October 2, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • 9 Secrets Management Strategies that every company should adopt
  • DEF CON 31 - Joseph Gabay’s ‘Warshopping- Phreaking Smart Shopping Cart Wheels Through RF Sniffing’
  • How to Stop Phishing Attacks with Protective DNS
  • Choosing the Unified SASE Provider: The Execution Isolation Factor
  • Seceon Announces aiXDR-PMax at DattoCon23
Cloud Security Security Bloggers Network 

Home » Cybersecurity » Cloud Security » Security Controls: The Key to Ensuring ‘Security in the Cloud’

SBN

Security Controls: The Key to Ensuring ‘Security in the Cloud’

by David Bisson on April 29, 2018

Organizations face a number of security challenges when migrating to the cloud from on-premise data centers. Their work isn’t done once they’ve completed the move, either. At that stage, enterprises must decide on the best approach to fulfill their end of the Shared Responsibility Model and ensure “security in the cloud” with respect to protecting their data.

AWS Builder Community Hub

Before enterprises implement a single security measure, they should first make sure that their cloud security decisions align with the business. TAG Cyber LLC’s CEO Edward Amoroso couldn’t agree more:

“I would recommend that you carefully match up your cloud security architecture with the business function being supported. If, for example, a public cloud is being used to support marketing and social networking initiatives, then digital risk monitoring and enhanced authentication might be sufficient. If, on the other hand, critical business functions are being virtualized to cloud, then cloud access security broker (CASB) support, micro-segmented protections, and end-to-end encryption might be appropriate choices.”

From this business-centric focus, organizations can begin to consider implementing security controls in their cloud environments. Tim Erlin, VP of Product Management & Strategy at Tripwire, thinks they should make sure to define those requirements on the required controls only. He doesn’t believe they should use specific technology as their reference point.

“Organizations should define their security requirements based on the required controls, not specific technology,” explains Erlin. “In too many cases, cloud security controls are selected and deployed based on the availability of the technology instead of the real, risk-based requirement. The same controls are generally required for public, private, and on-premise systems. The definition of necessary controls shouldn’t rely on the technology as the starting point. Multi-cloud is a reality today; it’s a trend that’s on the rise. Building security controls around a single cloud (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/security-controls-cloud/

April 29, 2018April 30, 2018 David Bisson Cloud, security, Security Controls
  • ← Risk Assessment and Identifying Vulnerabilities in Your PKI Management
  • The Shared Security Weekly Blaze – Child Identity Fraud, Tech Support Scams, Amazon Key In-Car Delivery →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Tue 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Wed 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Mon 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Tue 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Wed 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Thu 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Tue 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Tue 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm
Thu 26

How to Shift Left the Right Way

October 26 @ 3:00 pm - 4:00 pm
Mon 30

Zero-Trust

October 30 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

China-Backed Hacks of Cisco Routers Worry Feds — BlackTech Revenge?
Exabeam Brings Generative AI to SIEM Platform
Federal Shutdown Raises Cybersecurity Risks, Experts Warn
Cryptomining Attacks: The Stealth Threat to Your Cloud Security
US: China’s BlackTech Group Hacks Cisco Firmware in Cyberattacks
DEF CON 31 – Joseph Gabay’s ‘Warshopping- Phreaking Smart Shopping Cart Wheels Through RF Sniffing’
What You Need to Know About the libwebp Exploit
Methods To Protect Yourself From Identity Theft
2023 OWASP Top-10 Series: API10:2023 Unsafe Consumption of APIs
Y Combinator’s Summer 2023 Cybersecurity, Privacy, and Trust Startups

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

Don’t Say ‘Skynet’ — NSA’s AI Security Center is New Hub for Agency Efforts
AI and Machine Learning in Security AI and ML in Security Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Editorial Calendar Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight IOT IoT & ICS Security Malware Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Don’t Say ‘Skynet’ — NSA’s AI Security Center is New Hub for Agency Efforts

October 2, 2023 Richi Jennings | 7 hours ago 0
CISA Rolls Out a HBOM Framework to Secure Hardware Components
Cloud Security Cybersecurity Featured Industry Spotlight Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

CISA Rolls Out a HBOM Framework to Secure Hardware Components

September 29, 2023 Jeffrey Burt | 3 days ago 0
Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data
Cyberlaw Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight News Security Boulevard (Original) Spotlight 

Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data

September 28, 2023 Jeffrey Burt | 4 days ago 0

Top Stories

Threat Groups Accelerating the Use of Dual Ransomware Attacks
Analytics & Intelligence Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Threat Groups Accelerating the Use of Dual Ransomware Attacks

October 2, 2023 Jeffrey Burt | 7 hours ago 0
Network Security Firm IronNet Ends Operations, Plans for Bankruptcy
Cloud Security Cybersecurity Data Security Featured Network Security News Security Boulevard (Original) Spotlight 

Network Security Firm IronNet Ends Operations, Plans for Bankruptcy

October 2, 2023 Jeffrey Burt | 8 hours ago 0
Survey Sees More Cyberattacks Targeting APIs
Analytics & Intelligence Application Security Cybersecurity Featured Incident Response Malware News Security Boulevard (Original) Social - Facebook Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Survey Sees More Cyberattacks Targeting APIs

October 2, 2023 Michael Vizard | 11 hours ago 0

Security Humor

Randall Munroe’s XKCD ‘Factorial Numbers’

Randall Munroe’s XKCD ‘Factorial Numbers’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.