Oh good, 2-factor authentication at 9am | Cloud Core
- The Zero Trust approach
- Case Study: Assessing Your Security Posture Using the Zero Trust Approach
- Shared responsibility and cloud
- Shared Responsibility & AI: What Should Your Business Be Doing
- What AI can do for cybersecurity
- 🔮 What are your plans for October 2030, by the way
- 💥 Get insights from top tech leaders
- 📢 Cloud quote of the month
- 📰 What we’ve been talking about this month
- 🗓️ Some dates for your diary
- 🎧 Something to listen to in the home office
The airport security line is probably not your happy place.
And putting in your 2-factor authentication at 9am? Probably not the highlight of your workday.
Security procedures in our daily lives tend to feel somewhere between mildly irritating and all-out stressful.
Still - we’ve been thinking about security because October is Cybersecurity month. So for this edition of Cloud Core, we’re talking security in cloud.
And let’s start off with a question we hear all the time: “Is cloud or on-prem more secure?”
It’s a common misconception that assets are more vulnerable in public cloud than on-prem. The cloud actually protects your assets from cyber-attacks better than on-prem solutions do. This is because hyperscalers have better technologies and processes to protect servers than most businesses have.
We’ll look at some of these now. And while I can’t promise it’ll be the highlight of your workday either, there’ll be no complicated password resets or manic repacking of suitcases involved.
The Zero Trust approach
Zero Trust is the default methodology for public cloud - and is one reason public cloud enhances your security posture compared with on-prem.
It involves doing away with implicit trust and, instead, constantly validating every level of digital connection to safeguard your organisation. Zero Trust has 3 core pillars:
- Never trust, always verify – use all available information points to evaluate access
- Enforce least privilege access – by limiting access to the absolute minimum needed to do the task at hand
- Assume breach – reduce the explosion radius using telemetry and micro-segmentation, and have the essential processes in place to respond
To learn more about how Zero Trust implementation works, including where to start, check out this blog post. It walks you through a case study about the work we did on this with a large Finnish manufacturing company.
Case Study: Assessing Your Security Posture Using the Zero Trust Approach.
We’ve been working with companies to analyse and assess their cloud environments then provide actionable insights to improve their Zero Trust posture.
Shared responsibility and cloud
Knowing who’s responsible for things like cybersecurity, regulatory compliance, and environmental impact in cloud can be confusing - especially once you start integrating AI.
Google Cloud, Microsoft and AWS have a “shared responsibility model” that generally describes where their responsibility as the hyperscaler lies - because hyperscalers are responsible for certain security elements, and users are responsible for others.
Businesses therefore need to know what they should be doing when it comes to shared responsibility and AI. This blog looks at how businesses can create a responsible cloud strategy and some of the most important considerations when bringing in AI services.
Shared Responsibility & AI: What Should Your Business Be Doing?
When integrating artificial intelligence and other cloud services, issues around the shared responsibility for things like cybersecurity, regulatory compliance, and environmental impact can be confusing. Don’t worry, we have you covered.
What AI can do for cybersecurity.
Cloud-based, AI-driven cybersecurity services can provide enhanced protection to businesses by leveraging machine learning and advanced algorithms - it’s why they’re already beginning to play a major role in cybersecurity.
Two examples of where AI-driven cybersecurity can be effective are:
- AI-powered identity services
- AI network security
We discuss these and some of the specific AI-based security solutions you can use to combat advanced cyber attacks in cloud environments in this blog. You can give it a read.
🔮 What are your plans for October 2030, by the way?
Cybersecurity month 2030, of course.
But what will things look like by then?
We’ve pulled out our crystal ball and pulled this prediction blog, where we’ve tried to be smart and give our best stab at what data protection will look like in 2030. Things like:
Expect new regulations with heavier fines if you don’t comply.
Innovations like AI and IoT raising new privacy concerns, making it harder to protect personal data.
Countries tightening control over data, requiring businesses to store and manage information locally.
💥 Get insights from top tech leaders
The dust has settled now, but we had a blast at The Cloud Revolution Summit, a live online event we hosted on 18 September.
If you couldn’t attend the event, had to miss it or simply want to revisit the magic, we’ve got the highlights, the most compelling insights and recordings of the 3 main panels for you here:
See what the Cloud Revolution Summit was all about.
📢 Cloud quote of the month
“Getting the right data to the right person is crucial. In Formula 1 we collect data to solve problems. That’s why during a race, we need to present the performance engineer with performance data and – crucially – not with reliability data.
Collecting the data is one thing, but to solve the exact problem at hand, we also need to be giving the right data to the right people at the right time.”
Just one of the great insights we took away from Formula 1's Mika Häkkinen and Gary Foote during the first session of The Cloud Revolution Summit.
📰 What we’ve been talking about this month:
🔮 Defend Today Secure Tomorrow: The European Cybersecurity Month 2024 event
🫥 In Venezuela, AI news anchors aren’t replacing journalists. They’re protecting them
☁️ Eight Emerging Trends Shaping The Future Of Cloud Computing
🌱 Oracle launches a new sustainability app for Fusion Cloud EPM
👨💼 The Biggest Cloud Trends For CISOs
🗓️ Some dates for your diary:
Microsoft AI Summit
Transform your AI and Cloud Strategy – meet our experts at one of the Microsoft AI Summit Sweden locations to explore how to leverage AI and the cloud
🇸🇪 15 Oct - Gothenburg. See you there.
🇸🇪 25 Oct - Stockholm. See you there.
8-10 Oct - Vienna: Kubernetes Community Days Austria
3-day technical event loaded with talks and networking opportunities for developers, platform people and other IT professionals interested in cloud native technologies. Don’t miss it.
Cloud Training.
8-10 Oct - Virtual: Security Engineering on AWS. Register here.
29-31 Oct - Virtual: Architecting on AWS. Register here.
5-7 Nov - Virtual: Cloud Operations on AWS (formerly Systems Operations). Register here.
12-13 Nov - Virtual: FinOps Certified Practitioner. Register here.
12-14 Nov - Virtual: Advanced Architecting on AWS. Register here.
19-21 Nov - Virtual: Security Engineering on AWS. Register here.
26-28 Nov - Virtual: Architecting on AWS. Register here.10-12 Dec - Virtual: Cloud Operations on AWS. Register here.
🎧 Something to listen to in the home office
Here. In case I stressed you out just mentioning airport security.
Thanks for reading,
I’ll be back with more fresh thoughts next month.
Get in Touch.
Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.