Social Network For CISO (Chief Information Security Officers)
At CISO Platform Annual Summit 2017, we had a panel discussion on the topic of Key Security Tools and Controls for Cloud, including industry stalwart like Shailendra Kothavale (Head-Risk Manager, Birla Sunlife Insurance Co. Ltd.), Ramesh Kauta (Research Partner, DSCI), Guru (CTO, Processware Systems), Raghavendra Bhat (Head of Security Validation and Testing India, SAP Labs), Ambarish Singh (Sr. Manager IS, Flipkart), Akhil Verma (CISO, Fincare), Sanjay Kharb (Vice President- Engineering, Ola cabs), and Shobha Jagathpal (Security Manager, Walmart Labs)
Key Learning -Key Security Tools and Controls for Cloud
1- Ensure that all the system infrastructure (Operating System, Databases) are up to date with the latest patches from the manufacturer
2- There are plenty of open source tools available to ensure data security
3- Periodic security audits will help the organisation
4- Cloud provides a significant challenge in regulating access to data
5- Enterprises should allocate budgets towards implementation of security.
6- Security can be achieved if it is done with the user community.
7- Not many security services are cloud ready and deployed
8- For the ones on cloud, each organisation has process look after the cloud environment
9- Some use the cloud service providers and depend on their offerings
10- It’s important to read the contracts before signing with cloud providers and ensure the organisation specific requirements are taken care of
11- Security aspects for the cloud should be taken care at multiple layers