• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
  • Hosts
  • Company
    • About
    • Careers
    • Contact

Cloud Security/ DevOps

The Unique Challenges of Companies Born in the Cloud

Bill Brenner March 9, 2022

There are stark differences between how to manage security policies for on-premises network environments and those that are 100% cloud-based. But many companies continue to struggle with those differences and have experienced plenty of pain as a result.

It’s a challenge Rich Mogull has spent years trying to help companies navigate.

Mogull, CISO at Firemon, recently appeared on Paul’s Security Weekly to discuss what cloud-based organizations need to consider if they are eying SASE and SD-WAN to expand network access for their users. The segment is sponsored by FireMon, whose compliance management tools create a proactive compliance posture that keeps ahead of violations instead of chasing after them.

Mogull discussed what he sees as the “democratization” of security:

“What used to be naturally centralized and gate kept has become a lot more distributed in the cloud,” Mogull said, adding that in today’s cloud environments, there is no more gatekeeping from the data center. The challenge is how to deal with privilege management, how to make sure one can engage with security teams across a vast array of siloes.

Watch the full episode to hear Mogull’s advice on how to navigate this strange, still-new world.

Beyond this Security Weekly discussion, Mogull has written a copious body of guidance for cloud security practitioners. In one such article, he offered the following recommendations for organizations struggling to keep security on the rails amid the massive shifts brought on by the pandemic:

  • Start by fixing cloud governance.
  • Speaking of governance, this is a great time to adopt the concept of the “security champion.”
  • Improve your cloud security visibility.
  • If you aren’t using multiple accounts to manage the blast radius of attacks, start now.
  • Level up your cloud-native incident response.
  • Perform a top to bottom review of your IAM/RBAC implementation and tighten it up.

Click the link and read the full explanation for each bullet point.

Visit https://securityweekly.com/firemon to learn more about Firemon, and visit https://www.securityweekly.com/psw for all the latest episodes of Paul’s Security Weekly.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related Posts

SWG

Cloud Security /

Preventing Criminals from Using Cloud Applications to Inject Chaos Into Work Environments

web-application-firewall-comparison-696x423

DevOps /

Building a More Secure AppDev Process

Binary data wave

Cloud Security /

Making the Case for Supply Chain Behavior Transparency

‹ Ransomware Damage Claims Driving Insurance Hikes

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS feed RSS - Posts

Search

Latest Tweets

Tweets by @secweekly
© Security Weekly 2022
Powered by WordPress • Themify WordPress Themes