Public clouds have fundamentally changed the way organizations build, operate, and manage applications. Security for applications in the cloud is composed of hundreds of configuration parameters and is vastly different from security in traditional data centers. According to Gartner, “Through 2020, at least 95% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities.”
The uniqueness of cloud requires that security teams rethink classic security concepts and adopt approaches that address serverless, dynamic, and distributed cloud infrastructure. This includes rethinking security practices across asset management, compliance, change management, issue investigation, and incident response, as well as training and education.
We interviewed several security experts and asked them how public cloud transformation has changed their cloud security and compliance responsibilities. In this e-book, we will share the top 10 best practices discovered during our research.