Cloud security must switch from short term reactions to strategic planning

clock • 3 min read
Cloud security must switch from short term reactions to strategic planning
Image:

Cloud security must switch from short term reactions to strategic planning

Greg Day of Palo Alto warns not to forget about security in the face of disruption

Companies have adopted cloud working en masse over the last 18 months, but many neglected important practices in the speed of transition. In some cases, worryingly, it is security that has been left to play catch-up - and firms that don't take the time to re-assess their new cloud environment will pay the price in the long run.

"My advice to businesses is to switch from short term reactions to strategic planning when it comes to cloud cybersecurity," says Greg Day, VP & CSO EMEA at Cloud Excellence Awards finalist Palo Alto Networks. "Invest in capabilities that can evolve with you from that lift and shift stage through to when you recodify cloud processes. Make sure these capabilities can span right from the start of any CI/CD process, too - from infrastructure as code security controls all the way through to live monitoring, segmentation using a zero trust approach, and ensure ongoing visibility and compliance governance across hybrid & multi cloud environments.

"This continuing migration at pace will have led to security gaps, and we're likely to see more cloud security incidents until the shifts are completed and stability resumes, at least for a while."

Greg Day
Greg Day

Day's mention of zero trust comes at an opportune time; the topic is very much in the limelight this year, with perhaps the most prominent announcement coming straight from the White House. He continues:

"It's something we've been championing for several years now, helping our customers lay the foundations for this kind of architecture. This year we'll be putting a renewed focus on this area, showing organisations how to reach the holistic and consistent approach zero trust demands across all key domains: users, applications and infrastructure."

So that's the future. But what has Palo Alto been working on for the last year, which has propelled them to the shortlist of the Cloud Excellence Awards? Quite a lot, to hear Day tell it: the company has doubled its major product releases in the last financial year, as well as acquiring and integrating four separate companies (Bridgecrew, Expanse, The Crypsis Group and CloudGenix).

"I was also proud of the way the company responded to the pandemic. We needed to ensure we could enable our customers to work securely no matter where they were, enhancing the user experience whilst ensuring cybersecurity aligned to the increasing diversity of risks.

"We introduced a programme called FLEXWORK, which was all about employee choice rather than employer choice, in terms of work location, benefits, and training, in recognition of the fact that ‘one size fits all' just wasn't the way to go.

"It was positive to see other companies showing an interest in this people-centric approach to the future of work too, leading to the FLEXWORK Coalition being established in October 2020, including the likes of Box, Splunk, Uber and Zoom."

Day, and the rest of Palo Alto, is looking forward to the Cloud Awards later this week; not only to (hopefully) celebrate a win, but to see how peers are handling the rapid changes in the cloud landscape that are a result of the pandemic.

"It's important that we all take time to understand best practices when it comes to true cloud excellence and learn from each other across industries, so this is a great opportunity to hear from peers about what's enabled them to drive success."

The Cloud Excellence Awards take place this Thursday, the 23rd September, at the Montcalm Marble Arch in London. We'll see you there - or click here to reserve your space now.

You may also like
SonicWall snaps up zero-trust firm Banyan

Mergers and Acquisitions

Second acquisition for SonicWall in two months

clock 03 January 2024 • 1 min read
'You have to encrypt everything': Public sector security in the zero-trust age

Public Sector

Years of high-profile breaches have spurred movement – at least overseas

clock 18 December 2023 • 3 min read
Interview: Assurestor, Cloud Excellence Awards Winner

Cloud Computing

'This win validates us in our position as a service-driven business, completely laser-focused on protecting business data, through partnerships with our hand-selected resellers'

clock 23 October 2023 • 4 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Epic Games hacker isn't a hacker, at all

Epic Games hacker isn't a hacker, at all

Describe themselves as 'criminal geniuses'

Tom Allen
clock 05 March 2024 • 2 min read
IT Essentials: LockBit and load

IT Essentials: LockBit and load

They fought the law, and the law won - for now

Tom Allen
clock 26 February 2024 • 2 min read
Law enforcement takes down LockBit - updated

Law enforcement takes down LockBit - updated

NCA among the groups under 'Operation Cronos'

Tom Allen
clock 20 February 2024 • 2 min read