Have you hired any staff specifically for cloud security?

Cloud Security & GRC

Yes - one29%

Yes - multiple55%

No, but we might in the future11%

No2%

Not sure

307 PARTICIPANTS

3.4k views1 Comment

Sort by:

Group Director of Information Security in Banking2 years ago

'Cloud security' is a term which now encompasses lots of skillsets. Skillsets that now need to be considered are:
1. Securing cloud accounts / subscriptions requiring knowledge of the security and reliability pillars of 'Well Architected Frameworks'.
2. Tools that secure the boundaries of cloud accounts/subscriptions i.e. Firewalls, WAFs, Micro segmentation, CASB/CAASM etc.
3. Knowledge of security best practices for workloads and shared responsibility model for IaaS, PaaS, SaaS etc.
4. Knowledge of secure software development lifecycle (S-SDLC) if you intend to engage with active software development on the cloud platform.
While you consider hiring the staff, chances of one guy having knowledge of all of the above and more should be considered. I know I haven't answered your poll query but thought of highlighting the complexities behind hiring decisions related to 'cloud security'.

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What is the best security course you have completed?

CISSP30%

CISM33%

CEH9%

Security+11%

SSCP4%

Other12%

View Results

What are the most important strategies organizations should use to protect against malicious actors in the cloud?

Implement Multi-Factor Authentication21%

Use Encryption57%

Monitor and Log Activity14%

Implement Security Policies4%

Educate Employees3%

View Results

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Have you hired any staff specifically for cloud security?

Sort by:

Content you might like

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What is the best security course you have completed?

What are the most important strategies organizations should use to protect against malicious actors in the cloud?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Writing brings clarity of thought. When did you last publish a article or post to articulate learnings?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

DevSecOps: Strategies, Organizational Benefits and Challenges

Green Cloud Computing

Omnicloud: The Future of Cloud Computing?

How are U.S. CISOs Addressing Liability Risk?

Take Your Insights On-the-Go