How do you plan security in a constantly evolving cyber security environment in a cloud & digital journey, relating to CNI and non-CNI context?

Cloud
4.1k viewscircle icon2 Comments
Sort by:
Director of IT in Energy and Utilitiesa year ago

Start with defense in depth and go from there

Director of IT in IT Servicesa year ago

We have Implemented adaptive security measures for resilient protection in both on traditional workloads and cloud native workloads.

Content you might like

We’re currently exploring options to implement an iPXE-based WinPE deployment solution in Microsoft Azure. Our goal is to streamline OS provisioning for virtual machines using cloud-hosted boot scripts and WinPE images, ideally over HTTP/S for performance and flexibility. Key requirements: Must support iPXE booting in Azure (via ISO, custom VM image, or chainloading). Ability to host and serve WinPE images securely (e.g., via Azure Blob Storage or web server). Cyber Essentials Plus compliance is essential, as we operate in a regulated environment. Preferably a UK-based provider with experience in secure cloud deployments and endpoint provisioning. We’ve looked into solutions like 2Pint Software’s iPXE Anywhere, but we’re open to other vendors or managed service providers who can assist with setup, integration, and ongoing support. Has anyone implemented a similar solution or worked with a provider who meets this criteria? Any recommendations or lessons learned would be greatly appreciated.

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Read More Comments

Does your organization leverage an Enterprise Architecture Solution/Tool for EA Practice?

Yes77%

No17%

We are in the process of selecting an EA tool7%

View Results

How is your company currently utilizing edge computing?

Production data analysis19%

Equipment data analysis (capacity, etc.)59%

Part of overall equipment effectiveness analysis16%

Other (share below)4%

View Results

Our organization is implementing an Internal Developer Platform (IDP) to enable self-service infrastructure provisioning, and we're evaluating Terraform Cloud workspace management strategies.  We're debating between: - VCS-driven approach: Repository-based workspace management with GitOps workflows - API-driven approach: Programmatic workspace creation and management via Terraform Cloud APIs Specific Questions: - Which approach have you found more effective for true self-service at scale? - How do these approaches handle multi-tenancy and isolation requirements? - What integration challenges did you encounter with developer portals/service catalogs? - How did your choice impact developer adoption and platform team operational overhead? Would love to hear about your real-world experiences, particularly around the trade-offs you discovered post-implementation.