If your SOC team is gearing up for a shift to the cloud in any capacity, it’s going to require a new way to think about and deploy cyber security practices. Securing physical data takes on whole new meaning when transferred to the cloud and IT professionals need to understand what the cloud IS, how it is structured, and the impacts to day-to-day cyber security roles and responsibilities.
VP of Content Development Karl Gossett shared these ideas and tips for cyber training with the Motor City ISSA Michigan Chapter membership recently.
Karl asked several thought-provoking questions that might be the same questions you’ve wondered about as well. It’s important to work through what these questions are so that we can gain more clarity on the complexity and ambiguity of the cloud and how it can impact you and fellow IT professionals.
- How well do you know your cloud provider and what it has to offer?
- What challenges does the cloud bring forth?
- What new demands do IT professionals need now?
- How do we train and build cyber competencies to work better (and more efficiently) in the cloud?
While the promise of the cloud is great, there are many nuances and details that impact IT professionals’ abilities to keep data safe in new environments like that.
“Transitioning to something new is always uncomfortable but I think it’s even more uncomfortable here because learning new technologies can be something that isn’t as enjoyable anymore since it’s in-demand by your company and you know that if you fail, that actually matters.”
Karl emphasized that if you can’t build components from scratch for the cloud, you’re likely going to be making a transition and it’ll be really challenging; not to mention complicated by an underlying architecture that you don’t control, with security that you don’t control, and in some cases don’t have visibility or understanding of how the architecture is protected. However, Karl concludes that while the cloud seems daunting, the grounding force of persistent cyber training is critical to keep information security professionals afloat during turbulent times.