Why Transformation Requires Companies to Rethink Security

Article - IT
By Kelley Iuele|16th September 2022

Cloud Is Changing Security

As organizations everywhere journey to cloud, the very face of cybersecurity is changing. Or at least, say risk and security experts, it should be. In fact, if IT and security leaders don’t rethink security operations, particularly in today’s increasingly common multi-cloud environments, they could find themselves in the cloud and without a paddle, from a security standpoint. 

During a recent Meet the Boss roundtable panel, held in partnership with Palo Alto Networks and Deloitte, attendees discussed how cloud transformation is making it critical to adopt a different approach to cybersecurity. Executives from a variety of industries, including telecommunications, software, and pharmaceuticals, talked about their cloud and security challenges, and examined the important role security automation and orchestration plays. 

It’s Easy to Move to Cloud; It’s Harder to Be Ready for Cloud

One attendee on the panel, a director of cybersecurity for a multinational organization, made an apt characterization of the landscape many IT and security leaders are experiencing: “it’s easy to move to cloud. It’s hard to be technologically ready to move to cloud.” Other executives agreed, sharing how they’ve seen many applications in their organizations just “shifted and lifted” to cloud, without being re-architected for cloud.  

One of the thought leaders on the panel, a principal cyber risk executive from Deloitte, says without proper asset management, workloads will indeed just be moving into the cloud, which “starts to look a lot like a legacy environment where you’re not sure what’s running on what servers, and what data centers.” 

This can diminish the advantages and efficiencies of moving to cloud in the first place, and, as panelists attested to, costs can also spiral.  

Many organizations are inspired to move to cloud in part by the allure of cost savings, but recent research by Accenture shows that companies whose migrations are driven more by business value (as opposed to cost savings) actually see 2X greater cost efficiencies than those driven by cutting costs. The business value-driven groups also show greater likelihood to innovate. 

Security Automation is Key

To realize the efficiencies and avoid replicating the legacy environment in the cloud, the expert from Deloitte suggests automating the provisioning process to include “smart tagging” of assets as they’re created. He says, “that will go a long way to help you manage that much more effectively. But you have to start that pretty early in a given subscription. Or else you’re going back, and you have to retrofit.” 

Once the critical applications have been shifted, re-architected, and the client has gotten as automated as possible, the subject matter expert from Palo Alto says security can be approached in a new way – with more resiliency and efficiency. 

“You have a number of vulnerabilities. There’s malware that’s becoming much more aggressive,” says the security expert, but “being able to have the right posture to transition into the cloud, understand any unusual activity, and being able to respond, is some of the most important things you need to pay attention to as you go on this journey.” 

And it is a journey, getting to the cloud securely, and managing the environment through automation and orchestration. But a controlled approach to cybersecurity does create a faster, more resilient, more innovative organization. 

“Setting up the right rules and creating automation around them,” says the Palo Alto expert, “allows you to not only do things more efficiently and quickly but have predictability in terms of how the environment is protected.”  

“Your time to fix, your time to remediation, can be so much faster than it historically has been,” the Deloitte expert added. “Application cycle times to fix a vulnerability could have been eight months in the legacy world. It might be 24 hours in a modern, cloud-based native world.”  

So. How do you get started? Find the right partners and begin! “You eat an elephant one bite at a time,” the Palo Alto executive concluded. “Figuring out what’s the first bite, and then moving on to the next bite after that.” 

Hungry For More Insight?

Continue the conversation at an upcoming GDS Security Summit, where we bring together senior IT and security leaders who are actively seeking to share, learn, engage, and find the best solutions on the market.  

Or sponsor a future event! 88% of Solution Providers said the overall experience of the Digital Summit they attended was Above Average or Excellent and 88% of Solution Providers said they would be interested in sponsoring future events. 

Apply to Attend! 

Back to insights

Related content

IT
Article

Learning from leaders: Reflections on the CIO Summit

The role of the CIO is only getting tougher. But what is top of mind for IT leaders as we head into 2024?
Ben Thompson
Find out more
IT
Article

The GDS Summit attendee experience

What is a GDS Summit and how can attending help you to deliver success?
Sapphire Smith
Find out more
IT
Article

Chat GPT:Learnings from the first six months

OpenAI’s ground-breaking large language model is proving a game-changer for businesses everywhere. So, what have we learned thus far?
Ben Thompson
Find out more
IT
Article

Why do so many transformations fail, and what can you do about it?

We’re all transforming, to a greater or lesser extent. But that doesn’t mean we’re all doing it well. So what does good look like? And how do we avoid
Ben Thompson
Find out more
IT
Stories

Twilio build over $11 million in attributed pipeline through suite of GDS Experiences.

Find out more
IT
Article

Wrestling with data: How WWE built a data-driven empire

Best known for its superstar wrestlers and all-action entertainment, WWE has – quietly but surely – established itself as a true sports data and analy
Alex Wood
Find out more
IT
Stories

SecureWorks positions itself as a trusted advisor 

Find out more
IT
Stories

Pipeline generation and unlocking the c-suite for Deep Instinct

Find out more
IT
Article

Five Steps to Building a Resilient Enterprise: The Broadcom Perspective

We look at five steps for organizations to take to build more resilience as highlighted by Nicole Fagen, Director of AIOps and Automation at Broadcom.
Jade Gamlin
Find out more

Related events