Rapid7: How can CISOs embrace the cloud?

By Evelyn Howat
Chief Information and Security Officers should be embracing cloud computing wisely rather than fearing it, says Rapid7...

Rapid7 recently released a free guide, ‘The Cloud: How CISOs Can Embrace It (Wisely), Not Fear It’ that details the benefits of cloud computing, describing it as “one of the great transformational shifts in corporate information technology”. However, drawbacks remain: cloud may allow businesses to manage their IT needs in countless new ways - some of them great, but some of them terrible. Rapid7 says this is what some CISOs fear. 

 

The report says for a CISO to embrace the cloud fully and wisely, then, he or she needs to master two roles:

  1. They must participate as part of the team that evaluates cloud providers—bringing the proper security expertise to the finance and business executives eager to use the cloud.
  2. The CISO in question must also know how to evaluate the security of cloud services.  

The guide discusses the importance of collaboration that will drive all decisions to use the cloud in the organisation, or in other words: “harmonising the three voices”. The operations team that has a specific need it wants to solve via the cloud; the finance team that wants to weigh the costs and savings; and the security team concerned about risks.

One of the main takeaways from the guide is on the topic of asking the right questions, this section is packed with useful information, and of course questions you need to be asking.

“While you certainly need to collect a lot of information and ask some pointed questions for a thorough evaluation, it’s helpful to start the assessment with simple open-ended questions that illuminate the provider’s approach to security.”

About Rapid7

Rapid7 is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Its analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,200 organizations across more than 110 countries, including 38% of the Fortune 1000.

Download ‘THE CLOUD: HOW CISOS CAN EMBRACE IT (WISELY), NOT FEAR IT’ free here.

Rapid7 was featured in June’s edition of FinTech Magazine which can be read here. 

Share

Featured Articles

Executive Q&A with CEO Guy Levy-Yurista of Synthace

Chief Executive Officer of Synthace, Guy Levy-Yurista, Ph.D, shares how the cloud-based Sythnace is changing the game for scientists within R&D

Executive Q&A with Shuki Licht, SVP & CIO, Finastra

As SVP and Chief Innovation Officer Shuki Licht discusses life at Finastra, a provider of financial software applications, open-platform and marketplaces

Profits continue to soar for Belfast-based IT firm Kainos

Kainos sales grew by 29% from £235m to £303m, as reported in the financial year ending in March 2022. Major clients include the UK government and the NHS

Executive Q&A with Ciaran Dynes, CPO of Matillion

Cloud & Cybersecurity

Executive Q&A with Tom Homer, President, GTT

Enterprise IT

Trailblazer: Genevieve Bell - a leading mind in cybernetics

AI & Machine Learning