Rapid7: How can CISOs embrace the cloud?
recently released a free guide, that details the benefits of cloud computing, describing it as “one of the great transformational shifts in corporate information technology”. However, drawbacks remain: cloud may allow businesses to manage their IT needs in countless new ways - some of them great, but some of them terrible. Rapid7 says this is what some CISOs fear.
The report says for a CISO to embrace the cloud fully and wisely, then, he or she needs to master two roles:
- They must participate as part of the team that evaluates cloud providers—bringing the proper security expertise to the finance and business executives eager to use the cloud.
- The CISO in question must also know how to evaluate the security of cloud services.
The guide discusses the importance of collaboration that will drive all decisions to use the cloud in the organisation, or in other words: “harmonising the three voices”. The operations team that has a specific need it wants to solve via the cloud; the finance team that wants to weigh the costs and savings; and the security team concerned about risks.
One of the main takeaways from the guide is on the topic of asking the right questions, this section is packed with useful information, and of course questions you need to be asking.
“While you certainly need to collect a lot of information and ask some pointed questions for a thorough evaluation, it’s helpful to start the assessment with simple open-ended questions that illuminate the provider’s approach to security.”
Rapid7 is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Its analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,200 organizations across more than 110 countries, including 38% of the Fortune 1000.
Confluent announces new private cloud building platform
Confluent, a platform that sets data in motion, today announced Confluent for Kubernetes, the first platform purpose-built to bring cloud-native capabilities to data streams in private infrastructures.
Confluent for Kubernetes allows platform teams to bring much of the same cloud-native experience found within Confluent Cloud to their self-managed environments while enabling operations teams to retain control of their data and infrastructure. As a cloud-native solution, Confluent for Kubernetes helps achieve faster time-to-value and reduce operational burdens with a fully elastic and scalable cloud-native experience in private infrastructure.
“To compete in the digital realm, organisations need to quickly deliver personalised customer experiences and real-time operations, which are only possible with access to data from all environments and cloud-native advantages,” said Ganesh Srinivasan, Chief Product and Engineering Officer, Confluent.
“For organisations that need to operate on-premises, we’re bringing the benefits of cloud computing to their private infrastructure with Confluent for Kubernetes. Now, any company can build a private cloud service to move data across their business regardless of its environment.”
How can Confluent for Kubernetes help?
Organisations who are transitioning to the cloud or who need to keep workloads on-premises can use Confluent for Kubernetes’ cloud-native capabilities, including a declarative API to deploy and operate Confluent. According to the company, the platform also makes moving applications to the public cloud easier by ‘seamlessly migrating workloads to wherever your business needs them with the ability to connect and share data with Confluent Cloud’.
Enhanced reliability – As a cloud-native system, Confluent for Kubernetes detects if a process fails and will automatically restart processes or reschedule as necessary. Automated rack awareness spreads replicas of a partition across different racks, improving the availability of your brokers and limiting the risk of data loss.
Automated elasticity – Meet changing business demands with the ability to scale up using API-driven operations. The platform will automatically generate configurations, schedule and run new broker processes, and ensure data is balanced across brokers so that clusters can be efficiently utilised.
Simplified infrastructure management – Confluent for Kubernetes extends the Kubernetes API, enabling organisations to define the desired high-level state of clusters rather than manage all the low-level details. This infrastructure-as-code approach reduces the operational burden and achieves a faster time to value, while enhancing security with standards that can be easily and consistently deployed across an organisation.