Speaking at an online conference, a panel of cybersecurity professionals described the proliferation of measures to secure cloud environments, including data log analysis, risk assessments, single sign-on and two-factor authentication
, and likened it to a buffet, StateScoop
Sol Bermann, chief information security officer at the University of Michigan, noted that securing cloud-based systems also requires a big group effort. "There's a shared responsibility, getting the community to understand what part of the pie they're responsible for," Bermann said.
Meanwhile, Las Vegas Chief Innovation Officer Michael Sherwood said an organization's maturity becomes a factor as it brings in more cloud security tools, recalling his local government's difficulties in managing a hybrid cloud and on-premise infrastructure and the issues that emerged because of the raised risk for error, namely the cybersecurity incident that occurred in January last year.
"When you start adding on-prem, hybrid, all the different logs and frameworks, the chances for error multiply," Sherwood said.
Shane Barney, CISO of U.S. Citizenship and Immigration Services, noted that organizations need to approach cloud differently than they do on-premise systems.
"It's so radically different from anything you'll see on-prem. The data flow coming at you, it's impossible for any group of people to comprehend," Barney said.