Google Cloud Chief Information Security Officer Phil Venables noted that proper implementation of identity and access management is most crucial for CISOs looking to bolster the security of their cloud systems, reports VentureBeat
Adopting IAM tools would enable granular-level access to cloud resources and guarantee proper access controls, while implementing zero-trust
, which places access controls to individual processes, would ensure increased security among users even without remote-gateway VPNs, according to Venables. Threat intelligence acquired from cloud security incidents that happened in other organizations should also be considered by CISOs in strengthening their organizations' cloud security posture.
Aside from being aware of threat intelligence trends, CISOs should also enlist cloud providers focus on threat intelligence. Meanwhile, the growing prevalence of multiple cloud systems should prompt CISOs to ensure the protection of data within their various systems.
"It's an even bigger challenge to assure the mitigation of other risks across resilience, compliance, privacy, data governance and other domains. As a result, CISOs should think comprehensively about their cloud security strategy and look at their cloud architecture as a whole versus in silos," Venables added.