Jul 12, 2021
Guests:
- Phil Venables (@philvenables), Vice President, Chief Information Security Officer (CISO) @ Google Cloud
- Dave Hannigan, Director, Financial Services Security & Compliance @ Google Cloud
Topics:
- As a CISO, would you ever decide to use multiple clouds, if it were in your hands?
- How is security typically considered when companies go multi-cloud in their approach?
- Practically, or operationally, how does one think through securing multiple public cloud environments?
- What are the top challenges here? Different controls? Lack of tools? Confusing process? Skills on the team?
- Would you always buy security tools from a 3rd party (not a CSP) if you have to cover more than one cloud provider?
- Anything to add about compliance across multiple clouds?
- What is the best approach for
securing multiple SaaS services that your company uses?
Resources:
- “IDC: A multicloud strategy can mitigate regulatory, business risks”
- “Anthos security”
- SANS papers on securing multiple clouds (example)