• Clueless in the cloud – think before you act

    26 Apr 2013

    A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing. 

    Two things are certain:

    1. If you’re lucky enough for your business to be around for the long haul, odds are that it’ll ultimately be hit with a lawsuit or a breach in some capacity, some way, that will involve a cloud provider. And…
    2. Your cloud providers won’t be prepared to help you out. At least in the foreseeable future.

    In an era where cloud providers still believe “security” is a SSAE 16 checkbox, we’ve got a looong way to go before they’re going to be in a position to help us in even greater capacities such as these. They simply don’t have the means nor the incentive.

    I can’t stress this enough: unless you want to appear foolish, think through the security, legal, and business aspects of cloud computing before you fall for the marketing hype and jump on the bandwagon.

    I’ve written pieces with more insight and prescriptive cloud advice here. Take it slow and good luck.

Resources

view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

For your convenience I accept