CSA Congress: Cloud security achieved through sound policy, says Symantec chairman

“Don’t fight mother nature”, warned Thompson when asked a question on how IT pros should think about migration to the cloud. “This is the evolution of our industry”. In response he recalled historical evidence that IT has fought the implementation of each previous transition in enterprise technology.

“What I argue is embrace the change, and manage the change. Make it work in a way that is appropriate for you and your business.”

The key, he said, is not protecting the network or device, although these still remain important points. It’s really about protecting the information itself, regardless of the device it resides on or the network it traverses.

Thompson said he was surprised to learn, through internal Symantec surveys, that larger companies are more likely to be considering migration to public clouds, and not small to medium-sized businesses. Still, noted the Symantec chairman, the most significant concerns among those polled is security and compliance “with a degree of confidence and vigor”.

Regardless, Thompson asserted that cloud security concerns are in line with exactly the issues that security professionals have been dealing with for nearly the last two decades.

“The one variable that will not change is the human factor”, Thompson commented. “We must work with our business partners across the enterprise to deal with this issue, which we have not done a good job of over the last 20 years.”

“Certifications will be the bedrock of determining whether service providers will be able to meet not only their service-level agreements, but the compliance and regulatory issues” that are on the minds of so many security professionals, he added.

Closing his remarks, Thompson reiterated: “This is less about a particular type of technology, and more about people working together.”

What’s Hot on Infosecurity Magazine?