The security and cloud balance is less of an issue now, as security becomes a boardroom issue.
Speaking on a panel at the Rackspace Solve conference in London, chair Duncan Brown, research director of European Security at IDC, said that security has gone beyond being a problem for the IT department to being a business challenge these days, and one of the conundrums is balancing the idea of cloud and its benefits with the perception of it not being secure.
Brian Kelly, chief security officer at Rackspace, said that he did not believe that the sky was falling in, but the volume of attacks is increasing and the tools are easy to use in the underground. “We are seeing companies be more transparent on attacks when years ago it was more hush hush, and it gives the appearance of it happening at a much greater scale,” he said.
Doug Davidson, global head of cloud security offers and UK cyber security CTO at Capgemini, said that organizations have adopted cloud and are aware of the need to adopt the risk to get an advantage, as others are asking about it and know they should do something about it, but are hesitant to invest but want to mature.
Speaking on the topic of what is needed to be done to better educate boards on cybersecurity issues, Davidson led by saying that we need business speaking to security advisors as we talk now about risk and the impact on them, and often they are baffled by the language used and switch off. “So you have got to be personal and relevant to you and of value,” he said.
Asked what boards should be doing, Kelly said: “What we do at Rackspace and other places I have worked is we bring outside experts in, as we don’t want to be dependant on me and offer a different perspective.”