Skip to content

Cloud Computing and Security

In a recent conversation with a potential employer I was being interviewed by, I was asked about my thoughts on cloud computing and cloud security.

Before setting off on my carefully scripted answer to this softball question that very few people really even understand much less could ascertain a useful answer, I asked the security team panel if they were familiar with the Cloud Security Alliance ( ) and the industry guidance documents in the space by them and others such as IBM, Intel, etc.

Now this is a Fortune 500 company and I was outright shocked that though they were asking this question, not a single one of them even knew of the CSA or any industry guidance documents in this volatile and unpredictable space.

More importantly, they didn’t really have any idea what they were going to do about it. Now I can the rush to the keyboard to type “but that is what they’re hiring a CISO for,” but before you crucify me let me add that these folks have had a couple CISOs before me and are charging into the cloud as we speak.

My point here is that you don’t have to be a CISO to be a professional and understand what is going on in the industry. You can’t show up at a security conference these days without seeing a cloud security session somewhere, even ASIS International,, the Traditional Security Management association has had quality cloud sessions the last couple years.

Posted in

Dave Tyson

Dave Tyson is the Managing Partner of CISO Insights Cyber Security Risk Advisory. Tyson has served as CISO and security leader at organizations including SC Johnson, Nike, PG&E, eBay, and as chairman and president of ASIS. Contact:, (408) 464-5310.

Leave a Comment

Ready to Get Started?

Click on the button below to take the first step towards securing your organization against cyber security threats.

Does the new Chinese Cybersecurity law Increase Your Manufacturing or Supply Chain Risk?

That is the question business leaders are asking themselves across the world in light of the new version of China’s ...
Read More
Marketing Meeting

The Top 3 Cyber Security Risks Every Chief Marketing Officer Should Care About

The Chief Marketing Officer (CMO in many organizations) is on the front lines of two of the largest battle fronts ...
Read More

Digital Comes of Age

For the past millennia or so, the traditional approach to securing assets has been the utilization of a castle mentality. ...
Read More
Paradigm Shift

A True Paradigm Shift in Security Management

"Cyber Security 1.0" was vulnerability based, and has what I would argue limited and decreasing levels of success as public breaches ...
Read More
Geek Shall Inherit the Earth

The Geek Shall Inherit the Earth………..

At least according to Microsoft a few years ago, and if that’s true then the earth will be led by ...
Read More
IT Security for Physical Security Pro

IT Security for the Physical Security Professional

One of the greatest challenges for a CISO is helping traditional security professionals believe they can learn information security fundamentals ...
Read More
Scroll To Top