Episode 26: Current Challenges With Cloud SilverLining IL
-
- Technology
This is a special episode where both of us (Moshe & Ariel – no guests this time) discuss the future of cloud computing and challenges that should be solved. We take a detailed look at shortage in manpower and knowledge, privacy laws and their influence on innovation and technology challenges such as multi tenancy, APi’s, encryption, continuous monitoring and more.
Agenda
Opening words - 5 min
introducing the podcast - Moshe / Ariel
Introducing our guest - Ariel
Introducing myself - Moshe
Introducing the topic and context of the podcast - Moshe
Security challenges
People
Shortage in manpower: There are missing jobs for cyber professional and especially application security
Shortage in knowledge: security professional lag behind learning new technologies
Process
Malicious insider - one of the biggest challenges for cloud providers
Shared responsibility model collapsing
Privacy laws are creating islands of data - Privacy laws are limiting the transfer of data
Jurisdiction, Court orders and government access to data - as cloud provider host more data - they are a target for more & more government interest
Technology
API security best practices - there will be more & more API’s, we did not master how to protect them
Encryption and key management - the holy grail for holding your own encryption keys is fading
Multi tenancy - we don't have clear practices on building multi tenant applications
Identity based access controls - network access controls are useless in cloud computing, but our ability to create granular access controls based on identity is not mature yet
Multi tenancy
Continuous monitoring
Automation and devops - Security automation is still maturing. We still don't know how to integrate developers and operation without breaking best practices
Using the wrong tools
Closure (5 min)
Moshe - Summersing
Ariel - closing
This is a special episode where both of us (Moshe & Ariel – no guests this time) discuss the future of cloud computing and challenges that should be solved. We take a detailed look at shortage in manpower and knowledge, privacy laws and their influence on innovation and technology challenges such as multi tenancy, APi’s, encryption, continuous monitoring and more.
Agenda
Opening words - 5 min
introducing the podcast - Moshe / Ariel
Introducing our guest - Ariel
Introducing myself - Moshe
Introducing the topic and context of the podcast - Moshe
Security challenges
People
Shortage in manpower: There are missing jobs for cyber professional and especially application security
Shortage in knowledge: security professional lag behind learning new technologies
Process
Malicious insider - one of the biggest challenges for cloud providers
Shared responsibility model collapsing
Privacy laws are creating islands of data - Privacy laws are limiting the transfer of data
Jurisdiction, Court orders and government access to data - as cloud provider host more data - they are a target for more & more government interest
Technology
API security best practices - there will be more & more API’s, we did not master how to protect them
Encryption and key management - the holy grail for holding your own encryption keys is fading
Multi tenancy - we don't have clear practices on building multi tenant applications
Identity based access controls - network access controls are useless in cloud computing, but our ability to create granular access controls based on identity is not mature yet
Multi tenancy
Continuous monitoring
Automation and devops - Security automation is still maturing. We still don't know how to integrate developers and operation without breaking best practices
Using the wrong tools
Closure (5 min)
Moshe - Summersing
Ariel - closing
49 min