I joined a number of security professionals at the IBM Security Summit in London last month during the “Innovating With Cloud Security” breakout session, which was hosted by Martin Borrett, chief technology officer (CTO) of IBM Security Europe. The audience took part in discussions about typical cloud transformation journeys, security for and from the cloud, development operations (DevOps) disruption of enterprise security and regulatory expectations.
Audience polls discovered that all of the attendees use cloud services in their business — and the majority use the public multi-cloud. (This is also true for our working environment at IBM.) The audience also reflected our past experiences with polar business attitudes toward security in the cloud. For example, the assumption that the cloud is too insecure for use in the enterprise, or (just the opposite) that security is automatically built into cloud platforms.