Cloud & InfoSec's Collaborative Role

384 views
284 views

Published on

Cloud presents a new challenge for information security groups. There's a collaborative opportunity for groups to work toward address issues while taking advantage of the opportunities.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
384
On SlideShare
0
From Embeds
0
Number of Embeds
61
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • 60% Stat: Sand Hill Group 201057% Stat: Sand Hill Group 2010By 2010, 20% of business will own no IT assets (Gartner 2010)Cloud/ Country Stat: Greenpeace 2010
  • Cloud & InfoSec's Collaborative Role

    1. 1. Cloud & InfoSec’s Collaborative Role CISO Collaborative – Mountain View, CA May 25, 2010 Tim M. Crawford S
    2. 2. Tim Crawford S 20 Years in Information Technology S Global 1000 & Fortune 500 S Board Member & IAB Chair: Data Center Pulse S Co-Chair: SVLG Data Center Efficiency Summit S Core Member: Data Center Efficiency Consortium S Global Speaker: Cloud Computing, IT Strategy, Data Center Efficiency S International Strategic Advisor May 25, 2010 2 ©2010 Tim M. Crawford
    3. 3. Cloud Metrics S 60% Using Cloud in Next 3 Years S 57% Driven by IT, 39% Driven by Business Units/ Executive Team S Market Share S S S S Cloud as a Country S S IDC: $44.2 billion by 2013 Gartner: $150 billion by 2013 GIA: $222.5 billion by 2015 Telecom & Data Center energy, 5th in world Impact from CSR Programs May 25, 2010 3 ©2010 Tim M. Crawford
    4. 4. Cloud Governance S Impact on Culture and S Legal, Financial, Organization Reputational Risk S Process Changes S Compliance, Regulatory S Technological Shift S Compartmentalize S Vendor Management S Business-centric (Business Value) May 25, 2010 4 ©2010 Tim M. Crawford
    5. 5. Opportunities S Cost S Movement from CapEx to OpEx S Flexibility S Scalability – Up…and Down S Responsive S Business Driven S IT Focus S Technology-Centric  Business-Centric May 25, 2010 5 ©2010 Tim M. Crawford
    6. 6. Risks S Industry Maturity S Audit S Cloud Providers S Flexibility S Internal IT Organizations S Paradigm Shifts S Control S Compliance/ Regulatory S Compartmentalize S Legal System Changes S International Implications May 25, 2010 6 ©2010 Tim M. Crawford
    7. 7. Evolution of Data May 25, 2010 7 ©2010 Tim M. Crawford
    8. 8. Evolution of Data May 25, 2010 8 ©2010 Tim M. Crawford
    9. 9. Evolution of Data May 25, 2010 9 ©2010 Tim M. Crawford
    10. 10. Data Impact Clients Data Risk Past Centralized Centralized L Recently Distributed Centralized M Now Distributed Distributed H Future Distributed Distributed ? S End of Data Warehouse? S Compliance/ Regulatory Effect…changes? May 25, 2010 10 ©2010 Tim M. Crawford
    11. 11. Myth vs. Reality S Is the Cloud Secure? S Are SLA’s Relevant? S Is All Data Treated Alike? S Are Significant Paradigm S What about Vendor Lock-In? S Are There Contractual Shifts Really Necessary? S Are There Organizational Implications? Limitations? May 25, 2010 S Culture Changes 11 ©2010 Tim M. Crawford
    12. 12. Significant Decision Matrix S Public vs. Private Clouds S Contract vs. No-Contract S Freemium vs. Pay S SLA vs. No-SLA Versions S CapEx vs. OpEx S Buy vs. Build S Risk vs. Opportunity S Variable vs. Fixed Costs May 25, 2010 12 ©2010 Tim M. Crawford
    13. 13. Approaches S Block All – Drive Fear S Go For It! – Ignore Risk S Collaborative Approach S Compartmentalize S Balance Opportunity/ Risk S Provide Objective Guidance May 25, 2010 13 ©2010 Tim M. Crawford
    14. 14. Bottom Line S Significant Opportunities… when applied correctly! S Cultural Changes S Consider Organization, Process and Technology Impact S Use Holistic Approach S Don’t Fear Risk – Be Objective and Transparent! May 25, 2010 14 ©2010 Tim M. Crawford
    15. 15. Contact Information S Tim M. Crawford S Twitter: @tcrawford S http://timcrawford.org/ May 25, 2010 15 ©2010 Tim M. Crawford

    ×