(ISC)² asked me to adapt my (ISC)² Security Congress 2021 session, Lessons learned from enterprise cloud security programs, into an article. It was published in InfoSecurity Professional: Cloud Security Insights.

Here’s the abstract of the article:

The cloud computing model is maturing, moving from the experiments of early adopters to a mainstream computing platform underpinning established enterprises. With hundreds of existing services, a constant barrage of new announcements every year and a shortage of skilled practitioners, taming the beast of cloud security with traditional methods can seem overwhelming. In this article, we look at best practices and lessons learned based on my personal experience working on cloud security in Fortune 500 enterprises for more than a decade.

Read the full article in the (ISC)² Cloud Security INSIGHTS Archive: November 2021.

Learn more about enterprise cloud security

If you want to dive deeper into the topic of cloud security, check out my book: Azure Security Handbook: A Comprehensive Guide for Defending Your Enterprise Environment.