AWS Cloud Enterprise Strategy Blog
Tag: Security
Announcing my New Book, War & Peace & IT – a Resource for Enterprise Leaders in the Digital Age
I’m very excited to announce that today is the official publication date of my latest book, War & Peace & IT: Business Leadership, Technology, and Success in the Digital Age. It is intended as the hitherto missing book for senior enterprise executives on how best to work with their technology organizations to accomplish their digital […]
Data Protection in AWS
One of the most common areas of interest from customer executives regarding their move to AWS is data protection. Data protection can take many forms (e.g., backups, high availability, long-term storage), but the focus for this blog post will be encryption. This post has been co-written with Scott Conklin, an encryption expert from our AWS Professional […]
Are You Secure Enough Outside the Cloud?
When I decided to move US Citizenship and Immigration Services (USCIS) into the cloud, I had a number of discussions with others in the federal IT community about cloud security. As the Authorizing Official—the person who had to sign off on the security of each system—for a component agency of the Department of Homeland Security, […]
Security at AWS
When meeting with security, risk, and compliance executives who have yet to start their cloud transformation or who already have multiple cloud workloads in AWS, I am often asked a version of the following question: “While we agree that the cloud is the new normal, it is different than running security on premise in the […]
5 Steps to Building a Culture of Security
(image www.bluecoat.com) In an earlier blog post, I discussed the importance of building a culture of security rather than thinking of security as just the job of the CISO’s team. In this post, I’d like to discuss some ideas on how to build such a culture, drawing on my experiences at USCIS. As CIO, I […]
Building a Culture of Security
It is no longer sufficient to leave security to a team of specialists who watch over the enterprise’s risk posture and control it through a set of constraining policies. It is not enough to guard the boundaries of the enterprise’s network with firewalls, or to simply implement sets of controls specified in a compliance framework. […]
3 Benefits of Automating Compliance in the Cloud
“It takes 20 years to build a reputation and five minutes to ruin it.” — Warren Buffett I’ve supported compliance and security requirements throughout my technology career. In some cases, these requirements were extremely burdensome — for example, when my team was preparing for a Department of Defense audit, which consumed more than 50% of our time for months […]
Reborn in the Cloud: Talen Energy’s Journey to the Cloud
“We don’t do load balancers anymore, we just do load balancing.” -Bruce Kantor, Talen Energy I don’t often get the opportunity to learn how the cloud is helping the energy industry rethink the way it delivers IT. There’s obviously a lot of great science behind power generation, but getting to hear about the technologies and […]
A CIO Perspective on Security in the Cloud
“Too many people are thinking of security instead of opportunity. They seem to be more afraid of life than death.” – James F. Bymes Security is a broad topic, and applies in some way to everything that happens in IT. In all of my time working in technology, I’ve found it to be the one […]