Tony Sager, senior vice president at the Center for Internet Security, outlines a new report on cloud security, and what the federal government can learn from the private sector.
Last week, the Department of Defense released its cloud strategy, laying out how the Pentagon plans to construct its cloud networks. As DoD and other federal agencies work to expand their cloud implementations, security concerns are paramount. The Center for Internet Security recently released a guide for best practices in cloud security. Tony Sager, senior vice president at CIS, says that while security concepts haven’t changed, the way we think about them has. “The questions haven’t changed, but where they get answered are really different. Think of the questions of, ‘Do I know what’s on my network? Do I know who can control or change or bypass security on my network? Do I know where sensitive data is?’ Those are questions that we were talking about in the ‘70s, and exactly the questions we’re talking about today, but they’re in different places. Think about the movement to the cloud. Security has to deal with these classic questions, but think of them in a different way,” Sager said.