OPINION: Security, the cloud, and the C-suite
DURBAN - Members of the C-suite are increasingly recognising the importance of the unmatched security defences the cloud offers.
From director to Chief information Security Officer (CISO), business leaders understand how cloud security services and strategies keep data safe, and protect organisations.
With business leaders now invested, clouds security creates a secure, agile, and flexible infrastructure in which to operate and navigate the changing business landscape. However, there is always room for organisations to do more when it comes to security. For instance, investing in talent, focusing on retaining the most experienced cloud security experts, and prioritising resources to ensure security and efficiency.
But every business is different. The C-suite need to learn from each other and lead from the front, to make sure they have the cloud security solutions in place that will scale and grow with their business.
It’s not just a CISO decision
CISOs control the technical aspects of their security programs. However, responsibility for broader security initiatives span the whole business. Top C-suite decision-makers, such as Chief Executive Officers (CEOs) and Chief Financial Officers (CFOs), need to be involved in these strategies from the beginning. Have processes in place to inform them quickly if a breach occurs, and to take an active role in managing the recovery process, and minimising the impact.
Every boardroom executive must understand the General Data Protection Regulation (GDPR) has the power to influence an organisation’s financial health and ultimately, the bottom line. Therefore, the board must take collective ownership over managing compliance. When choosing a cloud provider, they must take joint responsibility for discerning which partners they can trust to support their GDPR compliance efforts. After all, under GDPR, businesses will be held responsible for keeping data secure, not only on their own structures, but on those of their suppliers and partners. A unanimous C-suite decision on a cloud provider is therefore key to pre-empt problems and to lead the business forward with a clear cloud security and compliance strategy.
Today’s fast-evolving security landscape encourages organisations to invest heavily in cloud security defences. It also makes individuals, at all levels, increase and develop their knowledge on how to protect data in the cloud.
Organisations with an ear to the ground will aim to protect every asset, often focusing on the most prevalent threat at any given time. This is where the C-suite steps in by having visibility over the entirety of the organisation and its future direction, business leaders ensure that the right resources are in the right places to keep data safe. From prioritising a team’s focus, to understanding the complexity of data within the network, and sharing valuable information on industry-standards for safeguarding information in the cloud or data centers, it is this collaboration across the security teams and the C-suite that will help protect against threats. Again, this is where cloud providers can support by providing services, processes, and advanced technology, such as encryption, to protect all data held in the cloud.
Educate the board and business
True security goes beyond how secure a company makes its systems and data. The C-suite has realised the importance of cybersecurity within the business, will play a proactive and collaborative role in setting the security strategy.
At Amazon Web Services (AWS), equipping our customers with knowledge is a key part of optimising their security defences. We help them to understand cloud security services and technology so they can build solutions that protect the organisation whilst supporting innovation and growth. By educating the whole workforce on the benefits of cloud and cybersecurity tools, every employee gains ownership over cybersecurity processes. They, therefore, know how to confidently execute strategies. We believe that, in a digitally connected society, to continue to grow and remain competitive, businesses need to invest more in cloud-based security skills and innovation.
Retaining and securing cybersecurity talent
There is healthy competition in security to attract the best tech talent. Organisations, therefore, need to think about the benefits they offer holistically, from their pay and benefits package to the opportunities for progression. Embracing cloud technology can also help to attract and retain talent; the best cloud platforms automate the heavy lifting around security so staff can focus on the more interesting aspects of the job. In a competitive talent market, organisations must keep their standards high, but balance career advancement opportunities with perks tailored to the individual.
Security starts at the top
Security success lies in having dynamic functional leadership that unites the business and leads from the front. Therefore, it is promising that cloud security has become a focus for the entire board. After all, it is about understanding the entirety of the business. It is about prioritising resources, investing in the right technology, and retaining talent that will allow a company to drive forward a digital agenda that will keep data safe. By working together and having a clear vision, underpinned by a flexible and agile cloud such as AWS, any business can maintain competitive advantage and differentiation. This begins and ends in the boardroom.
Prabashni Naidoo is the Director at Amazon Web Services South Africa.
BUSINESS REPORT ONLINE