My notes:
- Public cloud offers a lot of new capabilities. [10:00]
- Establish a unified security strategy.
- Pace of change is daunting to everyone. [11:00]
- Team working in isolation will lead to mis-alignment. [13:00]
- Requires sponsorship from senior leadership. [19:00]
- Encourage shared goals. [22:00]
- Focus on the end goal, less about which technology. [22:35]
- Transitions in security roles:
- Responsibilities shifting and Focus shifting [24:00]
- CISO Guide to cloud security transformation [27:25]
- Training [31:00]
- planning roles, coordination roles, key technical roles. [32:00]
- Forget and Re-learn Security Best Practices:
- Existing on-Prem security model is dangerous for Clouds. [34:30]
- Start from security objectives [38:40]
- Be flexible and adopt the cloud native ways [40:00]
- Keep scalability and automation in mind [42:00]