Cloud Security principles appear simple, but execution becomes incredibly complex at scale.
If you are working in Cloud Security in any area (or Cloud assurance or Governance), the title of this post probably caught your attention. You may have thought to yourself, “ah, clickbait!”. While this is a somewhat attention-grabbing statement, I don’t intend it to be clickbait. Instead, I hope to spark some discussion about why something simple on its face is simultaneously very difficult to get right.
The human brain loves patterns. We identify patterns everywhere, even where they don’t exist. In the past, this has been of evolutionary benefit. Being able to recognise poisonous tree frogs or tigers or gaps in a forest floor, or tribe members who look like us have all been helpful to our survival. The brain is an expensive engine to run, and any heuristic that helps us be more efficient saves us energy.
There have been warnings for many years about the potential for disaster with Artificial Intelligence implementations. Many luminaries, from Elon Musk to Stephen Hawking, have warned about the implications if we unwittingly create a robotic overlord who deems that we are irrelevant at best and destructive at worst, and decides the world will be better off without us.
It’s to be expected, really. You want to go out clubbing, and the object of your affections, who is significantly older than you, wants to get an early night because they have a parent-teacher meeting first thing in the morning.
Clearly, in this scenario, retail Public Cloud Providers (PCPs) are the younger member of the relationship – looking to move fast and break things, as it were. Large, regulated Enterprises are the older partner, looking to put their feet up at the end of a complicated and trying day. They can’t move as fast as the PCPs, because they have accumulated responsibilities in the form of regulatory and board oversight, and have less agility in their old bones than the more nimble PCPs. Continue reading “A May-December Romance – Public Cloud Providers & Large Enterprises”