- Trump taps Sriram Krishnan for AI advisor role amid strategic shift in tech policy
- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
CIOs must reassess cloud concentration risk post-CrowdStrike
For the CIO, these approaches add vendor complexity, requiring management across different SLAs and support processes. FinOps, which blends financial and cloud operations, will have to be implemented to manage the costs across the various cloud providers in your multi-cloud environment, as well as the contracts. Internally, the CIO must manage their security policies across these cloud vendors, as well as any third partiesthe cloud providers themselves use.
What is your concentration risk tolerance?
Moving forward, understanding your organization’s exact acceptable level of concentration risk will be a key concern. Boards will be wanting management teams to measure this risk so they can define what their tolerances should be.
The Cloud Security Alliance has some good thinking on this topic. It recommends ways to develop processes for transforming risk tolerance assessments, data/asset classifications, and business requirements into company policies, control objectives, and technical controls.