Intelligent CISO Issue 31 | Page 64

Invest time and money to get employees up to speed on how to transition to the new cloud environment .
BUSINESS SURVEILLANCE
for security engineers to respond to effectively and expediently .
If your business is considering moving its data into the cloud , it isn ’ t a decision that should be made too quickly . Due diligence must be performed by IT professionals , CIOs and CISOs of enterprises and governments , and even general cloud users before selecting a cloud provider .
Risk evaluation
Placing your data into the hands of a cloud provider means you trust that vendor with your business ’ data and reputation . Before you make a decision , evaluate all the risks associated with handing over your data to a third-party for hosting . Do they have the required security protocols ? Are they willing to answer questions about their security practices ? If the provider has been breached previously , this could be a red flag , but don ’ t be quick to discredit them . Look into how they responded to the breach , not only internally , but how they supported their customers .
Preparedness
Find out about the cloud provider ’ s stacks , specifically if they can service your needs and what level of control and visibility you may retain . Does the

Invest time and money to get employees up to speed on how to transition to the new cloud environment .

cloud provider maintain all hosting responsibilities or is it a joint effort ? Is their technology immediately updated or does it ‘ slow roll updates ’
64 Issue 31 | www . intelligentciso . com