Taming the Beast: Regulatory Compliance in the Cloud
As organizations migrate workloads to cloud computing, they benefit from flexibility and agility, but security operations grow increasingly difficult, especially when it comes to ensuring adherence to critical regulations, such as PCI-DSS, NERC or the EU's GDPR. Gaining the needed visibility into cloud environments and extending existing security workflows to ensure that adherence, while also managing shared responsibility, creates new challenges for security professionals. Add to this the complexity of hybrid and multicloud environments, and the loss of control within those environments, and it's no wonder security leaders are scratching their heads over how to ensure consistency in applied policy and how to assess and audit those policies. This session looks at approaches to addressing the challenge of managing security policy in the cloud, including best practices for extending an organization's visibility and understanding of its regulatory compliance posture.
See Also: The State of the Software Supply Chain