Imagine what security could be if not constrained by a large technology debt accumulated over the years of running legacy systems and applications. What if security capabilities can be procured as a black box service when you need it, as soon as you need it?
This paper talks about how common security challenges can be solved in new ways. The services described are based on solutions and propositions that are available right now and should be considered by any architect that is tasked with protecting information in the cloud. It is intended for all those responsible for securing cloud environments, be it a technology-centric copmany such as Netflix or Uber with "Cloud Native" environments or "Cloud Evolved" organisations that are extending their legacy environments to the cloud.
In today's technology-driven world, there are a number of emerging macro trends that are re-defining the way organisations consume technology. These macro trends include
These trends are also shifting the technology architecture thinking from an arms-length closed off position to an open and collaborative one and driving:
To adapt to these changes, Security leaders need to re-evaluate the way they design and build their cyber security capabilities. Reliance on traditional waterfall-based delivery of data-centre focused controls won't be sufficient to secure the fast-paced collaborative business.
This article seeks to advise how security professionals may adapt security delivery models to support these trends and ensure businesses can maintain trust in a digital society, through deploying 'a box' of security capabilities.
The solution is a set of scalable, flexible, automated, cloud based security utility services using security APIs, which can easily be commissioned and decommissioned based on the specific needs of an organisation, creating a "box of security capabilities" that can be customised at will. In order words, "security in a box".
Financial Services - Chief Security Architect, PwC United Kingdom
Tel: +44 (0)20 7212 5216