SlideShare a Scribd company logo

Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012

Livingstone Advisory
Livingstone Advisory

This presentation was delivered at the 2012 BankTech summit in Sydney, Australia by Rob Livingstone (www.rob-livingstone.com ). Topics included: Exploring the real definition of Cloud Interpreting the conflicting messages Systemic vs. Technical risks in the Cloud Availability Hybrid Cloud is the reality Importance of Cloud Computing Reference Architecture Managing multiple parties in the Cloud ecosystem (Hybrid Cloud) The challenge for Regulators Standards? Which standards? Some risk mitigation approaches

TechnologyBusiness
1 of 33
Map of the minefield Alleviating cloud risks in order to reap the benefits ROB LIVINGSTONE - Fellow, University of Technology, Sydney, Australia, and - Principal, Rob Livingstone Advisory Pty Ltd 17th July 2012 navigatingthrougthecloud.com
What I’ll NOT be covering • Data Privacy • Data residency • International legal jurisdictional considerations • Vendor lock-in • Data extraction and ownership • Intellectual property considerations • Hacking, cybercriminals and cloud, data breaches • Total cost of Ownership • Single function enterprise Cloud (eg CRM, eMail, pure storage) • Consumerisation of IT • BYOD  These are much discussed and (hopefully) should be well understood by all navigatingthrougthecloud.com
What I WILL be covering • Exploring the real definition of Cloud • Interpreting the conflicting messages • Systemic vs. Technical risks in the Cloud • Availability • Hybrid Cloud is the reality • Importance of Cloud Computing Reference Architecture • Managing multiple parties in the Cloud ecosystem (Hybrid Cloud) • The challenge for Regulators • Standards? Which standards? • Some risk mitigation approaches navigatingthrougthecloud.com
Exploring the real definition of Cloud The most quoted Definition of Cloud: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or cloud provider interaction • US National Institute of Standards and Technology‘s (NIST) definition navigatingthrougthecloud.com
Exploring the real definition of Cloud The most sensible Definition of Cloud: ―Forget your technical definition of the Cloud, ask your mom what the Cloud is…. …And what your mother will tell you about the Cloud is that it means it’s not on my computer.”* Dave Asprey – Global VP, Cloud Security, Trend Micro * Navigating through the Cloud Podcast Episode 23 in iTunes navigatingthrougthecloud.com
Exploring the real definition of Cloud Cloud-like Outsourcing: If you sign a standard outsourcing contract with an outsourcing vendor that has Cloud-like pricing (pay-as- you-go) and Cloud-like capabilities and whether or not it‘s Cloud is largely a matter of opinion. navigatingthrougthecloud.com
Exploring the real definition of Cloud The 3 key ‘classic’ Ingredients of Cloud • You‘re counting on SaaS vendor in order to provide all the multi-tenancy for your data. • You hope they‘ve written their applications well, secure their databases, and so on …. • You‘re sharing the database with everyone else. navigatingthrougthecloud.com
Exploring the real definition of Cloud Enterprise Cloud: The Inverted Risk Pyramid HI RISK presentaiton Major enterprise instances, with complexity, scale, risk, compliance, This deep integration, long term Integration, enterprise governance needed Commodity / non- integrated Cloud applications LOW RISK navigatingthrougthecloud.com
Interpreting the conflicting messages Has business lost patience with Enterprise IT? "Despite an abundance of IT Project Management (ITPM) resources, such as the PMI Body of Knowledge, IT standards and governance, a large percentage of IT projects continue to fail and ultimately get scrapped. Recent studies have shown an average of 66% IT project failure rate, with 52% of the projects being cancelled, and 82% being delivered late" Kraft (2008). The Importance of Business Process Alignment for IT Project Management of Commercial Software with Case Studies. Journal of Information Systems Applied Research, 1 (3) navigatingthrougthecloud.com
Interpreting the conflicting messages A recent survey* referred to by Forbes claims that ―a meagre 3% of companies considering Cloud consider it to be too risky.‖ This was based on a survey of 785 companies, implying the inevitability of Cloud. Not atypical of research in Cloud, this survey was conducted by a firm that has investments in the Cloud industry, with 65% of respondents being vendors so one could say that the results were not totally unexpected. http://www.forbes.com/sites/joemckendrick/2012/06/20/cloud-computing-simply-isnt-that-scary-anymore-survey/ navigatingthrougthecloud.com
Interpreting the conflicting messages Fear being left behind? "By 2015, nearly $1 of every $6 spent on packaged software, and $1 of every $5 spent on applications, will be consumed via the SaaS model." "By 2012, about 83% of all net-new software firms coming to market will be operationalized around creating, testing, selling, and provisioning a service versus a packaged product (CD)." "By 2015, about 24% of all new business software purchases will be of service-enabled software, and SaaS delivery will constitute about 13.1% of worldwide software spending across all primary markets and 14.4% of applications spending." ICD Dec 2011 Doc # 232239 navigatingthrougthecloud.com
Interpreting the conflicting messages 24% of CEOs surveyed in the 2012 PWC CEO Survey 75% of CEOs plan to change innovation capacity in 2012, of which 24% expect ‗major change‘, underpinned in part by technology. The eighth annual KPMG 2012 Audit Institute Report identified ―IT Risk and Emerging Technologies‖ as the second-highest concern for audit committees, which is unprecedented in the history of the report. navigatingthrougthecloud.com
Interpreting the conflicting messages • So, in a nutshell, there are mixed messages out there at this point in time. • On the one hand organisations demand speed, innovation, agility and value, largely facilitated by technology. • Organisations that adopt new ‗transformational‘ technologies, Cloud in particular, without effective consideration of the enterprise wide, systemic and longitudinal risks, are potentially either setting themselves up for future problems, or not maximising the opportunities, or both. • This last point is the focus of my presentation navigatingthrougthecloud.com
Systemic vs. Technical Risks in the Cloud Systemic Risks • Systemic risk is highly relevant to Hybrid Cloud – which we‘ll discuss in a few minutes… • Systemic risks are those with the greatest potential impact as they affect the entire system (ie: Organisation, government, country, world…) • Case in point: How is that the finance industry, which is one of the more regulated, and invests heavily in risk identification, mitigation and transference could be the cause of the current global financial problems? • Systemic risk for the enterprise is the silent killer and is often the hardest to identify as only a few have a complete, transparent and objective overview of the overall enterprise. • Mitigation through approaches such as Enterprise Risk Management (ERM), origins in fraud, organisational governance, and underpins the insurance industry • Applicability to IT – Cloud especially – not often discussed navigatingthrougthecloud.com
Systemic vs. Technical Risks in the Cloud Technical (or functional) Risk • Identifying, categorising and ranking technical and functional risks is core to conventional IT risk assessment approaches: o Risk of a specific event = (Impact x Probability of that event occurring) + Risk Adjustment • Underpins conventional risk certification frameworks e.g. ISO2700X • Compliance does not necessarily equal security or effectiveness of your risk management model • The categorisation of risks into functional and technical categories does not help in the identification of systemic risk • Focusing on the diverse range of technical or functional risks, does not account for the interaction between risks. • Systemic risks are mostly more significant than the sum of the individual risks navigatingthrougthecloud.com
Availability What‘s your downtime cost? Fundamental question: Is Cloud your default position? "What they don‘t usually tell you about the Cloud is that the SLA or the uptime SLA for Cloud providers is not nearly as good as it is for co-location.....So, if you‘re looking for five 9s, you‘re going to need several Clouds and a lot of zeros on the cheque that you write.― Dave Asprey – Global VP, Cloud Security, Trend Micro Navigating through the Cloud Podcast Episode 23 in iTunes navigatingthrougthecloud.com
Hybrid Cloud is the reality ―Within five years, it will be primarily deployed by enterprises working in a hybrid mode‖. - Gartner Gartner "Predicts 2012: Cloud Computing Is Becoming a Reality‖ (Published: 8 December 2011 ID:G00226103) navigatingthrougthecloud.com
Hybrid Cloud is the reality Cloud 101: The 4 flavours of cloud computing Public Private Hybrid Community /Internal • No control • You control all • Combination of 2 • Multiple • No ownership • You may own or more models organisatons share • You own data • You define • Can be more same private cloud • Apps stay behind architecture complex infrastructure • You determine • Need to manage your own security interfaces, position integration navigatingthrougthecloud.com
Importance of Cloud Computing Reference Architecture Review, define and assign key roles in your Cloud environment. – Define your Cloud Reference Architecture by reviewing applicability against published models (Eg NIST*, IBM, etc) – Ensure you do not miss important roles (Eg: IBM CCRA does not include Cloud Broker, Cloud Auditor yet included in NIST CCRA) navigatingthrougthecloud.com * National Institute of Standards and Technology
Importance of Cloud Computing Reference Architecture Who is accountable for what in your Cloud? It’s YOUR brand at stake, not the vendors! navigatingthrougthecloud.com
Importance of Cloud Computing Reference Architecture The emergence of the ‘Cloud Broker’ navigatingthrougthecloud.com
Importance of Cloud Cloud The real definition of Computing Reference Architecture IT Department in the Cloud? navigatingthrougthecloud.com
Managing multiple parties in the Cloud ecosystem "Cloud consumers should budget for additional integration costs which can range from 10% to 30% — and sometimes as high as 50% — of the total cost of cloud IT projects.― Gartner Predicts 2012: Cloud Services Brokerage Will Bring New Benefits and Planning Challenges - Published: 22 November 2011 G00227370 Let‘s explore the reasons why in a bit more detail ….. navigatingthrougthecloud.com
Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Orchestrating versioning, change control and rollback V1.2 V2.3.1 V2.4 V3.5 V5.3 navigatingthrougthecloud.com
Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Life expectancy…… 4 Years 6 Months 1 Year 3.5 Years 4.5 years navigatingthrougthecloud.com
Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Business continuity……. X navigatingthrougthecloud.com
Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Also: • Security • Identity Management • Due diligence • ‗Big-Data‘ • Business Intelligence – Dashboards and drilldowns • Forensics / eDiscovery • BYOD • Mobility • Legislative / Jurisdictional • Contractual complexity ….. To name but a few navigatingthrougthecloud.com
The challenge facing regulators • Various industry regulators are also working hard to keep up with the fast moving Cloud and technology environments, however keeping up with the rate of change presents a challenge. • Case in point relates to the wording contained in the current National Privacy Principles (NPPs). The word ‗reasonable‘ is used in the NPPs to describe measures and controls that should be applied in the implementation of privacy controls. Whilst the intention is clear, the interpretation of ‗reasonable‘ is fertile grounds for contention on individual cases. • APRA‘s new standards that came into effect on July 1, 2012 (CPS231, 231 in particular) refer to appropriate risk management processes. Many of the standards are dated. Two such examples of such standards are AS/ISO 31000 (Risk management), where the current revision is dated 2009, and AS/ISO 27001 (Information security management systems), where the current revision is dated 2006. navigatingthrougthecloud.com
Cloud standards? Which standards? • Emerging Standards – Open Virtalisation Format ISO/IEC DIS 17203 or ANSI INCITS 469 2010 – ISO/IEC WD TS 27017 (Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002 - Under development ) – ISO/IEC DIS 17826 - Cloud Data Management Interface (CDMI) navigatingthrougthecloud.com
Cloud standards? Which standards? Plethora of forums, industry groups and associations – Cloud Security Alliance – Cloud Standards Customer Council – Distributed Management Task Force (DMTF) – Cloud Management Working Group (CMWG) – The European Telecommunications Standards Institute (ETSI) – National Institute of Standards and Technology (NIST) – Open Grid Forum (OGF) – Object Management Group (OMG) – Open Cloud Consortium (OCC) – Organization for the Advancement of Structured Information Standards (OASIS) – Storage Networking Industry Association (SNIA) – The Open Group – Association for Retail Technology Standards (ARTS) – TM Forum‘s Cloud Services Initiative Source: cloud-standards.org navigatingthrougthecloud.com
Some risk mitigation approaches Some risk mitigation approaches • Be crystal clear on the drivers behind Cloud for the organisation – do not make Cloud your default position! • Understand and accurately map the solution to the your legislative, regulatory and compliance environment • Predict and budget for integration complexities • Know your exist strategy before you sign up Reshape the role of your IT Department • Shift from a technology provider to a Services broker • Differing skills mix for in-house IT • Technology enabled business services is the direction to take for enterprise IT • If IT have concerns, don‘t dismiss is as ‗job protection‘.. scrutinise these. Remember the ‗O‘ ring and the Challenger? navigatingthrougthecloud.com
Some risk mitigation approaches Due diligence is crucial • Perform your own due diligence, and seek absolutely independent, experienced, financially disinterested advice if needed • Stress test your business case: – Test your Cloud contract to a variety of scenarios – Conducting a sensitivity analysis for feasible changes in your commercial environment, regulatory and operational scenarios – Pricing in risk – Understand the volatility of the cloud market – Identify the systemic risks navigatingthrougthecloud.com
ThankYou! ROB LIVINGSTONE - Fellow, University of Technology, Sydney - Principal, Rob Livingstone Advisory Pty Ltd W1: www.rob-livingstone.com W2: www.navigatingthroughthecloud.com E: rob@rob-livingstone.com P: +61 2 8005 1972 P: +1 609 843 0349 M: +61 419 632 673 F: +61 2 9879 5004 rladvisory © All rights reserved. Rob Livingstone Advisory Pty Ltd ABN 41 146 643 165. Unauthorized redistribution prohibited without prior approval. ‗Navigating through the Cloud‘ is a Trademark of Rob Livingstone Advisory Pty Ltd. navigatingthrougthecloud.com

Recommended

Cloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotCloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotTech Mahindra
 
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Livingstone Advisory
 
Cloud computing: What you need to know as an Australian Finance Director
Cloud computing: What you need to know as an Australian Finance DirectorCloud computing: What you need to know as an Australian Finance Director
Cloud computing: What you need to know as an Australian Finance DirectorLivingstone Advisory
 
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Livingstone Advisory
 
Cloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesCloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesLivingstone Advisory
 
The cloud
The cloudThe cloud
The cloudFranck KESZI
 
Wall street journal 22 sept 10 - perspectives on risk it
Wall street journal 22 sept 10 - perspectives on risk itWall street journal 22 sept 10 - perspectives on risk it
Wall street journal 22 sept 10 - perspectives on risk itMessiernl
 
The ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesThe ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesLivingstone Advisory
 

Recommended

Cloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotCloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotTech Mahindra
 
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...
Rob Livingstone Advisory - The risks of a fractured cloud strategy within th...Livingstone Advisory
 
Cloud computing: What you need to know as an Australian Finance Director
Cloud computing: What you need to know as an Australian Finance DirectorCloud computing: What you need to know as an Australian Finance Director
Cloud computing: What you need to know as an Australian Finance DirectorLivingstone Advisory
 
Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Will the Cloud be your disaster, or will Cloud be your disaster recovery?
Will the Cloud be your disaster, or will Cloud be your disaster recovery?Livingstone Advisory
 
Cloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesCloud computing implications for project management methodologies
Cloud computing implications for project management methodologiesLivingstone Advisory
 
The cloud
The cloudThe cloud
The cloudFranck KESZI
 
Wall street journal 22 sept 10 - perspectives on risk it
Wall street journal 22 sept 10 - perspectives on risk itWall street journal 22 sept 10 - perspectives on risk it
Wall street journal 22 sept 10 - perspectives on risk itMessiernl
 
The ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesThe ‘success trap’ of new, emerging and disruptive technologies
The ‘success trap’ of new, emerging and disruptive technologiesLivingstone Advisory
 
Cloud risk management
Cloud risk managementCloud risk management
Cloud risk managementPrachyanun Nilsook
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Hybrid cloud- driving a business
Hybrid cloud- driving a businessHybrid cloud- driving a business
Hybrid cloud- driving a businessGabe Akisanmi
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked inJonathan Spindel
 
Cloud provider transparency
Cloud provider transparencyCloud provider transparency
Cloud provider transparencyPrachyanun Nilsook
 
Survey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted ServicesSurvey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted Servicesijtsrd
 
Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?trentlivingston
 
Should we fear the cloud?
Should we fear the cloud?Should we fear the cloud?
Should we fear the cloud?Gabe Akisanmi
 
Massive Data Analytics and the Cloud
Massive Data Analytics and the CloudMassive Data Analytics and the Cloud
Massive Data Analytics and the CloudBooz Allen Hamilton
 
CLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHCLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHSHAIMA A R
 
2010 grail research_cloud_computing
2010 grail research_cloud_computing2010 grail research_cloud_computing
2010 grail research_cloud_computingInpingo Digital Publishing Solutions
 
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Troy Marshall
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?Gabe Akisanmi
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
 
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...Mighty Guides, Inc.
 
Private Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionPrivate Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionDana Gardner
 
private-cloud-white-paper
private-cloud-white-paperprivate-cloud-white-paper
private-cloud-white-paperDavid Gould
 
How to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloudHow to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloudJames Sankar
 
Digital Trust In The Cloud
Digital Trust In The CloudDigital Trust In The Cloud
Digital Trust In The CloudCSC Trusted Cloud Services
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 
Build a Brand From scratch
Build a Brand From scratchBuild a Brand From scratch
Build a Brand From scratchEthan Chazin MBA
 
Consumer behavior week4_attributes
Consumer behavior week4_attributesConsumer behavior week4_attributes
Consumer behavior week4_attributesEthan Chazin MBA
 

More Related Content

What's hot

Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]KVH Co. Ltd.
 
Hybrid cloud- driving a business
Hybrid cloud- driving a businessHybrid cloud- driving a business
Hybrid cloud- driving a businessGabe Akisanmi
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked inJonathan Spindel
 
Survey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted ServicesSurvey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted Servicesijtsrd
 
Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?trentlivingston
 
Should we fear the cloud?
Should we fear the cloud?Should we fear the cloud?
Should we fear the cloud?Gabe Akisanmi
 
Massive Data Analytics and the Cloud
Massive Data Analytics and the CloudMassive Data Analytics and the Cloud
Massive Data Analytics and the CloudBooz Allen Hamilton
 
CLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHCLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHSHAIMA A R
 
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Troy Marshall
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?Gabe Akisanmi
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelIJMTST Journal
 
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...Mighty Guides, Inc.
 
Private Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionPrivate Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionDana Gardner
 
private-cloud-white-paper
private-cloud-white-paperprivate-cloud-white-paper
private-cloud-white-paperDavid Gould
 
How to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloudHow to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloudJames Sankar
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 

What's hot (20)

Cloud risk management
Cloud risk managementCloud risk management
Cloud risk management
 
Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]Are you ready for the private cloud? [WHITEPAPER]
Are you ready for the private cloud? [WHITEPAPER]
 
Hybrid cloud- driving a business
Hybrid cloud- driving a businessHybrid cloud- driving a business
Hybrid cloud- driving a business
 
What is the future of cloud security linked in
What is the future of cloud security linked inWhat is the future of cloud security linked in
What is the future of cloud security linked in
 
Cloud provider transparency
Cloud provider transparencyCloud provider transparency
Cloud provider transparency
 
Survey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted ServicesSurvey on Security in Cloud Hosted Service & Self Hosted Services
Survey on Security in Cloud Hosted Service & Self Hosted Services
 
Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?Cloud Computing - Is it the Future of ESI?
Cloud Computing - Is it the Future of ESI?
 
Should we fear the cloud?
Should we fear the cloud?Should we fear the cloud?
Should we fear the cloud?
 
Massive Data Analytics and the Cloud
Massive Data Analytics and the CloudMassive Data Analytics and the Cloud
Massive Data Analytics and the Cloud
 
CLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACHCLOUD COMPUTING -DETAILED APPROACH
CLOUD COMPUTING -DETAILED APPROACH
 
2010 grail research_cloud_computing
2010 grail research_cloud_computing2010 grail research_cloud_computing
2010 grail research_cloud_computing
 
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
Secure Digital Transformation- Cybersecurity Skills for a Safe Journey to Dev...
 
Is your infrastructure holding you back?
Is your infrastructure holding you back?Is your infrastructure holding you back?
Is your infrastructure holding you back?
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment Model
 
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
 
Private Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing AdoptionPrivate Cloud: Debunking Myths Preventing Adoption
Private Cloud: Debunking Myths Preventing Adoption
 
private-cloud-white-paper
private-cloud-white-paperprivate-cloud-white-paper
private-cloud-white-paper
 
How to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloudHow to mitigate risk in the age of the cloud
How to mitigate risk in the age of the cloud
 
Digital Trust In The Cloud
Digital Trust In The CloudDigital Trust In The Cloud
Digital Trust In The Cloud
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 

Viewers also liked

Build a Brand From scratch
Build a Brand From scratchBuild a Brand From scratch
Build a Brand From scratchEthan Chazin MBA
 
Consumer behavior week4_attributes
Consumer behavior week4_attributesConsumer behavior week4_attributes
Consumer behavior week4_attributesEthan Chazin MBA
 
20121131 i week liepaja 2012, Art of Resilience
20121131 i week liepaja 2012, Art of Resilience20121131 i week liepaja 2012, Art of Resilience
20121131 i week liepaja 2012, Art of ResilienceAlbert van der Kooij
 
Maximising the opportunities offered by emerging technologies within the chan...
Maximising the opportunities offered by emerging technologies within the chan...Maximising the opportunities offered by emerging technologies within the chan...
Maximising the opportunities offered by emerging technologies within the chan...Livingstone Advisory
 
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...Livingstone Advisory
 
Career resilience is the name of the game
Career resilience is the name of the gameCareer resilience is the name of the game
Career resilience is the name of the gameLivingstone Advisory
 
Consumer behavior week2_valuesculture
Consumer behavior week2_valuescultureConsumer behavior week2_valuesculture
Consumer behavior week2_valuescultureEthan Chazin MBA
 
Where worlds collide: Agile, Project Management, Risk and Cloud?
Where worlds collide: Agile, Project Management, Risk and Cloud?Where worlds collide: Agile, Project Management, Risk and Cloud?
Where worlds collide: Agile, Project Management, Risk and Cloud?Livingstone Advisory
 
Get connected socialmedia_nyu_18april15_part1
Get connected socialmedia_nyu_18april15_part1Get connected socialmedia_nyu_18april15_part1
Get connected socialmedia_nyu_18april15_part1Ethan Chazin MBA
 
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...Livingstone Advisory
 
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...Livingstone Advisory
 
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...Livingstone Advisory
 
A career in_entrepreneurship_ethan_chazin_31oct2013
A career in_entrepreneurship_ethan_chazin_31oct2013A career in_entrepreneurship_ethan_chazin_31oct2013
A career in_entrepreneurship_ethan_chazin_31oct2013Ethan Chazin MBA
 
Master your marketing PNC talk 19 September 2013
Master your marketing PNC talk 19 September 2013Master your marketing PNC talk 19 September 2013
Master your marketing PNC talk 19 September 2013Ethan Chazin MBA
 
Exposing the systemic risks in enterprise cloud computing
Exposing the systemic risks in enterprise cloud computingExposing the systemic risks in enterprise cloud computing
Exposing the systemic risks in enterprise cloud computingLivingstone Advisory
 
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...Livingstone Advisory
 

Viewers also liked (20)

Build a Brand From scratch
Build a Brand From scratchBuild a Brand From scratch
Build a Brand From scratch
 
Consumer behavior week4_attributes
Consumer behavior week4_attributesConsumer behavior week4_attributes
Consumer behavior week4_attributes
 
20121131 i week liepaja 2012, Art of Resilience
20121131 i week liepaja 2012, Art of Resilience20121131 i week liepaja 2012, Art of Resilience
20121131 i week liepaja 2012, Art of Resilience
 
Maximising the opportunities offered by emerging technologies within the chan...
Maximising the opportunities offered by emerging technologies within the chan...Maximising the opportunities offered by emerging technologies within the chan...
Maximising the opportunities offered by emerging technologies within the chan...
 
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
Navigating the risks in implementing Hybrid Cloud, Agile and Project Manageme...
 
Mktg sales week2_part2
Mktg sales week2_part2Mktg sales week2_part2
Mktg sales week2_part2
 
Mktg sales week2_part1
Mktg sales week2_part1Mktg sales week2_part1
Mktg sales week2_part1
 
Career resilience is the name of the game
Career resilience is the name of the gameCareer resilience is the name of the game
Career resilience is the name of the game
 
Mktg sales week2_part2
Mktg sales week2_part2Mktg sales week2_part2
Mktg sales week2_part2
 
Consumer behavior week2_valuesculture
Consumer behavior week2_valuescultureConsumer behavior week2_valuesculture
Consumer behavior week2_valuesculture
 
Where worlds collide: Agile, Project Management, Risk and Cloud?
Where worlds collide: Agile, Project Management, Risk and Cloud?Where worlds collide: Agile, Project Management, Risk and Cloud?
Where worlds collide: Agile, Project Management, Risk and Cloud?
 
Get connected socialmedia_nyu_18april15_part1
Get connected socialmedia_nyu_18april15_part1Get connected socialmedia_nyu_18april15_part1
Get connected socialmedia_nyu_18april15_part1
 
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...
Your Leadership Brand - The CIO as Business Strategist driving innovation. CI...
 
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...
Exploring the opportunities and pitfalls of Cloud Computing in Australian loc...
 
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
 
Thriving in the world of Big Data
Thriving in the world of Big DataThriving in the world of Big Data
Thriving in the world of Big Data
 
A career in_entrepreneurship_ethan_chazin_31oct2013
A career in_entrepreneurship_ethan_chazin_31oct2013A career in_entrepreneurship_ethan_chazin_31oct2013
A career in_entrepreneurship_ethan_chazin_31oct2013
 
Master your marketing PNC talk 19 September 2013
Master your marketing PNC talk 19 September 2013Master your marketing PNC talk 19 September 2013
Master your marketing PNC talk 19 September 2013
 
Exposing the systemic risks in enterprise cloud computing
Exposing the systemic risks in enterprise cloud computingExposing the systemic risks in enterprise cloud computing
Exposing the systemic risks in enterprise cloud computing
 
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...
Cloud Security Keynote: Cloud-Mobile Convergence: IT's Next Horizon, CISO's N...
 

Similar to Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012

Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Livingstone Advisory
 
WP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdfWP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdfChristopher Doman
 
How CIOs should make Cloud investment - InfotechLead
How CIOs should make Cloud investment - InfotechLeadHow CIOs should make Cloud investment - InfotechLead
How CIOs should make Cloud investment - InfotechLeadArup Das
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudCompTIA UK
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Developing a Business Case for Cloud
Developing a Business Case for CloudDeveloping a Business Case for Cloud
Developing a Business Case for CloudBooz Allen Hamilton
 
Your Journey to the Cloud
Your Journey to the CloudYour Journey to the Cloud
Your Journey to the CloudDori Degenhardt
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
Pinning Down Cloud Computing
Pinning Down Cloud ComputingPinning Down Cloud Computing
Pinning Down Cloud ComputingYankee Group
 
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloud
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloudRed Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloud
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloudEric D. Schabell
 
2019 Enterprise Cloud Index Report
2019 Enterprise Cloud Index Report2019 Enterprise Cloud Index Report
2019 Enterprise Cloud Index ReportAndrew James
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...Eric D. Schabell
 
Navigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckNavigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckPrecisely
 

Similar to Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012 (20)

Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
Navigating through the Cloud - 7 feb 2012 at Institute for Information Manage...
 
WP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdfWP_ Five Reasons Why_Jan_2023.pdf
WP_ Five Reasons Why_Jan_2023.pdf
 
How CIOs should make Cloud investment - InfotechLead
How CIOs should make Cloud investment - InfotechLeadHow CIOs should make Cloud investment - InfotechLead
How CIOs should make Cloud investment - InfotechLead
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for Customers
 
Ccsw
CcswCcsw
Ccsw
 
Developing a Business Case for Cloud
Developing a Business Case for CloudDeveloping a Business Case for Cloud
Developing a Business Case for Cloud
 
Your Journey to the Cloud
Your Journey to the CloudYour Journey to the Cloud
Your Journey to the Cloud
 
IBM Cloud
IBM Cloud IBM Cloud
IBM Cloud
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
4aa5-6541enw
4aa5-6541enw4aa5-6541enw
4aa5-6541enw
 
Pinning Down Cloud Computing
Pinning Down Cloud ComputingPinning Down Cloud Computing
Pinning Down Cloud Computing
 
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloud
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloudRed Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloud
Red Hat Summit 2018 - 3 pitfalls everyone should avoid with hybrid multicloud
 
2019 Enterprise Cloud Index Report
2019 Enterprise Cloud Index Report2019 Enterprise Cloud Index Report
2019 Enterprise Cloud Index Report
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...
Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Should Avoid with Hybrid Mult...
 
Navigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckNavigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar Deck
 
FINAL PRINTED VER - 29102014
FINAL PRINTED VER - 29102014FINAL PRINTED VER - 29102014
FINAL PRINTED VER - 29102014
 

More from Livingstone Advisory

How to setup and lead digital transformation capability (CIOs perspectives)
How to setup and lead digital transformation capability (CIOs perspectives)How to setup and lead digital transformation capability (CIOs perspectives)
How to setup and lead digital transformation capability (CIOs perspectives)Livingstone Advisory
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
 
Career implications for the Business Analyst in the age of digital disruption
Career implications for the Business Analyst in the age of digital disruptionCareer implications for the Business Analyst in the age of digital disruption
Career implications for the Business Analyst in the age of digital disruptionLivingstone Advisory
 
Influence, Power, Integrity and your career in IT
Influence, Power, Integrity and your career in ITInfluence, Power, Integrity and your career in IT
Influence, Power, Integrity and your career in ITLivingstone Advisory
 
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Livingstone Advisory
 
Exploring the opportunities and pitfalls of new and emerging technologies in ...
Exploring the opportunities and pitfalls of new and emerging technologies in ...Exploring the opportunities and pitfalls of new and emerging technologies in ...
Exploring the opportunities and pitfalls of new and emerging technologies in ...Livingstone Advisory
 
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...Why the systemic risks in Enterprise Cloud Computing could cripple your busin...
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...Livingstone Advisory
 
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012Livingstone Advisory
 
Rob livingstone Canberra Cloud Security Conference Nov 2011
Rob livingstone Canberra Cloud Security Conference Nov 2011 Rob livingstone Canberra Cloud Security Conference Nov 2011
Rob livingstone Canberra Cloud Security Conference Nov 2011 Livingstone Advisory
 
Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?Livingstone Advisory
 
Rob livingstone - Australian Payroll Association's Annual Conference May 2011
Rob livingstone - Australian Payroll Association's Annual Conference May 2011Rob livingstone - Australian Payroll Association's Annual Conference May 2011
Rob livingstone - Australian Payroll Association's Annual Conference May 2011Livingstone Advisory
 
Australian Not-for-Profit CIO Forum March 2011 - Rob Livingstone
Australian Not-for-Profit CIO Forum March 2011 - Rob LivingstoneAustralian Not-for-Profit CIO Forum March 2011 - Rob Livingstone
Australian Not-for-Profit CIO Forum March 2011 - Rob LivingstoneLivingstone Advisory
 
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteNavigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteLivingstone Advisory
 

More from Livingstone Advisory (14)

How to setup and lead digital transformation capability (CIOs perspectives)
How to setup and lead digital transformation capability (CIOs perspectives)How to setup and lead digital transformation capability (CIOs perspectives)
How to setup and lead digital transformation capability (CIOs perspectives)
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...Current enterprise information security measures continue to fail us. Why is ...
Current enterprise information security measures continue to fail us. Why is ...
 
Career implications for the Business Analyst in the age of digital disruption
Career implications for the Business Analyst in the age of digital disruptionCareer implications for the Business Analyst in the age of digital disruption
Career implications for the Business Analyst in the age of digital disruption
 
Influence, Power, Integrity and your career in IT
Influence, Power, Integrity and your career in ITInfluence, Power, Integrity and your career in IT
Influence, Power, Integrity and your career in IT
 
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...Future Tech: How should enterprise avoid the 'success trap' of the next big t...
Future Tech: How should enterprise avoid the 'success trap' of the next big t...
 
Exploring the opportunities and pitfalls of new and emerging technologies in ...
Exploring the opportunities and pitfalls of new and emerging technologies in ...Exploring the opportunities and pitfalls of new and emerging technologies in ...
Exploring the opportunities and pitfalls of new and emerging technologies in ...
 
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...Why the systemic risks in Enterprise Cloud Computing could cripple your busin...
Why the systemic risks in Enterprise Cloud Computing could cripple your busin...
 
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012
Rob livingstone CIO Strategy Summit - Park Hyatt Melbourne 17th feb 2012
 
Rob livingstone Canberra Cloud Security Conference Nov 2011
Rob livingstone Canberra Cloud Security Conference Nov 2011 Rob livingstone Canberra Cloud Security Conference Nov 2011
Rob livingstone Canberra Cloud Security Conference Nov 2011
 
Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?Cloud: Fuelling the crisis of confidence in corporate IT?
Cloud: Fuelling the crisis of confidence in corporate IT?
 
Rob livingstone - Australian Payroll Association's Annual Conference May 2011
Rob livingstone - Australian Payroll Association's Annual Conference May 2011Rob livingstone - Australian Payroll Association's Annual Conference May 2011
Rob livingstone - Australian Payroll Association's Annual Conference May 2011
 
Australian Not-for-Profit CIO Forum March 2011 - Rob Livingstone
Australian Not-for-Profit CIO Forum March 2011 - Rob LivingstoneAustralian Not-for-Profit CIO Forum March 2011 - Rob Livingstone
Australian Not-for-Profit CIO Forum March 2011 - Rob Livingstone
 
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone KeynoteNavigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
Navigating through the cloud SPUSC 2011 -Rob Livingstone Keynote
 

Recently uploaded

"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Recently uploaded (20)

"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012

  • 1. Map of the minefield Alleviating cloud risks in order to reap the benefits ROB LIVINGSTONE - Fellow, University of Technology, Sydney, Australia, and - Principal, Rob Livingstone Advisory Pty Ltd 17th July 2012 navigatingthrougthecloud.com
  • 2. What I’ll NOT be covering • Data Privacy • Data residency • International legal jurisdictional considerations • Vendor lock-in • Data extraction and ownership • Intellectual property considerations • Hacking, cybercriminals and cloud, data breaches • Total cost of Ownership • Single function enterprise Cloud (eg CRM, eMail, pure storage) • Consumerisation of IT • BYOD  These are much discussed and (hopefully) should be well understood by all navigatingthrougthecloud.com
  • 3. What I WILL be covering • Exploring the real definition of Cloud • Interpreting the conflicting messages • Systemic vs. Technical risks in the Cloud • Availability • Hybrid Cloud is the reality • Importance of Cloud Computing Reference Architecture • Managing multiple parties in the Cloud ecosystem (Hybrid Cloud) • The challenge for Regulators • Standards? Which standards? • Some risk mitigation approaches navigatingthrougthecloud.com
  • 4. Exploring the real definition of Cloud The most quoted Definition of Cloud: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or cloud provider interaction • US National Institute of Standards and Technology‘s (NIST) definition navigatingthrougthecloud.com
  • 5. Exploring the real definition of Cloud The most sensible Definition of Cloud: ―Forget your technical definition of the Cloud, ask your mom what the Cloud is…. …And what your mother will tell you about the Cloud is that it means it’s not on my computer.”* Dave Asprey – Global VP, Cloud Security, Trend Micro * Navigating through the Cloud Podcast Episode 23 in iTunes navigatingthrougthecloud.com
  • 6. Exploring the real definition of Cloud Cloud-like Outsourcing: If you sign a standard outsourcing contract with an outsourcing vendor that has Cloud-like pricing (pay-as- you-go) and Cloud-like capabilities and whether or not it‘s Cloud is largely a matter of opinion. navigatingthrougthecloud.com
  • 7. Exploring the real definition of Cloud The 3 key ‘classic’ Ingredients of Cloud • You‘re counting on SaaS vendor in order to provide all the multi-tenancy for your data. • You hope they‘ve written their applications well, secure their databases, and so on …. • You‘re sharing the database with everyone else. navigatingthrougthecloud.com
  • 8. Exploring the real definition of Cloud Enterprise Cloud: The Inverted Risk Pyramid HI RISK presentaiton Major enterprise instances, with complexity, scale, risk, compliance, This deep integration, long term Integration, enterprise governance needed Commodity / non- integrated Cloud applications LOW RISK navigatingthrougthecloud.com
  • 9. Interpreting the conflicting messages Has business lost patience with Enterprise IT? "Despite an abundance of IT Project Management (ITPM) resources, such as the PMI Body of Knowledge, IT standards and governance, a large percentage of IT projects continue to fail and ultimately get scrapped. Recent studies have shown an average of 66% IT project failure rate, with 52% of the projects being cancelled, and 82% being delivered late" Kraft (2008). The Importance of Business Process Alignment for IT Project Management of Commercial Software with Case Studies. Journal of Information Systems Applied Research, 1 (3) navigatingthrougthecloud.com
  • 10. Interpreting the conflicting messages A recent survey* referred to by Forbes claims that ―a meagre 3% of companies considering Cloud consider it to be too risky.‖ This was based on a survey of 785 companies, implying the inevitability of Cloud. Not atypical of research in Cloud, this survey was conducted by a firm that has investments in the Cloud industry, with 65% of respondents being vendors so one could say that the results were not totally unexpected. http://www.forbes.com/sites/joemckendrick/2012/06/20/cloud-computing-simply-isnt-that-scary-anymore-survey/ navigatingthrougthecloud.com
  • 11. Interpreting the conflicting messages Fear being left behind? "By 2015, nearly $1 of every $6 spent on packaged software, and $1 of every $5 spent on applications, will be consumed via the SaaS model." "By 2012, about 83% of all net-new software firms coming to market will be operationalized around creating, testing, selling, and provisioning a service versus a packaged product (CD)." "By 2015, about 24% of all new business software purchases will be of service-enabled software, and SaaS delivery will constitute about 13.1% of worldwide software spending across all primary markets and 14.4% of applications spending." ICD Dec 2011 Doc # 232239 navigatingthrougthecloud.com
  • 12. Interpreting the conflicting messages 24% of CEOs surveyed in the 2012 PWC CEO Survey 75% of CEOs plan to change innovation capacity in 2012, of which 24% expect ‗major change‘, underpinned in part by technology. The eighth annual KPMG 2012 Audit Institute Report identified ―IT Risk and Emerging Technologies‖ as the second-highest concern for audit committees, which is unprecedented in the history of the report. navigatingthrougthecloud.com
  • 13. Interpreting the conflicting messages • So, in a nutshell, there are mixed messages out there at this point in time. • On the one hand organisations demand speed, innovation, agility and value, largely facilitated by technology. • Organisations that adopt new ‗transformational‘ technologies, Cloud in particular, without effective consideration of the enterprise wide, systemic and longitudinal risks, are potentially either setting themselves up for future problems, or not maximising the opportunities, or both. • This last point is the focus of my presentation navigatingthrougthecloud.com
  • 14. Systemic vs. Technical Risks in the Cloud Systemic Risks • Systemic risk is highly relevant to Hybrid Cloud – which we‘ll discuss in a few minutes… • Systemic risks are those with the greatest potential impact as they affect the entire system (ie: Organisation, government, country, world…) • Case in point: How is that the finance industry, which is one of the more regulated, and invests heavily in risk identification, mitigation and transference could be the cause of the current global financial problems? • Systemic risk for the enterprise is the silent killer and is often the hardest to identify as only a few have a complete, transparent and objective overview of the overall enterprise. • Mitigation through approaches such as Enterprise Risk Management (ERM), origins in fraud, organisational governance, and underpins the insurance industry • Applicability to IT – Cloud especially – not often discussed navigatingthrougthecloud.com
  • 15. Systemic vs. Technical Risks in the Cloud Technical (or functional) Risk • Identifying, categorising and ranking technical and functional risks is core to conventional IT risk assessment approaches: o Risk of a specific event = (Impact x Probability of that event occurring) + Risk Adjustment • Underpins conventional risk certification frameworks e.g. ISO2700X • Compliance does not necessarily equal security or effectiveness of your risk management model • The categorisation of risks into functional and technical categories does not help in the identification of systemic risk • Focusing on the diverse range of technical or functional risks, does not account for the interaction between risks. • Systemic risks are mostly more significant than the sum of the individual risks navigatingthrougthecloud.com
  • 16. Availability What‘s your downtime cost? Fundamental question: Is Cloud your default position? "What they don‘t usually tell you about the Cloud is that the SLA or the uptime SLA for Cloud providers is not nearly as good as it is for co-location.....So, if you‘re looking for five 9s, you‘re going to need several Clouds and a lot of zeros on the cheque that you write.― Dave Asprey – Global VP, Cloud Security, Trend Micro Navigating through the Cloud Podcast Episode 23 in iTunes navigatingthrougthecloud.com
  • 17. Hybrid Cloud is the reality ―Within five years, it will be primarily deployed by enterprises working in a hybrid mode‖. - Gartner Gartner "Predicts 2012: Cloud Computing Is Becoming a Reality‖ (Published: 8 December 2011 ID:G00226103) navigatingthrougthecloud.com
  • 18. Hybrid Cloud is the reality Cloud 101: The 4 flavours of cloud computing Public Private Hybrid Community /Internal • No control • You control all • Combination of 2 • Multiple • No ownership • You may own or more models organisatons share • You own data • You define • Can be more same private cloud • Apps stay behind architecture complex infrastructure • You determine • Need to manage your own security interfaces, position integration navigatingthrougthecloud.com
  • 19. Importance of Cloud Computing Reference Architecture Review, define and assign key roles in your Cloud environment. – Define your Cloud Reference Architecture by reviewing applicability against published models (Eg NIST*, IBM, etc) – Ensure you do not miss important roles (Eg: IBM CCRA does not include Cloud Broker, Cloud Auditor yet included in NIST CCRA) navigatingthrougthecloud.com * National Institute of Standards and Technology
  • 20. Importance of Cloud Computing Reference Architecture Who is accountable for what in your Cloud? It’s YOUR brand at stake, not the vendors! navigatingthrougthecloud.com
  • 21. Importance of Cloud Computing Reference Architecture The emergence of the ‘Cloud Broker’ navigatingthrougthecloud.com
  • 22. Importance of Cloud Cloud The real definition of Computing Reference Architecture IT Department in the Cloud? navigatingthrougthecloud.com
  • 23. Managing multiple parties in the Cloud ecosystem "Cloud consumers should budget for additional integration costs which can range from 10% to 30% — and sometimes as high as 50% — of the total cost of cloud IT projects.― Gartner Predicts 2012: Cloud Services Brokerage Will Bring New Benefits and Planning Challenges - Published: 22 November 2011 G00227370 Let‘s explore the reasons why in a bit more detail ….. navigatingthrougthecloud.com
  • 24. Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Orchestrating versioning, change control and rollback V1.2 V2.3.1 V2.4 V3.5 V5.3 navigatingthrougthecloud.com
  • 25. Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Life expectancy…… 4 Years 6 Months 1 Year 3.5 Years 4.5 years navigatingthrougthecloud.com
  • 26. Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Business continuity……. X navigatingthrougthecloud.com
  • 27. Managing multiple parties in the Cloud ecosystem Why is brokerage a real consideration? Also: • Security • Identity Management • Due diligence • ‗Big-Data‘ • Business Intelligence – Dashboards and drilldowns • Forensics / eDiscovery • BYOD • Mobility • Legislative / Jurisdictional • Contractual complexity ….. To name but a few navigatingthrougthecloud.com
  • 28. The challenge facing regulators • Various industry regulators are also working hard to keep up with the fast moving Cloud and technology environments, however keeping up with the rate of change presents a challenge. • Case in point relates to the wording contained in the current National Privacy Principles (NPPs). The word ‗reasonable‘ is used in the NPPs to describe measures and controls that should be applied in the implementation of privacy controls. Whilst the intention is clear, the interpretation of ‗reasonable‘ is fertile grounds for contention on individual cases. • APRA‘s new standards that came into effect on July 1, 2012 (CPS231, 231 in particular) refer to appropriate risk management processes. Many of the standards are dated. Two such examples of such standards are AS/ISO 31000 (Risk management), where the current revision is dated 2009, and AS/ISO 27001 (Information security management systems), where the current revision is dated 2006. navigatingthrougthecloud.com
  • 29. Cloud standards? Which standards? • Emerging Standards – Open Virtalisation Format ISO/IEC DIS 17203 or ANSI INCITS 469 2010 – ISO/IEC WD TS 27017 (Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002 - Under development ) – ISO/IEC DIS 17826 - Cloud Data Management Interface (CDMI) navigatingthrougthecloud.com
  • 30. Cloud standards? Which standards? Plethora of forums, industry groups and associations – Cloud Security Alliance – Cloud Standards Customer Council – Distributed Management Task Force (DMTF) – Cloud Management Working Group (CMWG) – The European Telecommunications Standards Institute (ETSI) – National Institute of Standards and Technology (NIST) – Open Grid Forum (OGF) – Object Management Group (OMG) – Open Cloud Consortium (OCC) – Organization for the Advancement of Structured Information Standards (OASIS) – Storage Networking Industry Association (SNIA) – The Open Group – Association for Retail Technology Standards (ARTS) – TM Forum‘s Cloud Services Initiative Source: cloud-standards.org navigatingthrougthecloud.com
  • 31. Some risk mitigation approaches Some risk mitigation approaches • Be crystal clear on the drivers behind Cloud for the organisation – do not make Cloud your default position! • Understand and accurately map the solution to the your legislative, regulatory and compliance environment • Predict and budget for integration complexities • Know your exist strategy before you sign up Reshape the role of your IT Department • Shift from a technology provider to a Services broker • Differing skills mix for in-house IT • Technology enabled business services is the direction to take for enterprise IT • If IT have concerns, don‘t dismiss is as ‗job protection‘.. scrutinise these. Remember the ‗O‘ ring and the Challenger? navigatingthrougthecloud.com
  • 32. Some risk mitigation approaches Due diligence is crucial • Perform your own due diligence, and seek absolutely independent, experienced, financially disinterested advice if needed • Stress test your business case: – Test your Cloud contract to a variety of scenarios – Conducting a sensitivity analysis for feasible changes in your commercial environment, regulatory and operational scenarios – Pricing in risk – Understand the volatility of the cloud market – Identify the systemic risks navigatingthrougthecloud.com
  • 33. ThankYou! ROB LIVINGSTONE - Fellow, University of Technology, Sydney - Principal, Rob Livingstone Advisory Pty Ltd W1: www.rob-livingstone.com W2: www.navigatingthroughthecloud.com E: rob@rob-livingstone.com P: +61 2 8005 1972 P: +1 609 843 0349 M: +61 419 632 673 F: +61 2 9879 5004 rladvisory © All rights reserved. Rob Livingstone Advisory Pty Ltd ABN 41 146 643 165. Unauthorized redistribution prohibited without prior approval. ‗Navigating through the Cloud‘ is a Trademark of Rob Livingstone Advisory Pty Ltd. navigatingthrougthecloud.com