Cloud migration is challenging, cumbersome, and risky for traditional organizations relying on in-house custom-built systems to support achieving revenue from years on years. Today I will be discussing a wide variety of challenges organizations are facing while planning for cloud migration. These typical challenges are talks of every board room and the agenda of the meetings. However, there is no doubt that workloads migration to the cloud is helping organizations to reduce operating costs and build integrated, automated IT infrastructure.
You have a daunting task in hand to migrate to the cloud and do it securely and efficiently. If it is not fully optimized and performed correctly, your dream of digital transformation in an organization can hit roadblocks/pitfalls.
Now I will share some of the common challenges which I see the cloud migrations; these are based on observation, reading a wide array of articles, and discussion with fellow IT friends/colleagues in the extended & broader community of IT professionals. What I will be doing is to mention all the typical challenges, and then I will also try to share the perspective of how you can overcome or what could be the strategy to address them. These could be starting from which workloads to be moved to what should be the order of migration to how we will have reliability and performance of business-critical services on the cloud. How I will implement required levels of security controls and regulatory compliance to who is my cloud vendor and this cloud migration must not disrupt my existing IT services, so on…
Gartner, in an article published, has beautifully categorized into six ways of cloud migrations challenge
It is 2nd part of the session on CIS Benchmarks and controls for Cloud. The Center for Internet Security is a nonprofit organization with the mission to 'identify, develop, validate, promote, and sustain best practice solutions for cyber defense.’ Experts and IT professionals from different governments, institutes, and businesses across the globe are participating and finalizing the controls based on the consensus decision-making model.
Now let us link this to why it is essential for every one of us and every organization. I have got a chance to read the article on data breaches affecting millions of users and some of the biggest breaches in recent times published by CSOonline with the title “The 15 biggest data breaches of the 21st century.”
The CIS Controls consists of a recommended best practices to secure systems and devices, and CIS Benchmarks are rules for hardening specific operating systems, middleware, software applications, and network devices. The CIS Controls and the CIS Benchmarks are developed using a consensus-based approach by communities of experts.
CIS controls have been mapped to many other standards and regulatory frameworks, for example. the NIST Cybersecurity Framework (CSF), the ISO 27000, PCI DSS, HIPAA, and many others.
The decision must consider an organization’s requirements, evaluation criteria, and architecture principles.
In CIS 8 the number of controls is reduced to 18 from 20 in CIS 7. CIS 8 contains 153 Safeguards, which were called sub-controls in CS7 and they were 171 sub-controls
In Part 1 (Session no 95)
In Part 2 (Session no 96)
The Center for Internet Security is a nonprofit organization with the mission to 'identify, develop, validate, promote, and sustain best practice solutions for cyber defense.’ Experts and IT professionals from different governments, institutes, and businesses across the globe are participating and finalizing the controls based on the consensus decision-making model.
Now let us link this to why it is essential for every one of us and every organization. I have got a chance to read the article on data breaches affecting millions of users and some of the biggest breaches in recent times published by CSOonline with the title “The 15 biggest data breaches of the 21st century.”
The CIS Controls consists of a recommended best practices to secure systems and devices, and CIS Benchmarks are rules for hardening specific operating systems, middleware, software applications, and network devices. The CIS Controls and the CIS Benchmarks are developed using a consensus-based approach by communities of experts.
CIS controls have been mapped to many other standards and regulatory frameworks, for example. the NIST Cybersecurity Framework (CSF), the ISO 27000, PCI DSS, HIPAA, and many others.
The decision must consider an organization’s requirements, evaluation criteria, and architecture principles.
In CIS 8 the number of controls is reduced to 18 from 20 in CIS 7. CIS 8 contains 153 Safeguards, which were called sub-controls in CS7 and they were 171 sub-controls