Get Instant Access
to This Blueprint

Security icon

Build a Cloud Security Strategy

Secure the cloud by considering its unique challenges.

  • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing.
  • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.

Our Advice

Critical Insight

  • Cloud security is not fundamentally different from security on premises.
  • While some of the mechanics are different, the underlying principles are the same. Accountability doesn’t disappear.
  • By virtue of its broad network accessibility, the cloud does expose decisions to extreme scrutiny, however.

Impact and Result

  • The business is adopting a cloud environment and it must be secured, which includes:
    • Ensuring business data cannot be leaked or stolen.
    • Maintaining privacy of data and other information.
    • Securing the network connection points.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

Build a Cloud Security Strategy Research & Tools

Start Here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a cloud security strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Build a Cloud Security Strategy – Executive Brief
Build a Cloud Security Strategy – Phases 1-2

1. Explore security considerations for the cloud

Explore how the cloud changes the required controls and implementation strategies for a variety of different security domains.

Build a Cloud Security Strategy – Phase 1: Explore Security Considerations for the Cloud
Cloud Security Information Security Gap Analysis Tool
Cloud Security Strategy Template

2. Prioritize initiatives and construct a roadmap

Develop your organizational approach to various domains of security in the cloud, considering the cloud’s unique risks and challenges.

Build a Cloud Security Strategy – Phase 2: Prioritize Initiatives and Construct a Roadmap

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.3/10

Overall Impact

$26,889

Average $ Saved

56

Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Federal Judicial Affairs

Guided Implementation

10/10

$50,000

120

There has not been any bad experience. Working with Ian has been a great experience.

Rehabilitation Hospital of the Pacific

Guided Implementation

9/10

$3,779

44

Bank of Jamaica

Guided Implementation

9/10

N/A

5

Best - Very useful and detailed advice given.

Renown Health

Guided Implementation

10/10

$61,999

47

BDO Digital, LLC

Guided Implementation

9/10

N/A

2

Jeremy was wonderful to speak with! He was energetic, positive, passionate, and very knowledgeable about the topics I needed help with.

Load More Testimonials

Workshop: Build a Cloud Security Strategy

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define Your Approach

The Purpose

Define your unique approach to improving security in the cloud.

Key Benefits Achieved

An understanding of the organization’s requirements for cloud security.

Activities

Outputs

1.1

Define your approach to cloud security.

  • Defined cloud security approach
1.2

Define your governance requirements.

  • Defined governance requirements
1.3

Define your cloud security management requirements.

Module 2: Respond to Cloud Security Challenges

The Purpose

Explore challenges posed by the cloud in various areas of security.

Key Benefits Achieved

An understanding of how the organization needs to evolve to combat the unique security challenges of the cloud.

Activities

Outputs

2.1

Explore cloud asset management.

2.2

Explore cloud network security.

2.3

Explore cloud application security.

2.4

Explore log and event management.

2.5

Explore cloud incident response.

2.6

Explore cloud eDiscovery and forensics.

2.7

Explore cloud backup and recovery.

  • Understanding of cloud security strategy components (cont.).

Module 3: Build Cloud Security Roadmap

The Purpose

Identify initiatives to mitigate challenges posed by the cloud in various areas of security.

Key Benefits Achieved

A roadmap for improving security in the cloud.

Activities

Outputs

3.1

Define tasks and initiatives.

3.2

Finalize your task list

  • Defined task list.
3.3

Consolidate gap closure actions into initiatives.

3.4

Finalize initiative list.

3.5

Conduct a cost-benefit analysis.

  • Cost-benefit analysis
3.6

Prioritize initiatives and construct a roadmap.

  • Roadmap
3.7

Create effort map.

  • Effort map
3.8

Assign initiative execution waves.

3.9

Finalize prioritization.

3.10

Incorporate initiatives into a roadmap.

3.11

Schedule initiatives.

  • Initiative schedule
3.12

Review your results.

Unlock This Blueprint

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

MEMBER RATING

9.3/10
Overall Impact

$26,889
Average $ Saved

56
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 2-phase advisory process. You'll receive 7 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Explore security considerations for the cloud
  • Call 1: Scope requirements, objectives, and your specific challenges.
  • Call 2: Review cloud considerations for security controls.
  • Call 3: Discuss security implications of cloud service models.
  • Call 4: Finalize list of initiatives for securing the cloud.

Guided Implementation 2: Prioritize initiatives and construct a roadmap
  • Call 1: Prioritize initiatives identified in Phase 1.
  • Call 2: Build execution waves and introduce Gantt chart.
  • Call 3: Finalize roadmap and discuss next steps.

Authors

Jeremy Roberts

Ian Mulholland

Isaac Kinsella

Contributors

  • Yvon Day, Asset Management Consultant, BDC
  • Christopher Odediran, Head of IT Asset Management, Mott Macdonald
  • Tammy Krauthammer, VP of Technology, LPL Financial
  • Luz Cervantes, IT Asset Manager, Northgate Markets

Related Content: Security Strategy & Budgeting

Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
© Info-Tech Research Group | Terms of Use | Privacy Policy