As I described in most of my previous articles, defining and implementing an effective cloud security strategy requires the involvement of several stakeholders within and outside of an organization.
Indeed, defining and implementing the cloud security strategy within an organization should include people from diverse entities, including:
- Business Groups or Units
- Information Technology (IT)
- Cyber Security
- Procurement and Supply Chain
- Legal & Compliance
- External partners (Cloud Service Providers, IT partners, Managed Service Providers, etc.)
Having all these diverse profiles involved, ensures that most of aspects will be taken into account in the cloud security strategy on one hand but on the other hand, this may lead to endless debates as the members will not have the same level of knowledge in terms of cloud computing.
Learn in this article posted on Peerlyst community, the common stakeholders’ positions or attitudes with regards to cloud security as well as the multi-level or pyramidal view of cloud security risks.