Cyber Defense Advisors

Cloud Governance

Stories on Cloud Governance by Teri Radichel

Cloud Governance is one of the most critical things you can do to prevent data breaches in your cloud accounts. But you must do it in a manner that actually prevents attacks. Stop writing paper polices and automate your governance. Allow your governance team to develop and deploy the rules. New tools from cloud providers make this much easier than it has been in the past.

Use a proper Software Development Lifecycle (SDLC) that includes separate development, QA, and operations or production teams for governance code. Use separation of duties to design architectures that require multiple parties to take an action to help prevent egregious misconfiguration and limit the blast radius should an administrators credentials get compromised.

Letting Governance Teams GovernGovernance Foundations in the CloudCloud Governance

Cloud Governance on AWS

AWS Service Control PoliciesCreating an AWS Governance AccountDelegated Administrator for AWS Organizations

Had some issues with AWS Organizations and Control Tower. Some of this has been resolved, but not all.

Wishlist for Cloud Governance

The chapters not published in my blog that are in my book — Cybersecurity for Executives in the Age of Cloud.

Cybersecurity for Executives in the Age of Cloud

Most of my blog series on automating cybersecurity metrics has an element of Cloud Governance to it:

Automating Cybersecurity Metrics (ACM)GitHub – tradichel/SecurityMetricsAutomation

Follow for updates.

Teri Radichel

If you liked this story ~ clap, follow, tip, buy me a coffee, or hire me 🙂

Medium: Teri Radichel
Email List: Teri Radichel
Twitter: @teriradichel
Twitter (company): @2ndSightLab
Mastodon: @[email protected]
Post: @teriradichel
Facebook: 2nd Sight Lab
Slideshare: Presentations by Teri Radichel
Speakerdeck: Presentations by Teri Radichel
Books: Teri Radichel on Amazon
Recognition: SANS Difference Makers Award, AWS Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Sofware Engineering, Master of Infosec
How I got into security: Woman in tech
Buy me a coffee: Teri Radichel
Company (Penetration Tests, Assessments, Training): 2nd Sight Lab
Request services via LinkedIn: Teri Radichel or IANS Research

Request services via LinkedIn: Teri Radichel or IANS Research

© 2nd Sight Lab 2023

____________________________________________

Author:

Cybersecurity for Executives in the Age of Cloud on Amazon

Need Cloud Security Training? 2nd Sight Lab Cloud Security Training

Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.

Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.

Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts

Cloud Governance was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.