The physicist Fritjof Capra once said, “The more we study the major problems of our time, the more we come to realize that they cannot be understood in isolation. They are systemic problems, which means that they are interconnected and interdependent.” Capra was making the point that biological ecosystems are complex, interconnected and require a holistic contextual awareness of the intricacy in interconnectedness as an integrated whole – rather than a dissociated collection of systems and parts. Change in one area has cascading effects that impact the entire ecosystem. This interconnectedness and a demand for a 360° contextual awareness apply to the world of business. Organizations need to see the intricate relationships of risks across a distributed, dynamic, disrupted, and cloud environment.
Gone are the years of simplicity in business operations. Exponential growth and change in risks, regulations, globalization, distributed operations, competitive velocity, technology, and business data encumbers organizations of all sizes. Keeping business strategy, performance, uncertainty, complexity, and change in sync is a significant challenge in today’s cloud environment that the business depends upon.
Today’s organizations have to have holistic visibility and 360° contextual awareness of risk in the context of the cloud. This presentation delivers the following takeaways on how organizations can become more:
Aware. How to have a finger on the pulse of the business and watch for changes in internal and external environments that introduce risk in cloud environments.
Aligned. Collaborate to align business, risk management, and compliance to support and inform security and exposure in the cloud environment.
Responsive. Organizations cannot react to something they do not sense. Mature risk management is focused on gaining greater awareness and understanding of exposure that impacts decisions and actions and improves transparency across systems and processes.
Agile. The cloud delivers greater agility to organizations, as a result, risk management in the cloud needs to be agile to manage exposure and meet requirements.
Resilient. The best-laid plans of mice and men fail. Organizations need to be able to bounce back quickly from incidents and exposure in the context of the cloud and its impact on operations.
GRC 20/20 Speaker
GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 27+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.