Organizations of all sizes and across all industries are embracing a cloud-first strategy. Cloud services offer efficiencies and productivity, agility, and cost savings. It just makes sense for many organizations to move from private networks and data centers to public cloud, hybrid solutions from multiple geographically distributed service providers.
But many CISOs appear to be hesitant about fully committing to the cloud, and particularly to moving their IT infrastructure and critical workloads to the public cloud. Why is that? In most cases, they’re worried about losing visibility and control of their IT resources and data.
While CISOs have an understandable desire for control, ironically many of us don’t really know what’s in our IT environment, which means we have less visibility and control than we think. One interesting observation from recent ransomware and wiperware outbreaks was that few organizations had accurate records of what IT resources were operating in their environments or even the status of the known systems. While this is due in part to the rapid adoption of things like shadow IT, it is also frequently the result of such things as personnel changes and mergers and acquisitions. For many organizations, conducting a full network analysis before transitioning some or all of their network resources to the cloud is the first time a CISO or CIO is able to scope a full and accurate view of what their IT ecosystem looks like.