The Future Of Audit & Compliance Is…Facebook?
- Image by Getty Images via @daylife
I’ve had an ephiphany. The future is coming wherein we’ll truly have social security…
As the technology and operational models of virtualization and cloud computing mature and become operationally ubiquitous, ultimately delivering on the promise of agile, real-time service delivery via extreme levels of automation, the ugly necessities of security, audit and risk assessment will also require an evolution via automation to leverage the same.
At some point, that means the automated collection and overall assessment of posture (from a security, compliance, and risk perspective) will automagically occur (lest we continue to be the giant speed bump we’re described to be,) and pop out indicatively with glee with an end result of “good,” “bad,” or “pass,” “fail,” not unlike one of those in-flesh turkey thermometers that indicates doneness once a pre-set temperature is reached.
What does that have to do with Facebook?
Simple.
When we’ve all been sucked into the collective hive of the InterCloud matrix, the CISO/assessor/auditor/regulator will look at the score, the resultant assertions and the supporting artifacts gathered via automation and simply click on a button:
You see, the auditor/regulator really is your friend. 😉
It’s a cruel future. We’re all Zuck’d.
/Hoff
Related articles
- CloudAudit Joins Cloud Security Alliance (datacenterknowledge.com)
- CSA GRC Shows Cloud Compliance Maybe More Important Than Cloud Security (securecloudreview.com)
- Security and Compliance Disconnect: Does Compliance = Security? (thesecuritysamurai.com)
- FedRAMP. My First Impression? We’re Gonna Need A Bigger Boat… (rationalsurvivability.com)
- Navigating PCI DSS (2.0) – Related to Virtualization/Cloud, May the Schwartz Be With You! (rationalsurvivability.com)
- Incomplete Thought: Compliance – The Autotune Of The Security Industry (rationalsurvivability.com)
Recent Comments