Security & Governance

To Succeed with the Cloud, You Need Real Governance


Most enterprises don’t have a well-developed governance approach for the cloud, not even an idea of a technology solution. Enterprises are overwhelmed these days with other technology changes, including not just the move to cloud but devops, machine learning, and whatever other shiny objects pop up out of the market. I view governance as the […]

The Practical Future of Blockchain


We discuss the historical cycles of computing and storage technologies over the last 40 years, and how Blockchain could be the start of the next industry-changing cycle. Blockchain may be one of the most hyped technologies today, but it’s practical use cases make it more then the next shiny object. We discuss what the technology […]

DevSecOps: Add Security to Complete Your DevOps Process


As seen in a recent DigiCert report, an overwhelming majority of companies believe that an integrated security and DevOps team makes sense. In fact, 98 percent of survey 300 US respondents (a third from IT or security) are either planning to or have already launched such an effort. This is good, if unsurprising, news. For […]

Centralized Security in the Cloud Is the Best Security Model


It’s 6:00 a.m. on a Monday morning. You get an automated text from your security systems that a DDOS attack was attempted, but new security policies downloaded several hours earlier proactively protected the systems from the attacking IP address. All is well. The alternative is not good—meaning that you had no idea of the DDOS […]

Important Considerations for Your AWS Security Approach


The IT security domain is so vast that it touches almost all areas of an enterprise. These areas include enterprise legacy deployments of data centers, physical building security, human resource identification, communication links, hardware and software stacks to cloud technologies with a large and growing ecosystem. The CTP cloud security team has collaborated with many […]

How to Pass Your AWS Audit


If you work for a company in a regulated industry, or just have internal controls that must be met, you’ve likely been accustomed to a regular cadence of data gathering, analysis, reporting and maybe even some last minute scrambling to get ready for the next audit cycle. That’s the status quo. What Happens When the […]