How to Build Effective Governance for Security as Code

Effectively securing public cloud services requires a clear structure that defines ownership and accountability. However, cloud application and technology expertise are likely dispersed across many groups. How can teams collaborate through a federated security model, while also enabling centralized visibility and auditability?

In the second episode of “Security-as-Code for Cloud”, Don takes a deeper look at the First Principle of building an effective Security-as-Code Program: Establishing Clear Ownership and Accountability. Hear from one of the leading minds on cloud security policy on how to overcome complex organizational challenges and build an attribute-based access control (ABAC) architecture for managing Security-as-Code policy.

You will learn:
• Why cloud requires a new approach to governing security and risk policy
• The keys to effectively governing cloud policy at scale
• How to build an attribute-based policy governance model for cloud

Security and risk management of public cloud services are very much a team sport and having a comprehensive architecture to manage rights and entitlements regarding policy lifecycle is essential to building an effective Security-as-Code program.

Don Duet Bio:
Don is an accomplished leader in successfully developing and executing business and technology strategy.

Don currently is Chairman and co-founder of Concourse Labs. Prior to founding Concourse in August 2012, Don served as a Senior Advisor at McKinsey and President of Vapor.io, a leader in Edge Computing. Don spent 28 years at Goldman Sachs, during which time he held senior leadership roles in technology in New York, London, Hong Kong and Tokyo. Don led the global technology division for Goldman from 2012 to 2016 and was named a partner of the firm in 2006 and Managing Director in 2000. Don was the CIO for Asia Pacific from 2000 to 2006. Since relocating to the US in 2006, Don co-chaired the IBD Technology Investment Committee and was a member of the firm’s Firmwide Risk, Market Risk and Business Standards committee.

Within the technology industry, Don has been an active and vocal proponent of Open Source and Open Standards communities including acting as a founding board member of the Open Compute Project.
Be the first to comment