Mindset matters for governance and compliance success in the cloud
By Hart Rossman and Cliff Donathan, CW guest columnists
2023-06-12T16:00:00
Warning, this is a story that might sound familiar.
The frustration on the chief technology officer’s (CTO) face was palpable. One year prior, the $50 billion financial institution he worked for announced it was going “all-in” on the cloud to save costs and become nimbler. The CTO assumed the cloud was “just another data center,” and his teams approached their architecture and governance efforts accordingly.
His organization tried to implement security controls with the same set of operating models, architectures, practices, and tools that were used in its physical networks. The company experienced regulatory requirement delays and audit setbacks and was mired in compliance black holes, security red tape, and governance stagnation. With this approach, spinning up a computing instance was slower than racking and building a physical server in the data center it left.
Fortunately, the financial institution was able to turn its situation around—when the CTO made a mindset shift from a process-focused approach to a capability-based approach.