(TR22) (FIC) SOCs and the cloud revolution

The migration of applications, data and business processes to the cloud is forcing organisations to rethink how they ensure their cybersecurity. «Rethink» because you cannot simply transpose existing systems and practices to cloud computing. For example, cloud computing has shaken up how SOCs function. At a time where everything is software and virtual machines, an organisation’s resources can be hosted on multiple environments. SOC teams lack visibility over the scope they need to protect, skills and understanding of cloud computing environments, as well as the tools and technologies needed to ensure the organisation’s cybersecurity. How can this new situation be taken into account and the functioning and governance of SOCs be adapted? For example, how can discussions and information sharing with DevOps, risk management and purchasing teams be encouraged? What solutions and technologies are there to adapt SOC tools and methods to tackle cloud computing challenges?