Enterprises are embracing cloud technologies to drive innovation, modernize their IT infrastructure, and ultimately, digitize their business.

When it comes to hosting sensitive and regulated workloads on the public cloud, enterprises (particularly those in highly regulated industries) are being forced to take a hard look at their approach to managing security and compliance—consistently and continuously.

According to a recent Gartner study, the challenge is not whether the cloud is secure, but if it’s being used securely. The study points out that “99 percent of cloud security failures” will be based how customers are using cloud. When it comes to hosting regulated workloads, meeting regulatory compliance requirements are important. A Boston Consulting Group (BCG) report—Global Risk 2017: Staying the Course in Banking—indicates that between 2009 and 2017, there was an estimated $321B in penalties paid by the banks for not meeting regulations. In order to effectively manage their risk and compliance, enterprises need to define the set of cloud native security controls that they want their teams to implement. More importantly, they have to ensure that those controls are in place and that their workloads are properly configured to meet those security controls.

While enterprises are aware of this problem, the challenge is often the effort required to consistently verify and ensure that the right configurations and controls are in place—particularly in an IT environment that is rapidly growing and continuously changing. Manual audits and checks simply do not scale for this, making it imperative that enterprises adopt automation to consistently apply security controls and continuously monitor their security and compliance posture.

Read the full blog post to learn about how we have taken an end-to-end view of managing security and compliance—all the way from factoring in regulatory requirements and enterprise risk controls, to achieving those control objectives for workloads on IBM public cloud.


More from Announcements

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…

See what’s new in SingleStoreDB with IBM 8.0

3 min read - Despite decades of progress in database systems, builders have compromised on at least one of the following: speed, reliability, or ease. They have two options: one, they could get a document database that is fast and easy, but can’t be relied on for mission-critical transactional applications. Or two, they could rely on a cloud data warehouse that is easy to set up, but only allows lagging analytics. Even then, each solution lacks something, forcing builders to deploy other databases for…