The Criticality of Change Control Management in Cloud Services

December 7, 2019
Hosted by Rebecca Herold

[Download MP3] [itunes] [Bookmark Episode]

Guest Information

Episode Description

Recently the CEO of a cloud services business for compliance & information security shrugged off the problems he has on an ongoing basis with his SaaS cloud site where he does not have change controls implemented, & doesn't use a separate test or development region or server. He shrugged & said, “That’s just the way it is with a cloud service, they all have these problems.” Wrong! In this episode I discuss the importance of change controls to supporting information security & privacy with an expert in this area. • What kind of change control processes need to be applied within SaaS environments? • What are some of the biggest vulnerabilities within cloud services & how they handle change controls with new and updated applications and systems development? • What types of change controls need to be followed when patching cloud systems? Tune in to hear Rebecca discuss these topics and more with Becky Swain, Founder of the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM).

Data Security and Privacy with the Privacy Professor

Data Security and Privacy with the Privacy Professor

New shows monthly on VoiceAmerica Business Channel

There are more information security and privacy threats than ever before. As more technologies emerge, more big data analytics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands. Rebecca offers you information about these existing and emerging security and privacy risks and provides fresh insights into the impacts of exploiting these risks, and gives guidance, tips, expert advice, news, with fascinating guests, to help all organizations, and the general public, understand what they need to do to mitigate these risks.

  • Snag
  • ecard
  • Bookmark and Share
Rebecca Herold

Rebecca Herold

Rebecca has over 25 years of systems engineering, information security, privacy and compliance experience, is CEO of The Privacy Professor(r) consultancy she founded in 2004. Rebecca has authored 19 books, contributed to several dozen other books, and published hundreds of articles. Rebecca led the NIST Smart Grid Privacy Subgroup for seven years, was a co-founder and officer of the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group, and is on numerous advisory boards. Rebecca was an Adjunct Professor for the Norwich University MSISA program for nine years. Rebecca has received numerous awards for her work, and has provided keynotes on five continents to date. Rebecca is frequently interviewed, including regularly on the KCWI-TV (Des Moines) morning television show, serves on Advisory and Directors boards, provides expert witness services, and is quoted in diverse broadcasts and publications. Rebecca holds the following certifications: FIP, CISSP, CISA, CISM, CIPT, CIPM, CIPP/US, FLMI. Rebecca is based in Des Moines, Iowa, USA.

  • Snag
  • ecard
  • Bookmark and Share


This site is protected by Trustwave's Trusted Commerce program