The Cloud Security Notification Framework – Bringing Value to  Hybrid-Multi-Cloud Consumers

The Cloud Security Notification Framework – Bringing Value to Hybrid-Multi-Cloud Consumers

As an old IT Ops person, it’s easy to look back at a career full of important, necessary tasks.  Stuff needed to get done.  People needed to do them.  I was one of those people.  It was a sobering day when I came to realize that “necessary” didn’t really mean valuable from a business perspective.  As it turns out, configuring servers, networks, storage systems and firewalls was NOT our business…EVER!  Who knew?  

Now every IT executive, from Engineering to DevXXXOps knows this truth. All of us and our teams are on a relentless quest to eliminate technical debt and the rucksack of unnecessary toil.  There has been one area, however, that has been off the radar with regard to eliminating this bothersome grind….Cloud.  While everyone is talking about digital transformation, little attention has been paid to the tech debt and related toil stacking up while implementing hybrid, multi-cloud footprints.  ONUG has identified this as a barrier to increased cloud adoption and digital transformation and has labeled it “The Wall of Worry”, and is doing something about it!

ONUG’s Automated Cloud Governance (ACG) Working Group is leading an effort known as the Cloud Security Notification Framework (CSNF).  CSNF is an Open Source initiative tackling a serious issue of scale caused by the lack of standardization amongst Cloud Service Providers (CSP’s), particularly in the area of security event and security state messaging.  Presently, CSP’s report security event & state messages in their own, inconsistent formats.  This in turn causes enterprises additional toil, particularly in the area of their internal Security Data Lakes, where the messages need to be correlated, analyzed and acted upon.  This created overhead for consuming firms.  It’s toil and it is devoid of business value.

ONUG member firms like FedEx, Cigna and Raytheon Technologies are collaborating with Microsoft, IBM, Google and Oracle to fix this problem.  The fix is ONUG’s CSNF initiative.  ONUG will be hosting a Webinar on the CSNF and how it will bring value to multi-cloud enterprises in every industry.  Join us, along with representatives from Microsoft, Cigna, Red Hat and IBM to learn more how this initiative can help you reduce technical debt and drive increased cloud adoption in your company. Registration is here. 

Author's Bio

Mark Tierney

CTO, ONUG