Professional Documents
Culture Documents
Cloud Architecture 1 Microsoft Learn
Cloud Architecture 1 Microsoft Learn
Cloud Architecture 1 Microsoft Learn
" 100 XP
While these could be part of any security modernization plan, the rapid
pace of change in the
cloud makes adopting them an urgent priority.
Build and implement a security strategy for cloud that includes the
input and active participation
of all teams. While the process
documentation format can vary, it always includes:
Deliverables
The strategy step should result in a document that can easily be communicated to many
stakeholders within the organization. The stakeholders can potentially include executives on the
organization's leadership team.
Strategy presentation: You might have a single strategy presentation, or you might choose
to also create summary versions for leadership audiences.
Full presentation: This should include the full set of elements for the security strategy in
the main presentation or in optional reference slides.
Executive summaries: Versions to use with senior executives and board members might
contain only critical elements relevant to their role, such as risk appetite, top priorities, or
accepted risks.
You can also record motivations, outcomes, and business justifications in the strategy and
plan template .
Align closely to business strategy: Security's charter is to protect business value. It's critical
to align all security efforts to that purpose and minimize internal conflict.
Integrate security early into cloud adoption to avoid last-minute crises from avoidable
risks.
Modernize security strategy: The security strategy should include considerations for all
aspects of modern technology environment, current threat landscape, and security
community resources.
Integrate the security community to keep up with the pace of attacker evolution.
Security leadership team (chief information security officer Cloud strategy team
(CISO) or equivalent)
Strategy approval
Executives and business leaders with accountability for outcomes or
risks of business lines within
the organization should approve this
strategy. This group might include the board of directors,
depending on
the organization.
Continue T