How to Evolve Security for the Cloud: McKinsey with Google Cloud


Of your peers have already read this article.

8:30 Minutes

The most insightful time you'll spend today!

Delve into McKinsey's eye-opening research that creates a framework using 6 cloud-cybersecurity models and studies the economics of cloud security.

Not too long ago, McKinsey released a report titled “Making a secure transition to the public cloud,” the result of interviews with IT security experts at nearly 100 enterprises around the world.

Leveraging the expertise of Google Cloud and McKinsey security experts, the research presents a strategic framework for IT security in cloud and hybrid environments, and provides recommendations on how to migrate to the cloud while keeping security top of mind.

The research shows what many already know: that public cloud adoption is accelerating thanks to increased technical flexibility, simpler scaling, and lower operating costs.

What’s exciting is that the research also reveals that many Chief Information Security Officers (CISOs) no longer view security as an inhibitor to adoption but instead an opportunity.

“In many cases [CISOs] acknowledge that cloud service providers’ security resources dwarf their own,” the authors write—and now these companies are focused on how to best adopt and configure cloud services for increased security.

The research identifies three common archetypes for perimeter security: backhauling, cleansheeting, and adopting cloud provider controls by default.

  • Backhauling allows companies to continue managing IT security on-prem, with an external gateway connecting the data center to the public cloud. Approximately half of the companies surveyed currently use this model, but only 11% plan to continue doing so, since it can keep companies from realizing certain cloud benefits, such as agility.
  • Cleansheeting requires greater investment and expertise, as it calls for redesigning IT security around a “virtual perimeter” and leveraging multiple cloud-native tools and services.
  • Using cloud provider controls is the most cost-effective solution, but—depending on the cloud provider—can limit autonomy and may offer limited capabilities.

McKinsey uses these three models, along with the decision to re-architect applications for the cloud, to identify six “archetypes” for cloud security. Each archetype has its own tradeoffs.

The report also includes a tactical 10-step plan for successful cloud migration. Download it now.

More Relevant Stories for Your Company


Beaconing Malware: How CISOs Can Catch it With Threat Analytics in Just a Few Clicks

Are you checking your network for beacon activity? If you aren't you are risking your business' reputation and customer data. Beaconing is the practice of sending short and regular communications from an infected host to an attacker-controlled Command and Control server, compromising internal information. These threats often go undetected but with


Three Lesser-Known Ways to Protect Your Customers and Business From Phishing and Fraud

Your users are critical to your business, and you need security controls to keep them — and your business — safe. Built from years of Google Cloud technology and experience, these security features focus on keeping users safe on the web. You can reduce online fraud (chargebacks, hijackings, and abuse)


Learn to Use reCAPTCHA Enterprise to Protect Your Website from Fraud

One of the top questions enterprises have is: How can I use reCAPTCHA Enterprise to protect my website from online fraudulent activity? Fraudulent web activities cost enterprises billions of dollars each year. Security teams need to keep the bad actors out of their websites and ensure that their customers can


5 Compelling Ways to Practice the Principle of Least Privilege for Security Leaders

When it comes to security, managing access is a foundational capability—whether you’re talking about a physical space or your cloud infrastructure. If you were securing an office, you wouldn’t give every employee a master key that can open the front door, the mailbox, and the safe. Likewise, when you’re securing