Day Two Cloud 191: Modernizing Cloud Security And Optimizing Costs With Jo Peterson

Today’s Day Two Cloud delves into cloud security and cloud cost optimization for SaaS and public clouds. Our guest is Jo Peterson. On the security front, we compare and contrast traditional on-prem and cloud security challenges, explore the shared responsibility model of cloud security, and get into issues around security posture management, identy and access management, integrating security into CI/CD pipelines. For cost optimization we discuss the growing concern about cloud costs, why cost optimization tools still need humans with situational awareness, tips for tracking multicloud spending, and more. Jo Peterson is VP, Cloud and Security Services at Clarify 360. Show Links: @cleartechtoday – Jo Peterson on Twitter Jo Peterson on LinkedIn ClearTech Research – YouTube   Transcript: [00:00:00.330] – Ned Welcome to day two. Cloud. And today we are talking about cloud security and cloud cost optimization with our new friend Jo Peterson. She’s the VP of Cloud and Security Services over at Clarify 360 and she has some some new terms to introduce us to Ethan, doesn’t she? [00:00:20.150] – Ethan Do you know what a CSPM C-W-P-P-C-I-E-M or C-N-A PR? Ned and I didn’t we faked our way through some guesses though with Jo, which was glorious to sit here as the people who talk cloud all the time. Ned and she was throwing all kinds of newer acronyms at us. [00:00:36.890] – Ned Yeah, it’s good to know that I haven’t learned everything that exists in the cloud. There is still more unexplored. So enjoy learning what all those acronyms mean with Jo Peterson. Welcome to the show, Jo. We’re very excited to have you. Could you tell the listeners a little bit about yourself, who you are and what being a VP of Cloud and Security Services entails? [00:01:02.930] – Jo Sure thing. Thank you so much for having me, you guys. I’m enjoying my time with you today. So Clarify 360 is a consulting firm that works with primarily enterprise clients to source It services in five areas cloud connectivity, collaboration, security, and software. We work with eleven of the Fortune 500 today, and my team of engineers and I are focused on auditing, benchmarking and sourcing for projects around cloud, cloud security and cybersecurity. That’s what I do with my day. [00:01:35.500] – Ned Okay, so you’re in there in the trenches doing the real work instead of us podcasters pontificating from on high. So that’s good. So let’s pick your brain a little bit, especially about cloud security. When you’re considering cloud security, that could be a pretty broad topic. So what do you mean by cloud to begin with? We’ll start with that. Are we talking about just the big three public cloud providers? Are we talking about SaaS offerings, private cloud, or is it just all of the above? [00:02:04.080] – Jo So I see your point. Cloud has become a pretty ubiquitous term and we work mostly with enterprise clients across a number of verticals. So those clients are both hybrid and multicloud. And our clients are a microcosm, I think, of the end user landscape at large. I tell folks that as it relates to cloud security, they need to be concerned about east west traffic and north south traffic because they affect both of those things that you mentioned. [00:02:34.240] – Ned Okay, so when you’re talking about east west in the context of cloud, how do you envision that traffic versus north south in the cloud? [00:02:43.910] – Jo Right?