Overview > > >

Framework 2.0

    categories
  • Providing cloud strategy execution aligned with strategic business drivers, general IT strategy and sourcing strategy

    strategy
  • Involving the business in cloud transition, supporting them in adopting new cloud solutions to increase business value

    business
  • Facilitating an organisational structure that enables successful cloud use and building up necessary cloud knowledge and capabilities

    organisation
  • Designing, building and continuously improving the cloud platform (including landing zones, IAM, connectivity and integration) for the sole purpose of serving the business

    platform
  • Fostering a culture where innovativeness leads, people learn and adapt quickly, responsibility and autonomy are embraced, and business & IT work seamlessly

    culture
    capabilities
  • Maintaining a desired speed of cloud adoption and digital transformation according to the cloud strategy and KPIs

    cloud strategy execution
  • Realising the optimal mix of cloud services, products and suppliers according to cloud strategy

    strategic sourcing
    capabilities
  • Creating cooperation amongst DevOps and value teams, IT, and the various cloud stakeholders to automate processes, and spread knowledge and competences so that the CCoE becomes obsolete

    business support
  • Supporting the deployment, change management and policy compliance of applications, infrastructure and services using automation pipelines by autonomously operating business teams

    cloud solution management
  • Acquiring full control of the cloud services provided by the CCoE and those supplied by external services and suppliers

    cloud services & supplier management
    capabilities
  • Enhancing and embedding organisation wide cloud expertise, proactively and continuously, so that a CCoE is not needed anymore for that purpose

    knowledge management
  • Reorganising teams, mandates and responsibilities, the way of working within and amongst those teams, so that competences and talents are optimally used

    organisation development
    capabilities
  • Providing for an effective and efficient cloud platform that is designed according to the guidelines and principles which is flexible with a high level of self service opportunities

    platform development
  • Enabling the business to increase innovation in a controlled way by providing a platform so the operational processes are automated as much as possible

    platform operations
  • Providing fully automated tooling, reporting and recovery in the area of security and compliance of the cloud platform and the solutions it serves

    security operations
    capabilities
  • Developing leadership styles that are based on a validated mission and vision allowing for continuous innovation

    innovative leadership
  • Creating common ground for digital transformation and cloud transition

    change management
    building blocks
  • Achieving and monitoring the objectives of the cloud strategy, during and post transformation

    strategic value tracking
  • Identifying and maintaining active relations with those stakeholders who are likely to contribute to successful transformation

    stakeholder management
  • Maintaining an enterprise architecture that fully supports and contributes to the realisation of the objectives of the cloud strategy

    cloud focused enterprise architecture
    building blocks
  • Selecting and contracting cloud partners and suppliers that bring strategic value and positively impact the creation of value for the organisation and business

    partner selection & contracting
  • Facilitating and managing full alignment of the services provided by the different cloud partners and suppliers for the purpose of (cost) efficiency and integration

    partner alignment
    building blocks
  • Building, maintaining and sharing sufficient cloud knowledge in the organisation

    knowledge building & sharing
  • Ensuring sufficient cloud expertise through accessible and efficient cloud training and certifications

    learning paths
    building blocks
  • Initially setting up and continuously optimising the responsibilities, tasks, roles and positioning of the CCoE in the organisation and in relation to other organisational components

    CCoE formation & positioning
  • Adopting a way of working through which the CCoE enables the organisation to adapt to business needs and organisational changes

    way of working & mandate
  • Shaping and facilitating cloud talent acquisition and development

    career & incentive management
    building blocks
  • Initial design and implementation of a cloud platform (foundation) and landing zones that perform checks, offers guidelines and services to be used by (DevOps) teams

    platform design & build
  • Creating, managing and deploying re-usable reference architectures to be used to build solutions

    reference architectures
  • Ensuring that the platform and solution architectures used are consistent with the principles and guidelines laid down in the enterprise architecture

    enterprise architecture alignment
    building blocks
  • Creating and evangelising core values that are in line with vision, mission and change process

    core values & vision
  • Creating support for change in the formal and informal network of the organisation

    leadership of change
    building blocks
  • Creating new rituals and stories that strengthen and develop new behaviour towards cloud

    storytelling & rituals
  • Creating an environment feeding a continuous drive for optimisation and innovation

    continuous improvement

SecOps & threat management

“Configuring security tools and processing information security events”

overview

cloud security is a shared responsibility”

Organisations are under constant threat of cyber attack. Assuming the measures in place will suffice in keeping hackers at bay, is not a smart strategy. The organisation must adapt continuously to threats. Assuming the cloud service provider takes full care of security would be a mistake. In the public cloud, security of the platform and solutions are the organisation’s responsibility. The cloud service provider is responsible for security of the cloud, you are responsible for security in the cloud. Even when using SaaS solutions, it is wise not to put blind faith in the cloud service provider.

It is better to proactively monitor platforms and solutions on intrusions, unexpected behaviours, failed access attempts and other anomalies.

Use systems that are able to detect and react to ransomware attacks, DDoS attacks, zero day vulnerabilities and the like.

Important is not to rely on human intervention. Instead, automate responses to identified threats. Optimising the automated response of the platform (foundation) is a continuous task of the team operating the platform.

Solutions, developed by DevOps teams, must comply with the organisation’s corporate information protection standards as well as legislation. Dashboards and reports should be made available to all stakeholders and parties involved detailing the compliance level as well as advise how to address issues. Follow up with DevOps teams, partners or other stakeholders ensures that security levels of solutions are also continuously adapted and improved.

activities checklist

initial:

  • Determining the need for logging and auditing information
  • Choosing and configure tools, such as SIEM, a CASB or a ransomware detection aware backup solution
  • Defining or adapting and implementing a process for performing SecOps and threat management
  • Setting KPIs for performing SecOps & threat management
  • Implementing dashboards and/or reports

recurring:

  • Continuously improving the platform leveraging its security services
  • Automating responses to identified threats
  • Informing DevOps teams of compliance levels and issues
  • Gathering relevant audit trails for SaaS applications

cloud governance RASCI

cloud consultantinformed
cloud architectconsulting
cloud security specialistaccountable
cloud developerinformed
cloud engineerresponsible
cloud analystresponsible
product owner CCoE
management
cloud partnersinformed
DevOps teamresponsible
business stakeholder
architecture
securityresponsible
finance
procurement