Savings and Security: The Dual Benefits of FinOps and the Cloud – Security Boulevard
The Home of the Security Bloggers Network
Home » Cybersecurity »
In Thales’ 2024 study, “Boom Times for the Cloud: Is Security Ready?”, 44% of respondents said their organization experienced a data breach in the previous year, with a third of the breaches caused by misconfigurations or human error. Furthermore, according to IBM, a data breach’s financial toll on an organization climbed almost 10% in 2024, reaching an average of $4.88 million.
The demand for the cloud has not only reached new heights but generative artificial intelligence (GenAI) requires companies to consume even more. A cloud and AI survey from PwC found roughly 65% of organizations they identified as top performers had already developed GenAI-based products and services.
As cloud usage and costs grow, so do security risks and vulnerabilities. Organizations can adopt FinOps, a cloud financial management practice promoting shared accountability among engineering, finance and operations teams to balance innovation, security and cost efficiency. FinOps helps businesses optimize spending, enhance resource management and proactively address security threats through cost transparency, governance, real-time monitoring and cross-functional collaboration — resulting in a secure, agile and fiscally responsible cloud environment.
FinOps creates cross-departmental collaboration among business, finance, technology and engineering leaders to provide deeper visibility into, and understanding of, expenses. While the primary focus of FinOps is typically financial management, it can play a decisive role in enhancing security. By weaving such considerations into the fabric of economic decision-making, organizations can designate resources in ways that fortify security infrastructure as well. Examples include:
FinOps isn’t a magic wand: It requires a multi-step approach to implement and embed in an organization’s culture. It starts with the creation of a cross-department base that includes all teams. This brings equal weight to what can seem like competing priorities. It also keeps decisions from being made in siloes, ensuring cost and security are both always discussed. This, again, prevents misconfigurations and the added expense of correcting them.
Regarding tools, cost management and security monitoring technology can verify that such key readings are evaluated simultaneously, side-by-side. Utilizing resource tags can also allow the tracking of costs and the identification of security risks. Additionally, budget alerting can detect cost deviations that result from security vulnerabilities introduced by bad actors.
Automation can further embed FinOps into daily operations. For instance, leveraging tools for policy-as-code can automate governance in security and financial oversight areas. You can limit resources and eliminate overprovisioning, too. What’s more, security leaders can set least-privilege access, mandatory encryption and nail down settings across the cloud.
Finally, with FinOps and security, applying, following and optimizing practices consistently is essential. The right mindset views security as a cost and a critical investment in protecting assets, customer relations and the bottom line.
Moving forward, integrating FinOps strategy with a security framework should be more than a consideration – it could prove essential. Still, remember that FinOps requires a steady-as-it-goes approach to achieve significant, ongoing cost and security benefits. Regular and thorough cloud usage reviews are also critical for lowering resource inefficiency, simultaneously raising security hygiene.
Stay consistent, and you will build on your success safely and securely.
Eric Ethridge is a senior technical account manager at DoiT, guiding customers of all sizes and industries through cloud adoption and optimization journeys. With over a decade of IT experience, including roles at AWS and the U.S. Air Force, Eric possesses a unique blend of technical expertise and strategic insight. He holds an MBA and multiple certifications in AWS and Google Cloud, focusing on helping customers economically scale their cloud-native architecture with robust cloud FinOps practices. Passionate about sharing knowledge, Eric is dedicated to empowering his customers to achieve their goals and thrive in their cloud journey
eric-ethridge has 1 posts and counting.See all posts by eric-ethridge
source
This article was autogenerated from a news feed from CDO TIMES selected high quality news and research sources. There was no editorial review conducted beyond that by CDO TIMES staff. Need help with any of the topics in our articles? Schedule your free CDO TIMES Tech Navigator call today to stay ahead of the curve and gain insider advantages to propel your business!
Home » Cybersecurity »
In Thales’ 2024 study, “Boom Times for the Cloud: Is Security Ready?”, 44% of respondents said their organization experienced a data breach in the previous year, with a third of the breaches caused by misconfigurations or human error. Furthermore, according to IBM, a data breach’s financial toll on an organization climbed almost 10% in 2024, reaching an average of $4.88 million.
The demand for the cloud has not only reached new heights but generative artificial intelligence (GenAI) requires companies to consume even more. A cloud and AI survey from PwC found roughly 65% of organizations they identified as top performers had already developed GenAI-based products and services.
As cloud usage and costs grow, so do security risks and vulnerabilities. Organizations can adopt FinOps, a cloud financial management practice promoting shared accountability among engineering, finance and operations teams to balance innovation, security and cost efficiency. FinOps helps businesses optimize spending, enhance resource management and proactively address security threats through cost transparency, governance, real-time monitoring and cross-functional collaboration — resulting in a secure, agile and fiscally responsible cloud environment.
FinOps creates cross-departmental collaboration among business, finance, technology and engineering leaders to provide deeper visibility into, and understanding of, expenses. While the primary focus of FinOps is typically financial management, it can play a decisive role in enhancing security. By weaving such considerations into the fabric of economic decision-making, organizations can designate resources in ways that fortify security infrastructure as well. Examples include:
FinOps isn’t a magic wand: It requires a multi-step approach to implement and embed in an organization’s culture. It starts with the creation of a cross-department base that includes all teams. This brings equal weight to what can seem like competing priorities. It also keeps decisions from being made in siloes, ensuring cost and security are both always discussed. This, again, prevents misconfigurations and the added expense of correcting them.
Regarding tools, cost management and security monitoring technology can verify that such key readings are evaluated simultaneously, side-by-side. Utilizing resource tags can also allow the tracking of costs and the identification of security risks. Additionally, budget alerting can detect cost deviations that result from security vulnerabilities introduced by bad actors.
Automation can further embed FinOps into daily operations. For instance, leveraging tools for policy-as-code can automate governance in security and financial oversight areas. You can limit resources and eliminate overprovisioning, too. What’s more, security leaders can set least-privilege access, mandatory encryption and nail down settings across the cloud.
Finally, with FinOps and security, applying, following and optimizing practices consistently is essential. The right mindset views security as a cost and a critical investment in protecting assets, customer relations and the bottom line.
Moving forward, integrating FinOps strategy with a security framework should be more than a consideration – it could prove essential. Still, remember that FinOps requires a steady-as-it-goes approach to achieve significant, ongoing cost and security benefits. Regular and thorough cloud usage reviews are also critical for lowering resource inefficiency, simultaneously raising security hygiene.
Stay consistent, and you will build on your success safely and securely.
Eric Ethridge is a senior technical account manager at DoiT, guiding customers of all sizes and industries through cloud adoption and optimization journeys. With over a decade of IT experience, including roles at AWS and the U.S. Air Force, Eric possesses a unique blend of technical expertise and strategic insight. He holds an MBA and multiple certifications in AWS and Google Cloud, focusing on helping customers economically scale their cloud-native architecture with robust cloud FinOps practices. Passionate about sharing knowledge, Eric is dedicated to empowering his customers to achieve their goals and thrive in their cloud journey
eric-ethridge has 1 posts and counting.See all posts by eric-ethridge
source
This article was autogenerated from a news feed from CDO TIMES selected high quality news and research sources. There was no editorial review conducted beyond that by CDO TIMES staff. Need help with any of the topics in our articles? Schedule your free CDO TIMES Tech Navigator call today to stay ahead of the curve and gain insider advantages to propel your business!
