Who Owns Cloud Security? episode artwork

EPISODE · May 5, 2026 · 9 MIN

Who Owns Cloud Security?

from The ITSM Practice: Elevating ITSM and IT Security Knowledge · host Luigi Ferri

A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps.In this episode, we answer to:Who is really accountable for cloud security failures?Why do misconfigurations cause most cloud data breaches?How does ISO/IEC 27017 strengthen cloud security governance?Resources Mentioned in this Episode:ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.htmlVanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website, article "ISO 27017: cloud protection essentials", link https://nordlayer.com/learn/iso/iso-27017/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya

A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps.In this episode, we answer to:Who is really accountable for cloud security failures?Why do misconfigurations cause most cloud data breaches?How does ISO/IEC 27017 strengthen cloud security governance?Resources Mentioned in this Episode:ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.htmlVanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website, article "ISO 27017: cloud protection essentials", link https://nordlayer.com/learn/iso/iso-27017/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya

NOW PLAYING

Who Owns Cloud Security?

0:00 9:15

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The ITSM Practice: Elevating ITSM and IT Security Knowledge?

This episode is 9 minutes long.

When was this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode published?

This episode was published on May 5, 2026.

What is this episode about?

A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017...

Can I download this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!