EPISODE · May 5, 2026 · 9 MIN
Who Owns Cloud Security?
from The ITSM Practice: Elevating ITSM and IT Security Knowledge · host Luigi Ferri
A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps.In this episode, we answer to:Who is really accountable for cloud security failures?Why do misconfigurations cause most cloud data breaches?How does ISO/IEC 27017 strengthen cloud security governance?Resources Mentioned in this Episode:ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.htmlVanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website, article "ISO 27017: cloud protection essentials", link https://nordlayer.com/learn/iso/iso-27017/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
What this episode covers
A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps.In this episode, we answer to:Who is really accountable for cloud security failures?Why do misconfigurations cause most cloud data breaches?How does ISO/IEC 27017 strengthen cloud security governance?Resources Mentioned in this Episode:ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.htmlVanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website, article "ISO 27017: cloud protection essentials", link https://nordlayer.com/learn/iso/iso-27017/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
NOW PLAYING
Who Owns Cloud Security?
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m