The cloud — and outsourcing in general — breaks off pieces of the stack beneath any given application. That removes the stack from an enterprise CISO’s control, says Wendy Nather, a senior analyst in The 451 Group’s enterprise security practice. Nather: “In a standards and visibility vacuum, this is what we see being picked up to enable businesses to move forward” There are growing opportunities for centralized internal security management services, she says. The job of a CISO is increasingly becoming about not just policy creation and risk management, but contract and supply chain management.”]
Source: https://www.csoonline.com/article/2126189/the-cloud-that-broke-the-stack.html