Is Cloud Computing Really New? And Other Insights on the Changing Face of Cloud

Kurt Hagerman, CxO Advisor, Cyber Strategy, Coalfire

What is cloud computing, and why is its increased use getting so much attention? In my view, cloud computing is just the latest iteration of what started back in the days of the IBM service bureaus of the 1960s and ‘70s. Back then, only a handful of organizations had the resources to own and operate IBM mainframe computers. Those that did eventually realized they were only using a fraction of these computers’ capacity; and so, they came up with a novel approach – rent computing time to other organizations that couldn’t afford to own a mainframe themselves but could take advantage of the computing power they offered. This was easily done given the security model and ability to partition memory and processing built into the mainframe. Voila! Cloud computing was born!

Since then, computing has gone through several transformations, from client/server to hosting, application service providers (ASP), virtualization, and, finally, what we now call cloud computing. In each case the goal was the same: efficiently use computing resources and share the management of them. The underlying technology kept evolving, making it easier to accomplish the goal while enabling greater functionality. We have Jeff Bezos to thank for the current trend of public cloud computing, as Amazon Web Services (AWS) was the first big player in this market.

As Gartner points out in its report “Predicts 2019: Increasing Reliance on Cloud Computing Transforms IT and Business Practices,” “cloud computing” is shifting from an isolated delivery option to an all-encompassing computing strategy. In other words, cloud is just the latest iteration of IT rather than a novel, niche technology. Just as with all the iterations of the past, organizations are taking advantage of the latest technology innovations to deliver IT solutions that enable the business to compete and deliver their services to customers in the manner they expect and demand.

Counter to the initial thought that eventually everything would “move” to the cloud, in its report, Gartner now points out that by 2022, a large majority of organizations will have adopted a multi- or hybrid cloud IT strategy, and that public cloud services will be essential for 90% of business innovation. During this same time, however, less than 10% of these deployments will take advantage of the full promise of portability being proffered by today’s major cloud providers.

What this means is that organizations need to avoid the rush to embrace cloud services just for the sake of embracing them; they must look at the cloud as part of their evolutionary journey, and apply the same thought processes, planning, and implementation strategies as they have with all the prior “IT transformation” iterations. They must carefully plan for the ongoing security of the solutions they implement. Only with careful planning, guided by a well-considered strategy, can today’s organizations hope to fully realize the full promise of “cloud computing.”

Kurt Hagerman


Kurt Hagerman — CxO Advisor, Cyber Strategy, Coalfire

Recent Posts

Post Topics



Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff CISO cloud CMMC CoalfireOne Compliance Covid-19 credit cards C-Store Culture Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DevSecOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi women XSS