
Who Owns Cloud Security?
From The ITSM Practice: Elevating ITSM and IT Security Knowledge by Luigi Ferri
May 5, 2026 · 9 min · Season 3 · Episode 17
About this episode
This episode discusses the cloud shared responsibility model and its implications for cloud security.
A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps. In this episode, we answer to: Who is really accountable for cloud security failures? Why do misconfigurations cause most cloud data breaches? How does ISO/IEC 27017 strengthen cloud security governance? Resources Mentioned in this Episode: ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.html Vanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017 Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website…
People in this episode
Host: Luigi Ferri
Topics covered
- cloud security
- shared responsibility model
- data breaches
- ISO standards
- cloud governance
Keywords
- cloud security
- ISO/IEC 27017
- data breaches
- misconfigurations
- cloud governance
Mentioned in this episode
Organizations: ISO/IEC 27017, Vanta, Microsoft, Safeshield, NordLayer
More episodes of The ITSM Practice: Elevating ITSM and IT Security Knowledge
- What DoDAF Can Teach Leaders About Architecture and Complexity · June 9, 2026 · 11 min
- Identity Is the New Perimeter · June 2, 2026 · 10 min
- FINMA and ITIL 4: Building Resilient Swiss Banks · May 26, 2026 · 10 min
- Broken Transmission: Why Fintech Strategy Fails · May 19, 2026 · 6 min
- FINOS vs ISO 42001: What to Choose · May 12, 2026 · 9 min
- CISO Strategy: Where Product Security Fails at Scale · April 28, 2026 · 8 min
Explore listener stats, chart rankings, contacts and more on the The ITSM Practice: Elevating ITSM and IT Security Knowledge podcast page.