Who Owns Cloud Security?

Who Owns Cloud Security?

From The ITSM Practice: Elevating ITSM and IT Security Knowledge by Luigi Ferri

May 5, 2026 · 9 min · Season 3 · Episode 17

About this episode

This episode discusses the cloud shared responsibility model and its implications for cloud security.

A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps. In this episode, we answer to: Who is really accountable for cloud security failures? Why do misconfigurations cause most cloud data breaches? How does ISO/IEC 27017 strengthen cloud security governance? Resources Mentioned in this Episode: ISO Standards website, standard ISO/IEC 27017:2015, link https://www.iso.org/standard/43757.html Vanta website, article "The ultimate guide to ISO 27017", link https://www.vanta.com/collection/iso-27001/guide-to-iso-27017 Microsoft website, article "ISO/IEC 27017:2015", link https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-iso-27017 Safeshield website, article "Why should SaaS companies comply with the ISO/IEC 27017 security standard for cloud service providers (CSP)", link https://www.safeshield.cloud/why-should-saas-companies-comply-with-the-iso-27017-security-standard-for-cloud-service-providers-csp NordLayer website…

People in this episode

Host: Luigi Ferri

Topics covered

  • cloud security
  • shared responsibility model
  • data breaches
  • ISO standards
  • cloud governance

Keywords

  • cloud security
  • ISO/IEC 27017
  • data breaches
  • misconfigurations
  • cloud governance

Mentioned in this episode

Organizations: ISO/IEC 27017, Vanta, Microsoft, Safeshield, NordLayer

More episodes of The ITSM Practice: Elevating ITSM and IT Security Knowledge

Explore listener stats, chart rankings, contacts and more on the The ITSM Practice: Elevating ITSM and IT Security Knowledge podcast page.