Another inherently “annoying” feature of security monitoring (apart from its “ongoing, need-to-do-it-forever” nature) is that somebody must actually do it. Yes, the dreaded “who will do the monitoring on a day to day basis?” question, who would be the “the human in the loop”, who will be ever-vigilant about security-relevant events, who will actually use the monitoring tools, etc?
Let me break this bit of news to you: cloud does NOT change it. Somebody still must do it. Now, that somebody might be spread across two or more organizations (your CSP, your MSSP, your own organization, the consultants you hired, etc), but they have to be there. When planning your cloud deployment – public, internal private, external private, whatever – you should always keep this in mind. Here is brief example from my upcoming research report on cloud security monitoring.
To learn more and to read the entire article at its source, please refer to the following page, Cloud Security Monitoring: The “Who” Question- Gartner