Cloud trust

Every cloud needs a resilient trust lining

The potential of cloud is clear - with benefits like cost optimisation, better IT governance, faster turnaround time, operational efficiency, improved accessibility and service innovation. Many executives agree that cloud adoption will be an integral part of their digital transformation plans. However, these benefits also come with potential threats. According to the Digital Trust Insights Survey 2021: Singapore findings, cloud is also one of the leading threat vectors for organisations, topping the list of threats that will have significantly negative impact. But this threat landscape can be navigated with the right considerations. Are you ready to reevaluate your organisation’s cloud readiness, architecture and security to move forward with confidence and embrace the potential of cloud?

As cloud technology adoption increases exponentially, so does the need for organisations to manage the risks of the cloud environments.

Playback of this video is not currently available


Cloud trust

Deb Pal (Director, Cloud Trust) deep-dives into the considerations for adding a safe and secure trust lining for public cloud.

What should organisations be thinking about when embarking on the cloud trust journey?

Business considerations:

  • Strategy: Aligning the cloud implementation objectives and strategy to overall business strategy.
  • Operating model: Adopting cloud whilst ensuring operational effectiveness during the transition.
  • Risk and governance: Robust controls and governance of your cloud infrastructure.
  • Skills and capabilities: Upskilling and empowering your workforce to utilise cloud computing technologies.
  • Third party management: Understanding the shared responsibility model for the cloud.

Technical considerations:

  • Cloud strategy: Identifying the right adoption strategy: cloud, multi-cloud or hybrid-cloud.
  • Data security/privacy: Securing the cloud, company and user data against external and internal threats.
  • Architecture: Establishing the cloud architecture and ensuring it is secure, resilient and future-ready.
  • Cybersecurity: Evaluating the maturity of the hybrid and multi-cloud, network, perimeter and endpoint security.
  • Regulations: Ensuring adherence to evolving regulations and industry guidelines for cloud infrastructure.

The first steps for organisations to build trust into their cloud journey - how PwC can help

Pre-adoption: Developing a cloud strategy in line with business outcomes

A cloud strategy aligned with business goals can help companies effectively manage the business and technological aspects in the cloud. We can help you develop a holistic cloud strategy to help your companies navigate risks with confidence and security through the different phases of your cloud journey.

Our experience in business, technology, risk and controls provides powerful insights into how building trust in cloud computing can transform your business and address common pitfalls.

Adoption: Implementation of a cloud trust framework for your organisation

PwC’s control objective based cloud trust framework is capable of addressing comprehensive hybrid and multi cloud risk, control, security and governance needs. The cloud trust framework leverages the industry's leading regulations and guidelines e.g. CSA CCM, NIST, ISO27K, MAS TRM, ABS 2.0, Government standards, etc. which enable us to provide oversight across the below four risk domains:

1. Strategy and governance

Integrate security, privacy, and risk management into the overall cloud transformation business case and roadmap.

2. Operations and automation

Devise robust cloud security operations and preventive controls.

3. Core and foundational capabilities

Enable secure integration of IT infrastructure with the broader business.

4. Data privacy and protection

Provide controls that build the customer's confidence in security of sensitive data.

Post-adoption: An efficient cloud operation with continuous compliance

With the dynamic nature of a multi-cloud ecosystem, it is imperative that organisations conduct periodic reviews of operating procedures, processes and technical controls. This enables:

  1. An assessment of operational effectiveness in line with the cloud trust framework and principles
  2. Monitoring of the control landscape in real-time, to gain deeper insights on gaps, threats and achieve continuous compliance
  3. Keep abreast of the competitive landscape and gain an insight against industry peers
Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Contact us

Kyra Mattar

Kyra Mattar

Third Party Trust Leader, PwC Singapore

Tel: +65 9735 2506

Jayme Metcalfe

Jayme Metcalfe

Partner, Digital Solutions, PwC Singapore

Tel: +65 8729 0306