I have a blog up on the State of Security blog this week about (of all things)... Armoured Cars (sorry Americans, I'll "UK"-ise this spelling even if the post itself doesn't!): https://www.tripwire.com/state-of-security/lessons-armored-cars-cloud-computing

We employ a lot of militaristic terms in the IT security sector, and the language of defense is robust in part because it draws upon a rich history of technical innovations

I really enjoyed writing this one and thinking about "ancient" lessons - here's a summary for those who want to learn the lessons without the history:

• Expanding your capability requires additional maintenance and thought about how you protect your assets. Chinks in your armor are what the enemy will exploit – minimizing gaps means reducing unnecessary exposure.

• Make sure you’ve got the skills to back your new cloud security deployments and that your engineers have the tools to implement the best security practices easily.

• Y_our existing security tools will probably work – but they should be tested and refined to reflect their new usage. Plan ahead for great specialization and make sure your security tools are offering cloud support even if you don’t intend to use it straight away._

• Empowering your users with security tools allows for a whole new class of security. Making sure your tools are easy to use and integrate into new areas of the business is key.

Don't forget to hop over to the article itself to have a look at why these lessons matter decades ago, as well as today!