I recently attended a regional meeting of the Executive Women's Forum which is made up of a large group of women, all working in the information security industry. The meeting was held at Morgan Stanley in New York, and the line-up for the meeting started with Jody Leber Pay, executive director at Morgan Stanley, talking about "change." Her talk was followed by break-out sessions kicked off by CA's Lina Liberti, vice president in CA's security business unit, where we discussed key issues such as:

• How the cloud changes the security professional's role
• How to prevent parts of their organization from engaging in unauthorized cloud usage

The two discussions melded well as one of the comments to Jody's talk was that "change is changing." This was in reference to the accelerated rate in which technology is changing. Whether Moore's Law is responsible or a combination of things, the time it takes for new technology to roll-out and become adopted is compressing. We've seen this with the cloud.

Acknowledging that the cloud is driving change in organizations, I'd like to share a few of the takeaways the four break-out groups had as they discussed cloud.

• Security professionals will need to collaborate more with the legal team as movement to the cloud will drive more detailed contract negotiations. They also will need to be more involved in vendor management and adopt the mindset of an auditor to ensure audit and compliance demands are met (but hopefully they already are doing that).
• In order to prevent your organization from unauthorized use of the cloud, you should embrace the movement and offer "training wheels" to help them get started with an approved provider and appropriate data.
• Some of the biggest concerns about cloud include risk, security, compliance, and control (who owns the data?). The reality: you can't outsource risk. You are still accountable for security and compliance.
• There is a clear maturity model for cloud computing. Your organization must be as efficient as possible in its internal IT operation before moving it to the cloud.

Side note:  Speaking of change, CA recently announced the official changing of the guard as the board named Bill McCracken to the position of chairman and CEO. In appointing Bill, CA maintains the continuity of an already-strong executive team that has led the company to a string of successful quarters. You can learn more about Bill in his bio, and check out the recent clean energy interview he had with CNBC in December: http://bit.ly/9BnCyH.