The Corporate Board has asked for information related to moving business operations to the Cloud. They want to know if by doing so, they would be more secure from cyber-attacks?

  Create a position that you (as the CISO) would take to the Corporate Board.  You just learned about EA – where the process focused on business threads and how IT enables them…and talked about which business processes are more valued (e.g., intellectual property development efforts, processes that are the main income streams, etc.).

 You also learned the foundations of an enterprise cybersecurity architecture and program.

So, if you have three business processes, what would your thought process be on which business processes to move to the cloud? Would you recommend one…or maybe only two – if so, why not the other one?  Based upon what?