Today on Dark Reading, Dawn Kawamoto wrote about Chevron’s journey to the cloud. At the ISC(2) Security Congress in Austin, Gretchen Myers, Chevron’s team lead for security strategy and emerging technologies, outlined a path to the cloud that focuses more on process than technology.

In describing her company’s approach, Myers talked about the steps it took to identify which vendors and websites its employees were connecting to, as well as what the security implications would be for its APIs. Also top of mind: how to secure Chevron’s data when working with a cloud service provider.

It’s exactly how companies should be thinking before heading to the cloud. Just because security is in place on premises, it does not mean it extends to the cloud.

ESG senior principal analyst talked about some of the common misperceptions around cloud and security recently with Don Meyer, head of Marketing for cloud security at Check Point. You can watch that conversation here.