Intelligent CIO APAC Issue 26 | Page 51

COUNTRY FOCUS : PHILIPPINES helps us prioritize remediation of these so our security operations team is not overwhelmed .”
“ We are satisfied with the Aqua product and its feature enhancements ,” expressed Ferrer . “ We also like the visibility and support given by their local partner . In the past 12 months , we have expanded Aqua ’ s footprint twice and added new capabilities to our implementation .”
We asked Mel Migriño , Meralco Group CISO , further questions to find out more .
Can you describe how your legacy systems were falling short of your company ’ s requirements ?
Once we had made the decision to move to a fully cloud-native architect , we were experiencing several challenges with our existing systems . We found that there was a lack of visibility on workloads and the cloud environments . We were wasting time verifying components in the registry .
On a broader level , we wanted systems more suited to our transition from DevOps to DevSecOps and provide assurance to our stakeholders that new practices brought by this transition are effective and stable .
What was the thinking behind the decision to ‘ go serverless ’ and move to a cloud-native architecture ?
We decided several years ago to take a proactive stance to carry out our Digital Transformation journey . The appeal of ‘ going serverless ’ and moving to a cloudnative environment was that it offered our developers more agility when building and running applications .
We also wanted to take advantage of the inbuilt benefits of the serverless environment – it ’ s more scalable and flexible , which lets us focus on writing the code that will create the most business value . We can now run new Bayad applications more smoothly , which leads to an improved experience for our customers .
With Aqua , you are able to assess security risks in the pipeline before applications get pushed into production . Why is this so important to you ?
The shift to the left is a vital part of our overall security strategy . It ’ s becoming widely recognized that security needs to be prioritized at the earliest possible stage , to catch potential security risks before they can become a true danger . That is the best way to reduce outages that would have a detrimental business effect .
Also , as a major contributor to the country ’ s critical infrastructure , we wanted to show our millions of customers and business partners that our services are resilient .
Can you explain how Bayad has been able to achieve greater security of critical applications and protection of sensitive data ?
With Aqua , we have better visibility on the vulnerabilities of our cloud-native applications . This allows us to prioritize remediation of these , which prevents our security operations teams from being overwhelmed .
Can you explain how Bayad is now better prepared to adhere to industry best practices and compliance requirements ?
We are now better able to secure our data and digital platforms through Aqua ’ s robust functionality , which is a key imperative for adhering to industry
best practices . Aqua ’ s solution helps us prevent the potential exposure of sensitive information , credentials and keys that could have led to account takeovers or system compromise .
Furthermore , Aqua ’ s solution provides much greater visibility , which is vital in highly regulated industries . We are now able to monitor the entire application lifecycle , which is crucial for enforcing compliance .
Why did you choose to work with the vendor ?
We did our research ! We established a viable short list of potential vendors , then provided our requirements to candidates and collected detailed responses from each . Aqua offered the best capabilities to match our journey to serverless .
We were also impressed by the fast and helpful communications from Aqua ’ s local partner , and with the customer service and support they have provided throughout the process . p
www . intelligentcio . com INTELLIGENTCIO APAC 51