How do you work in a cloud-first, multi-cloud environment while maintaining consistent security controls?