150 likes | 275 Views
Keynote. Guidance V3.0. Paul Simmonds. Global, not-for-profit organization Over 23,000 individual members, 100 corporate members, 50 chapters Building best practices and a trusted cloud ecosystem Agile philosophy, rapid development of applied research
E N D
Guidance V3.0 Paul Simmonds
Global, not-for-profit organization Over 23,000 individual members, 100 corporate members, 50 chapters Building best practices and a trusted cloud ecosystem Agile philosophy, rapid development of applied research GRC: Balance compliance with risk management Reference models: build using existing standards Identity: a key foundation of a functioning cloud economy Champion interoperability Enable innovation Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” About the Cloud Security Alliance
Key highlights of v3.0 • Updated content • Technologically comprehensive • Internationally accepted format and structure • Broadest possible contributor base • Peer reviewed domains • Easily translatable • Ready for Standards submissions
Goals of v3.0 • One comprehensive, C-level, best practice • A stable, secure baseline for cloud operations • A practical, actionable road map for managers • Technologically comprehensive • Incorporating lessons learned from the CSA GRC Stack and Trusted Cloud Initiative and the various other CSA activities
The revised domains • Domains have been rewritten to emphasize; • Security • Stability • Privacy • Incorporating lessons learned from; • CSA GRC Stack • Trusted Cloud Initiative • The various other CSA activities • Controls focused data ownership while in a shared physical infrastructure
Why is 3.0 needed? • “Cloud” has developed in the two years since the publication of 2.1 • 2.1 guidance can be inconsistent • Thinking on cloud, the tools, and the techniques have evolved • Standard in use have firmed-up • Some recommendations need to be deprecated
Who are the editors? Three global editors • Editorial Working Group • Archie Reed • Paul Simmonds • Chris Rezek • Endeavouring to present a measured and balanced product meeting the interests of both cloud providers and cloud consumers
Where next? • Aiming for publication by the Orlando conference • Lots to do to hit this deadline!
What you need to do? • Review and critique(thank you for all the effort to date) It does not stop with V3.0 . . . . ! • Promote it’s existence • Read it • Use it
Help Us Secure Cloud Computing www.cloudsecurityalliance.org info@cloudsecurityalliance.org LinkedIn: www.linkedin.com/groups?gid=1864210 Twitter: @cloudsa Contact