SlideShare a Scribd company logo

Leveraging Industry Initiatives for Data Center and Cloud

Cisco Security
Cisco Security

Understand how to leverage industry initiatives for Data Center and Cloud with Cisco Security.

Technology
1 of 10
Evelyn de Souza Cisco Security Product Marketing November 1 2012 © 2012 Cisco and/or its affiliates. All rights reserved. 1
Overview of Industry Initiatives? NIST Cloud Models CSA compliance and service provider assessment tools ODCA usage models Questions 2 © 2012 Cisco and/or its affiliates. All rights reserved. 2
• Transparency & visibility from providers • Compatible laws across jurisdictions • Data sovereignty • Incomplete standards • True Consumer awareness & engagement © 2012 Cisco and/or its affiliates. All rights reserved. 3
via consensus on security best practices Reduce manual audit cycles via common framework for regulatory standards Streamline security implementations via standards for controls and APIs across cloud environments Enable IT to easily compare cloud provider security levels Example: Aligning hardware and software controls to ODCA requirements ODCA Security Provider Assurance Usage Model 1.0 – Solution should be able to support the following functional requirements by assurance levels, where applicable: Bronze (basic): Identity management, security incident & event monitoring Silver (enterprise): Network intrusion prevention, event logging, administrative changes tracking Gold (financial): Penetration testing, asset segmentation, encrypted communication, Geo limits, storage encryption Platinum (military): Strong encryption for data *Several of the requirements are supported by Intel / McAfee 4 © 2012 Cisco and/or its affiliates. All rights reserved. 4
Hybrid Clouds Deployment Models Private Community Public Cloud Cloud Cloud Service Software as a Platform as a Infrastructure as a Models Service (SaaS) Service (PaaS) Service (IaaS) On Demand Self-Service Essential Broad Network Access Rapid Elasticity Characteristics Resource Pooling Measured Service Massive Scale Resilient Computing Common Homogeneity Geographic Distribution Characteristics Virtualization Service Orientation Low Cost Software Advanced Security © 2012 Cisco and/or its affiliates. All rights reserved. Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com 5 5
• Global, not-for-profit organization • Over 33,000 individual members, 150 corporate members, 60 chapters • Building best practices and a trusted cloud ecosystem Research Education Certification Advocacy of prudent public policy • Innovation, Transparency, GRC, Identity “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” © 2012 Cisco and/or its affiliates. All rights reserved. 6
Provider Assertions • Family of 4 research projects • Cloud Controls Matrix • Consensus Assessments Initiative • Cloud Audit • Cloud Trust Protocol • Tools for governance, risk and compliance mgt • Enabling automation and Private, Com continuous monitoring of GRC munity & Public Clouds Control Requirements © 2012 Cisco and/or its affiliates. All rights reserved. 7
• CSA STAR (Security, Trust and Assurance Registry) • Public Registry of Cloud Provider self assessments • Based on Consensus Assessments Initiative Questionnaire Provider may substitute documented Cloud Controls Matrix compliance • Voluntary industry action promoting transparency • Security as a market differentiator • www.cloudsecurityalliance.org/star © 2012 Cisco and/or its affiliates. All rights reserved. 8
YOUR CALL TO ACTION Your Call to Action Integrate security into your cloud planning – don’t bolt it on Engage CSA and ODCA - ask the right questions of your cloud service providers Become a participating member of one of an industry based organization 9 © 2012 Cisco and/or its affiliates. All rights reserved. 9
Thank you. © 2012 Cisco and/or its affiliates. All rights reserved. 10

Recommended

2013 Cisco Annual Security Report
2013 Cisco Annual Security Report2013 Cisco Annual Security Report
2013 Cisco Annual Security ReportCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 

Recommended

2013 Cisco Annual Security Report
2013 Cisco Annual Security Report2013 Cisco Annual Security Report
2013 Cisco Annual Security ReportCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School DistrictCisco Security
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security StrategiesCisco Security
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and PerformanceCisco Security
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson UniversityCisco Security
 
http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/ccummens
 
503 reading quiz
503 reading quiz503 reading quiz
503 reading quizamybass
 
04410100251 makalah
04410100251 makalah04410100251 makalah
04410100251 makalahArya Ningrat
 
Hasil percobaan
Hasil percobaanHasil percobaan
Hasil percobaanArya Ningrat
 
Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsCisco Security
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 

More Related Content

Viewers also liked

Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School DistrictCisco Security
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security StrategiesCisco Security
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and PerformanceCisco Security
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson UniversityCisco Security
 
http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/ccummens
 
503 reading quiz
503 reading quiz503 reading quiz
503 reading quizamybass
 
04410100251 makalah
04410100251 makalah04410100251 makalah
04410100251 makalahArya Ningrat
 

Viewers also liked (15)

Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School District
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: Cybersecurity
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security Strategies
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and Performance
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security Challenges
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the Future
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of Cybersecurity
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of Inactivity
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson University
 
http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/http://chiropractor.invalparaisolocalarea.com/
http://chiropractor.invalparaisolocalarea.com/
 
503 reading quiz
503 reading quiz503 reading quiz
503 reading quiz
 
04410100251 makalah
04410100251 makalah04410100251 makalah
04410100251 makalah
 
Hasil percobaan
Hasil percobaanHasil percobaan
Hasil percobaan
 

More from Cisco Security

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsCisco Security
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls InfographicCisco Security
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report InfographicCisco Security
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Security
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCisco Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataCisco Security
 

More from Cisco Security (15)

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threats
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware Infographic
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor Scorecard
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network Access
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls Infographic
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report Infographic
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report Infographic
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient Data
 

Recently uploaded

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 

Recently uploaded (20)

Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 

Leveraging Industry Initiatives for Data Center and Cloud

  • 1. Evelyn de Souza Cisco Security Product Marketing November 1 2012 © 2012 Cisco and/or its affiliates. All rights reserved. 1
  • 2. Overview of Industry Initiatives? NIST Cloud Models CSA compliance and service provider assessment tools ODCA usage models Questions 2 © 2012 Cisco and/or its affiliates. All rights reserved. 2
  • 3. • Transparency & visibility from providers • Compatible laws across jurisdictions • Data sovereignty • Incomplete standards • True Consumer awareness & engagement © 2012 Cisco and/or its affiliates. All rights reserved. 3
  • 4. via consensus on security best practices Reduce manual audit cycles via common framework for regulatory standards Streamline security implementations via standards for controls and APIs across cloud environments Enable IT to easily compare cloud provider security levels Example: Aligning hardware and software controls to ODCA requirements ODCA Security Provider Assurance Usage Model 1.0 – Solution should be able to support the following functional requirements by assurance levels, where applicable: Bronze (basic): Identity management, security incident & event monitoring Silver (enterprise): Network intrusion prevention, event logging, administrative changes tracking Gold (financial): Penetration testing, asset segmentation, encrypted communication, Geo limits, storage encryption Platinum (military): Strong encryption for data *Several of the requirements are supported by Intel / McAfee 4 © 2012 Cisco and/or its affiliates. All rights reserved. 4
  • 5. Hybrid Clouds Deployment Models Private Community Public Cloud Cloud Cloud Service Software as a Platform as a Infrastructure as a Models Service (SaaS) Service (PaaS) Service (IaaS) On Demand Self-Service Essential Broad Network Access Rapid Elasticity Characteristics Resource Pooling Measured Service Massive Scale Resilient Computing Common Homogeneity Geographic Distribution Characteristics Virtualization Service Orientation Low Cost Software Advanced Security © 2012 Cisco and/or its affiliates. All rights reserved. Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com 5 5
  • 6. • Global, not-for-profit organization • Over 33,000 individual members, 150 corporate members, 60 chapters • Building best practices and a trusted cloud ecosystem Research Education Certification Advocacy of prudent public policy • Innovation, Transparency, GRC, Identity “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” © 2012 Cisco and/or its affiliates. All rights reserved. 6
  • 7. Provider Assertions • Family of 4 research projects • Cloud Controls Matrix • Consensus Assessments Initiative • Cloud Audit • Cloud Trust Protocol • Tools for governance, risk and compliance mgt • Enabling automation and Private, Com continuous monitoring of GRC munity & Public Clouds Control Requirements © 2012 Cisco and/or its affiliates. All rights reserved. 7
  • 8. • CSA STAR (Security, Trust and Assurance Registry) • Public Registry of Cloud Provider self assessments • Based on Consensus Assessments Initiative Questionnaire Provider may substitute documented Cloud Controls Matrix compliance • Voluntary industry action promoting transparency • Security as a market differentiator • www.cloudsecurityalliance.org/star © 2012 Cisco and/or its affiliates. All rights reserved. 8
  • 9. YOUR CALL TO ACTION Your Call to Action Integrate security into your cloud planning – don’t bolt it on Engage CSA and ODCA - ask the right questions of your cloud service providers Become a participating member of one of an industry based organization 9 © 2012 Cisco and/or its affiliates. All rights reserved. 9
  • 10. Thank you. © 2012 Cisco and/or its affiliates. All rights reserved. 10