Your SlideShare is downloading. ×
  • Like
Cloud security and cyber security v 3.1
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Cloud security and cyber security v 3.1

  • 615 views
Published

Cloud Security and Cyber Security, David Spinks, HP

Cloud Security and Cyber Security, David Spinks, HP

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
615
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
13
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Cyber Security in Real-Time Systems CSIRS David Spinks - ChairmanFebruary 2011
  • 2. Quote by : Sun TzuAs Sun Tzu, the military theoretician and strategist extraordinaire ofancient China, wrote in his seminal work "The Art of War", "The skilfulleader subdues the enemy’s troops without any fighting; he captures theircities without laying siege to them; he overthrows their kingdom withoutlengthy operations in the field.” Lush Stuxnet LSE NYSE E-Trading RBS ATM
  • 3. The Cloud Defined:
  • 4. Cloud (IAAS) Pressures Instant now any time anywhereLimitless Continued cost reductionFlexibility beyond Outsourcing SecureIT Utility ServicesManaged Services Limitless Volumes Up and Down
  • 5. What are the obstacles to Cloud Services ? 2008
  • 6. What are the obstacles to Cloud Services ? 2009
  • 7. 2010
  • 8. Into the (Cloud) Futurewith hp SERVICES ECOSYSTEM SYSTEMS INTEGRATION TECHNOLOGY ISLAND ADVANCEDAGILITY CLOUD ENTERPRISE CLOUD SERVICES UTILITY AUTOMATED SERVICES MANAGED HOSTING HOSTING TRADITIONAL CONFIGURED SERVICES SOURCING MODELS 8
  • 9. So what are the security hot buttons?Robust acceptable pan-client Information Security policies and procedures.One single independent assurance certificate - no your auditors and willnot be allowed access.Identity and access management need to get this working anyway!Business continuity and IT DR acceptance of standard RTO and RPO.Encryption (key management) will be a client responsibility this issue isrelated to IdM!Flexibility in contracts and please kill off the “old school” purchasing andcontracts departments!
  • 10. Solutions and Best Practice :
  • 11. Cloud Computing Security Assessment Process Flow Week 1 Week 2 Week 21 2 3 Review InfoSec Program Documentation Interview Subject Matter Experts (SME) Inspect Infrastructure & Controls Week 2 Week 2 Week 34 5 6 Complete Security/Continuity Checklists Cloud Computing Readiness Workshop Analyze Data & Determine Gaps Week 4 Week 4 Week 47 8 9 Cloud Computing Security Roadmap Workshop Create Service Improvement Plan (SIP) Create Remediation Roadmap Confidential & Proprietary11 April 20th, 2010 - v1 Information of Hewlett-Packard Company
  • 12. ConclusionsAdoption of Cloud lessons leant not availableImplementation experiences limitedSecurity and risk management methods immatureBest practice evolving but gaps exist stillViews of regulators and auditors still not clearLegal and regulatory issues (e-Discovery Jury is still out!)Watch this space ....
  • 13. FinallyLinkedin CSIRS : http://www.linkedin.com/groupRegistration?gid=3623430David.spinks@hp.comhttp://www.cloudsecurityalliance.org/http://www.hp.com/hpinfo/newsroom/press/2009/090331xa.html Q and A