• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
TAG Speaker Series: Cloud Security w/ Jim Reavis
 

TAG Speaker Series: Cloud Security w/ Jim Reavis

on

  • 312 views

A presentation on Cloud Security, presented by Jim Reavis, Executive Director of the Cloud Security Alliance, whose mission is "to promote the use of best practices for providing security assurance ...

A presentation on Cloud Security, presented by Jim Reavis, Executive Director of the Cloud Security Alliance, whose mission is "to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing."

Statistics

Views

Total Views
312
Views on SlideShare
311
Embed Views
1

Actions

Likes
0
Downloads
9
Comments
0

1 Embed 1

https://twitter.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Will my provider be transparent about how they manage their systems, organization governance, etc?Will I be considered compliant?Do I know where my data is?Will a lack of standards drive unexpected obsolescence? Is my provider really better at security than me?Are the hackers waiting for me in the cloud?Will I get fired?How can we gracefully “lose control” of IT
  • The CSA Security, Trust & Assurance Registry (STAR) is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping users assess the security of cloud providers they currently use or are considering contracting with.CSA STAR is open to all cloud providers, and allows them to submit self assessment reports that document compliance to CSA published best practices. The searchable registry will allow potential cloud customers to review the security practices of providers, accelerating their due diligence and leading to higher quality procurement experiences. CSA STAR represents a major leap forward in industry transparency, encouraging providers to make security capabilities a market differentiator.

TAG Speaker Series: Cloud Security w/ Jim Reavis TAG Speaker Series: Cloud Security w/ Jim Reavis Presentation Transcript

  • www.cloudsecurityalliance.orgCloud Computing Security
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgForrester forecasts that the global market for cloudcomputing will grow from $40.7 billion in 2011 to morethan $241 billion in 2020Copyright © 2013 Cloud Security Alliance1 Million newmobilephones a day!
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceOur IT SystemEnabling Big DataManaging MobileDevicesThe Glue for theInternet of ThingsAcceleratinginnovationwww.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.org
  • www.cloudsecurityalliance.org
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgTrust InnovationMobile CloudsSaaS EncryptionIdentity Mgt – Strong Auth everywhereReinvent every industry with Cloud/Mobile/Social/Big DataCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgState Sponsored Cyberattacks?Organized Crime?Legal Jurisdiction & Data Sovereignty?Global Security Standards?Privacy Protection for Citizens?Transparency & Visibility from Cloud Providers?Copyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgShift the balance of power to consumers of ITEnable innovation to solve difficult problems ofhumanityGive the individual the tools to control their digitaldestinyDo this by creating confidence, trust andtransparency in IT systemsSecurity is not overhead, it is the enablerCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceIndustry standard catalog of cloudsecurity issues and best practicesWidespread adoptionTranslated into 6 languages14 domains
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceGRC StackFamily of 4 research projectsCloud Controls Matrix (CCM)Consensus Assessments Initiative(CAI)Cloud AuditCloud Trust Protocol (CTP)Impact to the IndustryDeveloped tools for governance,risk and compliance managementin the cloudTechnical pilotsProvider certification throughSTAR programControlRequirementsProviderAssertions
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceOPEN CERTIFICATION FRAMEWORKCONTINUOUSATTESTATION | CERTIFICATIONSELF ASSESSMENTTRANSPERANCYASSURANCE
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceCertificate of Cloud SecurityKnowledge (CCSK)Benchmark of cloud securitycompetencyOnline web-based examinationwww.cloudsecurityalliance.org/certifymeEnterprise members get 8 test tokens,contact ccsk-admin@cloudsecurityalliance.org toreceive (must provide email addressesof employees taking test)
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceSecurity as a ServiceResearch for gaining greater understandingfor how to deliver security solutions viacloud models.Information Security Industry Re-inventedIdentify Ten Categories within SecaaSImplementation Guidance for each SecaaSCategoryAlign with international standards and other CSAresearchIndustry ImpactDefined 10 Categories of Service andDeveloped Domain 14 of CSA GuidanceV.3
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceMobileSecuring application stores and other public entitiesdeploying software to mobile devicesAnalysis of mobile security capabilities and featuresof key mobile operating systemsCloud-based management, provisioning, policy, anddata management of mobile devices to achievesecurity objectivesGuidelines for the mobile device security frameworkand mobile cloud architecturesSolutions for resolving multiple usage roles related toBYOD, e.g. personal and business use of a commondeviceBest practices for secure mobile applicationdevelopment
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security AllianceBig DataIdentifying scalable techniques fordata-centric security and privacyproblemsLead to crystallization of best practicesfor security and privacy in big dataHelp industry and government onadoption of best practicesEstablish liaisons with otherorganizations in order to coordinate thedevelopment of big data security andprivacy standardsAccelerate the adoption of novelresearch aimed to address securityand privacy issues
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgOur research includesfundamental projects neededto define and implement trustwithin the future ofinformation technologyCSA continues to beaggressive in producingcritical research, educationand toolsCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgwww.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgJim Reavisjreavis@cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance
  • www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2013 Cloud Security Alliance