Cyber Security in Real-Time Systems                      CSIRS                 David Spinks - ChairmanFebruary 2011
Quote by : Sun TzuAs Sun Tzu, the military theoretician and strategist extraordinaire ofancient China, wrote in his semina...
The Cloud Defined:
Cloud (IAAS) Pressures                         Instant now                      any time anywhereLimitless                ...
What are the obstacles to Cloud Services ?                      2008
What are the obstacles to Cloud Services ?                    2009
2010
Into the (Cloud) Futurewith hp                                                                     SERVICES               ...
So what are the security hot buttons?Robust acceptable pan-client Information Security policies and procedures.One single ...
Solutions and Best Practice :
Cloud Computing Security Assessment Process Flow                     Week 1                                       Week 2  ...
ConclusionsAdoption of Cloud lessons leant not availableImplementation experiences limitedSecurity and risk management met...
FinallyLinkedin CSIRS : http://www.linkedin.com/groupRegistration?gid=3623430David.spinks@hp.comhttp://www.cloudsecurityal...
Upcoming SlideShare
Loading in …5
×

Cloud security and cyber security v 3.1

873 views

Published on

Cloud Security and Cyber Security, David Spinks, HP

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
873
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cloud security and cyber security v 3.1

  1. 1. Cyber Security in Real-Time Systems CSIRS David Spinks - ChairmanFebruary 2011
  2. 2. Quote by : Sun TzuAs Sun Tzu, the military theoretician and strategist extraordinaire ofancient China, wrote in his seminal work "The Art of War", "The skilfulleader subdues the enemy’s troops without any fighting; he captures theircities without laying siege to them; he overthrows their kingdom withoutlengthy operations in the field.” Lush Stuxnet LSE NYSE E-Trading RBS ATM
  3. 3. The Cloud Defined:
  4. 4. Cloud (IAAS) Pressures Instant now any time anywhereLimitless Continued cost reductionFlexibility beyond Outsourcing SecureIT Utility ServicesManaged Services Limitless Volumes Up and Down
  5. 5. What are the obstacles to Cloud Services ? 2008
  6. 6. What are the obstacles to Cloud Services ? 2009
  7. 7. 2010
  8. 8. Into the (Cloud) Futurewith hp SERVICES ECOSYSTEM SYSTEMS INTEGRATION TECHNOLOGY ISLAND ADVANCEDAGILITY CLOUD ENTERPRISE CLOUD SERVICES UTILITY AUTOMATED SERVICES MANAGED HOSTING HOSTING TRADITIONAL CONFIGURED SERVICES SOURCING MODELS 8
  9. 9. So what are the security hot buttons?Robust acceptable pan-client Information Security policies and procedures.One single independent assurance certificate - no your auditors and willnot be allowed access.Identity and access management need to get this working anyway!Business continuity and IT DR acceptance of standard RTO and RPO.Encryption (key management) will be a client responsibility this issue isrelated to IdM!Flexibility in contracts and please kill off the “old school” purchasing andcontracts departments!
  10. 10. Solutions and Best Practice :
  11. 11. Cloud Computing Security Assessment Process Flow Week 1 Week 2 Week 21 2 3 Review InfoSec Program Documentation Interview Subject Matter Experts (SME) Inspect Infrastructure & Controls Week 2 Week 2 Week 34 5 6 Complete Security/Continuity Checklists Cloud Computing Readiness Workshop Analyze Data & Determine Gaps Week 4 Week 4 Week 47 8 9 Cloud Computing Security Roadmap Workshop Create Service Improvement Plan (SIP) Create Remediation Roadmap Confidential & Proprietary11 April 20th, 2010 - v1 Information of Hewlett-Packard Company
  12. 12. ConclusionsAdoption of Cloud lessons leant not availableImplementation experiences limitedSecurity and risk management methods immatureBest practice evolving but gaps exist stillViews of regulators and auditors still not clearLegal and regulatory issues (e-Discovery Jury is still out!)Watch this space ....
  13. 13. FinallyLinkedin CSIRS : http://www.linkedin.com/groupRegistration?gid=3623430David.spinks@hp.comhttp://www.cloudsecurityalliance.org/http://www.hp.com/hpinfo/newsroom/press/2009/090331xa.html Q and A

×