We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byClifford Trumbull
Modified about 1 year ago
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Cloud Controls Matrix Work Group Session Sean Cordero President of Cloudwatchmen, Co-chair CCM, CSA Evelyn de Souza Data Center Security Strategist, Cisco, Co-chair CCM, CSA
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance CSA Security Guidance v3.0
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance 3 new control domains to address new ways cloud data is accessed Improved clarity and cohesiveness of control domains Mobile Security Supply Change Management, Transparency and Accountability Interoperability and Portability
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Version 1.x Releases – 1.0 (April 2010), 1.01 (Oct 2010), 1.1 (Dec 2010), v1.2 (Aug 2011), v1.3 Aprill, 2013, v1.4 (TBD) Next Full Revision Release – April 2013 CCM 1..3 Align to Security Guidance 3.0 CCM 1.4 Baseline Control Assurance Framework for Cloud Security – mapped to: **COBIT 4.1 **HIPAA / HITECH Act ISO/IEC 27001:2005 **NIST Special Publication (SP) 800-53 Rev 3 FedRAMP 3.0 PCI DSS v2.0 BITS Shared Assessments GAPP Jericho Forum NERC CIP AICPA Trust Services Principles & Criteria (TSP) **CCM.xx Future Pipeline Mapping Considerations: Open Data Center Alliance (ODCA) HIPAA/HITECH Act (CSA HIMG) COBIT 5 (Information Security) NIST SP 800-53 Rev 4 Slovenian Information Commissioner on Privacy Guidance for Cloud Computing New Zealand Information Security Manual (NZISM)
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Become involved as a subject matter expert and a reviewer for upcoming releases Advise on different standards that we should consider mapping in going forward Implement the CCM in your organization’s compliance reporting tools
www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance
Copyright © 2014 Cloud Security Alliance Security Certification for Cloud Services : The CSA STAR Certification Daniele Catteddu,
© Cloud Security Alliance, 2015 Sean Cordero, Chair CCM Laura Posey, Chair CAIQ.
© Cloud Security Alliance, 2015 Sean Cordero, Chair CCM.
Building trust in the Cloud: the CSA perspective Daniele Catteddu, Managing Director EMEA & OCF-STAR Program Director Cloud Security Alliance © Cloud Security.
© Cloud Security Alliance, 2015 Evelyn de Souza Chair Cloud Security Alliance Data Governance Chair/ Data Privacy and Compliance Leader Cisco Systems.
SECURITY Is cloud computing secure? Are Microsoft Online Services secure? Is cloud computing secure? Are Microsoft Online Services secure? PRIVACY What.
Copyright © 2011 Cloud Security Alliance Cloud Security Alliance Research & Roadmap Jim Reavis, Executive Director, CSA.
Cloud Security Alliance Research & Roadmap Jim Reavis Executive Director June 2011.
Cloud Security: Critical Threats and Global Initiatives Jim Reavis, Executive Director July, 2010.
Cloud Security Alliance Research & Roadmap Jim Reavis Executive Director August 2011.
CloudAudit Working Group Update April CloudAudit Charter Provide a common interface and namespace that allows cloud computing providers to automate.
Copyright © 2011 Cloud Security Alliance Keynote.
Presenter Gene Geiger, A-LIGN Partner -HITRUST Practitioner -CPA -CISSP -CCSK -QSA -PCIP -ISO 27K LA.
Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.
Cloud Security Alliance Overview and Organizational Plans Jim Reavis, Co-founder & Executive Director August 5, 2009.
CSF Roadmap 2015 and Beyond Presented By Bryan S. Cline, Ph.D. Presented For HITRUST.
Cloud Security Challenges Today and Tomorrow NameTitle February 2011.
Cloud Security Challenges Today and Tomorrow Aloysius Cheang Asia Pacific Strategy Advisor April 2011.
Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.
Copyright © 2011 Cloud Security Alliance Cloud Security Alliance Research & Roadmap Cloud Security Alliance Research & Roadmap.
Cloud Computing and Standards - A Regulator’s View OASIS International Cloud Symposium 11 October 2011 Steven Johnston, CISSP Senior Security and Technology.
OTech CalCloud Security General 1 Meets the operational and compliance requirements of the State SAM/SIMM NIST FedRAMP v2 Other necessary regulatory.
Copyright © 2011 Cloud Security Alliance DANIELE CATTEDDU CSA Managing Director EMEA.
Copyright © 2011 Cloud Security Alliance UK Chapter Paul Davies.
Achieving Security Assurance and Compliance in the Cloud Jim Reavis Executive Director.
The Unique Alternative to the Big Four ® SOC 2 Reports – A Third Party Risk Management Tool for Cloud Providers August 2014.
Cloud Solutions: Getting the Security and Controls Right July 20, 2016.
Privacy and Security Tiger Team Meeting Recommendations regarding a framework of security protections for EHRs December 7, 2011.
TOGAF and Information Governance Richard Jeffrey-Cook TOGAF and Information Governance Richard Jeffrey-Cook DLM Forum - Dublin.
Windows Azure Windows Azure: Security, Privacy, ComplianceTitle: Country Mgrs., Account Mgrs., BG leads, BG execs & speakers Speaker: BDM, ITDMs Audience:
Achieving Assurance and Compliance in the Cloud Digital Government Cyber Security Conference Cheryl Wilner, CEO Bethesda Advanced Solutions Ronald Regan.
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.
Copyright © 2011 Cloud Security Alliance Achieving Security Assurance and Compliance in the Cloud Jim Reavis, Executive Director.
Copyright © 2011 Cloud Security Alliance Building Trust into the Next Generation of Information Technology.
Copyright © 2013 Cloud Security Alliance CSA Speed Talk: “STAR &CCSK – An Update on Provider and User Certification”
Service Organization Control Reports What Have We Learned? Chris Bruhn DIRECTOR, IT RISK SERVICES, BKD, LLP SAS 70 ENDS EXIT TO SSAE 16.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Panel: Moderator: Michele Iversen Guest Experts: Dr. Ron Ross, Rod Beckstrom, Bob Wandell.
TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.
Jim Reavis, Executive Director Cloud Security Alliance November 22, 2010 Developing a Baseline On Cloud Security.
So You Think The Cloud Isn’t Secure?. How is this secure?
International Federation of Accountants IFAC SMP Committee Guides Bernard Scicluna Member – IFAC SMP Committee President – Malta Institute of Accountants.
COBIT 5 Update FEI/CFIT Meeting December 15, 2011 Presented by: Mike O. Villegas, CISA, CISSP, GSEC, CEH Director of Information Security Newegg, Inc.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
Service Organization Controls (SOC) Overview Shared Assessment Member Forum Presentation April 10, 2012.
© 2017 SlidePlayer.com Inc. All rights reserved.