Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance.

Published byTristan Quance Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance."— Presentation transcript:

1 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance

2 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Much focus on securing data and systems in the cloud. What about providing security services FROM the cloud? That is Security as a Service (SecaaS)! Provisioning elastic, scalable security solutions and services to both cloud based and traditional on premises systems in pure cloud or hybrid models.

3 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance One of the many CSA branches of research Bringing together an international group of users, potential users, vendors and brokers of SecaaS solution. Research SecaaS – balanced and vendor neutral Define types / categories of service Produce architectural and implementation guidance Continue research – category and guidance updates, more detailed architectures etc.. Find us here; https://cloudsecurityalliance.org/research/secaas/ https://cloudsecurityalliance.org/research/secaas/

4 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance Co-Chairs Kevin Fielder, Canada Life Cameron Smith, Pertino Subcommittee leadership IAM Leads – Ulrich Lang, Valmiki Mukherjee DLP Leads – Wendy Cohen, Atul Shah Web Security Leads – Aradhna Chetal, Kapil Raina Email Security Lead – Mark Hahn Security Assessments Leads – John Hearton, Wolfgang Kandek Intrusion Management Lead – Tim Owen SIEM Lead – Jens Laundrup Encryption Lead – Vadim Saratovtsev, Geoff Webb, BCDR Lead – Kevin Fielder Network Security Lead – Ken Owens

5 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Born early 2011 Agreed structure and leadership Agreed 1 st deliverable Defined categories (very high level) Split into categories with leads for each Created white paper ‘Defined Categories of Service 2011’ Breath! Early 2012 agreed on guidance as next output and unified format October 2012 – Produced guidance documents for all categories Breath again!

6 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance SecaaS Implementation Guidance Ten category documents Requirements addressed Implementations considerations and concerns Implementation architecture and guidance References and useful links All guidance papers can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads

7 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance Implementation Guidance v2.0 Template Review Content Review Development of New Categories Broader Guidance Architectures Improve integration with wide CSA research Incident Management and Forensics Working Group Service Level Agreements Working Group

8 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance Defined Categories of Service (DCS) v2.0 - 2013 Review of 10 current categories of security as a service; Category 1: Identity and Access Management Category 2: Data Loss Prevention Category 3: Web Security Category 4: Email Security Category 5: Security Assessments Category 6: Intrusion Management Category 7: Security Information and Event Management (SIEM) Category 8: Encryption Category 9: Business Continuity and Disaster Recovery Category 10: Network Security The white paper can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads

9 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance Template Review Description Class, Core Functionalities, Optional Features Services Includes, Related Services, Related Technologies and Standards, Service Model, CSA Domains Threats Addressed/Benefits Challenges Reference Examples, References

10 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance Continuous Monitoring as a Service Other additional categories to consider?

11 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Update existing documents v1.1 / v2 rolling releases Review categories, guidance template, content Links to other research Carriers, SLA, Forensics … Combined Guidance Broader overarching architecture examples Role-specific Guidance

12 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org New Monthly Call Format – Education + Communication Increase use of Base Camp for ongoing communication ‘CSA Cloud Bytes’ series propose ideas here: https://cloudsecurityalliance.org/research/cloud- bytes/#_proposalshttps://cloudsecurityalliance.org/research/cloud- bytes/#_proposals Identify the Next Big Thing … Update categories, revise guidance Link to other areas of research Increase depth of guidance for role-specific points of view

13 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance “Educational webinar series for CSA working groups” https://cloudsecurityalliance.org/research/cloud-bytes/

14 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance CSA Cloud Bytes: SecaaS Implementation Series Introduction to the SecaaS Category Implementation Guidance Working Group process How to improve, how to get involved

15 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance

16 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org Big thank you to all contributors! Category Leads Group members Technical writers CSA support Now is a great time to volunteer – Get involved! Help define the next steps and future of the group here: https://cloudsecurityalliance.org/research/secaas/#_get-involved https://cloudsecurityalliance.org/research/secaas/#_get-involved

17 www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance For more info about CSA Cloud Bytes: SecaaS Implementation Series https://cloudsecurityalliance.org/secaas/ cloudbytes2@cloudsecurityalliance.orgcloudbytes2@cloudsecurityalliance.org (through 10/29/2012) Help Us Secure Cloud Computing www.cloudsecurityalliance.org info@cloudsecurityalliance.org LinkedIn: www.linkedin.com/groups?gid=1864210www.linkedin.com/groups?gid=1864210 Twitter: @cloudsa, @CSAResearchGuy

Download ppt "Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance."

Similar presentations

Network Resource Broker for IPTV in Cloud Computing Lei Liang, Dan He University of Surrey, UK OGF 27, G2C Workshop 15 Oct 2009 Banff,

Network Resource Broker for IPTV in Cloud Computing Lei Liang, Dan He University of Surrey, UK OGF 27, G2C Workshop 15 Oct 2009 Banff,
Adult HIV Outpatient PBR Tariff Development National Reference Group Meeting 21/05/10.

Adult HIV Outpatient PBR Tariff Development National Reference Group Meeting 21/05/10.
Cloud computing security related works in ITU-T SG17

Cloud computing security related works in ITU-T SG17
Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Secure Systems Research Group - FAU Process Standards (and Process Improvement)
Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.

Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.

PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.
Www.cloudsecurityalliance.org Copyright © 2014 Cloud Security Alliance Security Certification for Cloud Services : The CSA STAR Certification Daniele Catteddu,

Copyright © 2014 Cloud Security Alliance Security Certification for Cloud Services : The CSA STAR Certification Daniele Catteddu,
Cloud Security Challenges Today and Tomorrow NameTitle February 2011.

Cloud Security Challenges Today and Tomorrow NameTitle February 2011.
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.

GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
SERVICE-LEVEL AGREEEMENT By Patrick Mayaki. DEFINITION A Service-level agreement (SLA) is a document that describes the level of service expected by a.

SERVICE-LEVEL AGREEEMENT By Patrick Mayaki. DEFINITION A Service-level agreement (SLA) is a document that describes the level of service expected by a.
Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Keynote.

Copyright © 2011 Cloud Security Alliance Keynote.
Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance.

Copyright © 2011 Cloud Security Alliance.
Www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance Conference Announcements.

Copyright © 2012 Cloud Security Alliance Conference Announcements.
Effort in hours Duration Over Weeks Or Months Inception Launch Web Lifecycle Methodology Maintenance Phases 1234576891011 Copyright Wonderlane Studios.

Effort in hours Duration Over Weeks Or Months Inception Launch Web Lifecycle Methodology Maintenance Phases Copyright Wonderlane Studios.
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.

Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.

This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Georgia Interoperability Network Training Project Overview Mark Hodges Georgia Tech Research Institute.

Georgia Interoperability Network Training Project Overview Mark Hodges Georgia Tech Research Institute.
CREATING THE ENTERPRISE SOCIAL MEDIA GAME PLAN September 2013.

CREATING THE ENTERPRISE SOCIAL MEDIA GAME PLAN September 2013.

Similar presentations

Ads by Google