Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance.

Similar presentations


Presentation on theme: "Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance."— Presentation transcript:

1 Copyright © 2013 Cloud Security Alliance

2 Copyright © 2013 Cloud Security Alliance Much focus on securing data and systems in the cloud. What about providing security services FROM the cloud? That is Security as a Service (SecaaS)! Provisioning elastic, scalable security solutions and services to both cloud based and traditional on premises systems in pure cloud or hybrid models.

3 Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance One of the many CSA branches of research Bringing together an international group of users, potential users, vendors and brokers of SecaaS solution. Research SecaaS – balanced and vendor neutral Define types / categories of service Produce architectural and implementation guidance Continue research – category and guidance updates, more detailed architectures etc.. Find us here; https://cloudsecurityalliance.org/research/secaas/ https://cloudsecurityalliance.org/research/secaas/

4 Copyright © 2013 Cloud Security Alliance Co-Chairs Kevin Fielder, Canada Life Cameron Smith, Pertino Subcommittee leadership IAM Leads – Ulrich Lang, Valmiki Mukherjee DLP Leads – Wendy Cohen, Atul Shah Web Security Leads – Aradhna Chetal, Kapil Raina Security Lead – Mark Hahn Security Assessments Leads – John Hearton, Wolfgang Kandek Intrusion Management Lead – Tim Owen SIEM Lead – Jens Laundrup Encryption Lead – Vadim Saratovtsev, Geoff Webb, BCDR Lead – Kevin Fielder Network Security Lead – Ken Owens

5 Copyright © 2013 Cloud Security Alliance Born early 2011 Agreed structure and leadership Agreed 1 st deliverable Defined categories (very high level) Split into categories with leads for each Created white paper ‘Defined Categories of Service 2011’ Breath! Early 2012 agreed on guidance as next output and unified format October 2012 – Produced guidance documents for all categories Breath again!

6 Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance SecaaS Implementation Guidance Ten category documents Requirements addressed Implementations considerations and concerns Implementation architecture and guidance References and useful links All guidance papers can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads

7 Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance Implementation Guidance v2.0 Template Review Content Review Development of New Categories Broader Guidance Architectures Improve integration with wide CSA research Incident Management and Forensics Working Group Service Level Agreements Working Group

8 Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance Defined Categories of Service (DCS) v Review of 10 current categories of security as a service; Category 1: Identity and Access Management Category 2: Data Loss Prevention Category 3: Web Security Category 4: Security Category 5: Security Assessments Category 6: Intrusion Management Category 7: Security Information and Event Management (SIEM) Category 8: Encryption Category 9: Business Continuity and Disaster Recovery Category 10: Network Security The white paper can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads

9 Copyright © 2013 Cloud Security Alliance Template Review Description Class, Core Functionalities, Optional Features Services Includes, Related Services, Related Technologies and Standards, Service Model, CSA Domains Threats Addressed/Benefits Challenges Reference Examples, References

10 Copyright © 2013 Cloud Security Alliance Continuous Monitoring as a Service Other additional categories to consider?

11 Copyright © 2013 Cloud Security Alliance Update existing documents v1.1 / v2 rolling releases Review categories, guidance template, content Links to other research Carriers, SLA, Forensics … Combined Guidance Broader overarching architecture examples Role-specific Guidance

12 Copyright © 2013 Cloud Security Alliance New Monthly Call Format – Education + Communication Increase use of Base Camp for ongoing communication ‘CSA Cloud Bytes’ series propose ideas here: https://cloudsecurityalliance.org/research/cloud- bytes/#_proposalshttps://cloudsecurityalliance.org/research/cloud- bytes/#_proposals Identify the Next Big Thing … Update categories, revise guidance Link to other areas of research Increase depth of guidance for role-specific points of view

13 Copyright © 2013 Cloud Security Alliance “Educational webinar series for CSA working groups” https://cloudsecurityalliance.org/research/cloud-bytes/

14 Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance CSA Cloud Bytes: SecaaS Implementation Series Introduction to the SecaaS Category Implementation Guidance Working Group process How to improve, how to get involved

15 Copyright © 2013 Cloud Security Alliance

16 Copyright © 2013 Cloud Security Alliance Big thank you to all contributors! Category Leads Group members Technical writers CSA support Now is a great time to volunteer – Get involved! Help define the next steps and future of the group here: https://cloudsecurityalliance.org/research/secaas/#_get-involved https://cloudsecurityalliance.org/research/secaas/#_get-involved

17 Copyright © 2013 Cloud Security Alliance For more info about CSA Cloud Bytes: SecaaS Implementation Series https://cloudsecurityalliance.org/secaas/ (through 10/29/2012) Help Us Secure Cloud Computing LinkedIn:


Download ppt "Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance."

Similar presentations


Ads by Google