© Cloud Security Alliance, 2015 March 2, 2016. Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates.

Slides:



Advertisements
Similar presentations
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.
Advertisements

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 7 April 2010 Camas, WA – PWG F2F Meeting Ira McDonald (High.
1Copyright © 2011, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary May 2011 Webster, NY – PWG Meeting Ira McDonald (High North.
What’s New for 2013 Steve Allen CEO, iDatix Corproation.
Cloud computing security related works in ITU-T SG17
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Copyright © 2013 Cloud Security Alliance.
VIRTUALIZATION PRODUCT FOCUS 8/18/14 – 8/29/14 INTRODUCTION Our Product Focus for the next two weeks is Virtualization. More than 90% of mid- and large.
The COUNTER Code of Practice for Books and Reference Works Peter Shepherd Project Director COUNTER UKSG E-Books Seminar, 9 November 2005.
Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Managing the Information Technology Resource Jerry N. Luftman
1 Project Management & Project Management Software Yale Braunstein School of Information Management & Systems UC Berkeley.
Geneva, Switzerland, September 2014 Cloud security standardization activities in ITU-T Huirong Tian, China ITU Workshop on “ICT.
Defining Services for Your IT Service Catalog
Website Hardening HUIT IT Security | Sep
Security Framework For Cloud Computing -Sharath Reddy Gajjala.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
Web Development Process Description
FIORANO SERVICE BUS The Cloud Enablement Platform
.. Skytap Better Software Faster Visual Studio Industry Partner Skytap NEXT STEPS Contact us at: Insert your company description here.
Jim Reavis, Executive Director Cloud Security Alliance November 22, 2010 Developing a Baseline On Cloud Security.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
Information ITIL Technology Infrastructure Library ITIL.
Demystifying the Business Analysis Body of Knowledge Central Iowa IIBA Chapter December 7, 2005.
Computer Science and Engineering 1 Cloud ComputingSecurity.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Cloud Security Alliance Overview and Organizational Plans Jim Reavis, Co-founder & Executive Director August 5, 2009.
KM Technology Assessment “Knowledge and team collaboration servers” DSC8030/CIS8260 Dr. Samaddar Summer 2004 Jon A. Preston.
CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
© Cloud Security Alliance, 2015 Evelyn de Souza Chair Cloud Security Alliance Data Governance Chair/ Data Privacy and Compliance Leader Cisco Systems.
PRESENTATION TITLE GOES HERE KMIP Test Program at SNIA Technology Center Gordon Arnold, SSIF Chair Greg Loux, Consultant.
WHAT OUR CUSTOMERS ARE SAYING “After thorough market research and a review process, Qorus Breeze Proposals stood out from the competitors because of its.
United States Department of Justice Achieving Information Interoperability and Business Agility The Justice Reference Architecture:
J. Scott Hawker p. 1Some material © Rational Corp. Rational Unified Process Overview See and use the RUP Browser on lab machines.
== Enovatio Delivers a Scalable Project Management Solution Minus Large Upfront Infrastructure Costs, Thanks to the Powerful Microsoft Azure Platform MICROSOFT.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
ARCH-04 Before You Begin Your Transformation Project… Phillip Magnay Architect – Applied Technology.
Assuring Reliable and Secure IT Services Chapter 6.
ESSRT In-Process Review September 10, Agenda 1.Work Completed Till Date 2.Scope of future activities and deliverables 2.
PRESENTATION TITLE GOES HERE KMIP Test Program at SNIA Technology Center Gordon Arnold, SSIF Chair Greg Loux, Consultant.
Introduction to ITIL and ITIS. CONFIDENTIAL Agenda ITIL Introduction  What is ITIL?  ITIL History  ITIL Phases  ITIL Certification Introduction to.
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
© Cloud Security Alliance, 2016 Brian Russell, Leidos Co-Chair, IoT WG 2 March 2016.
© Cloud Security Alliance, 2016 Anil Karmel, Co-Founder and CEO, C2 Labs Andrew Wild, CISO, QTS.
If it’s not automated, it’s broken!
Information ITIL Technology Infrastructure Library ITIL.
Avenues International Inc.
Office 365 Security Assessment Workshop
Azure-Based Project Management App Helps Creative Agencies Run Their Projects Efficiently “With Microsoft Azure PaaS, we can focus on our app and offer.
BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
Discovering Computers 2010: Living in a Digital World Chapter 14
Tutorials of Q.8: cloud security related works in SG17
TeleManagement Forum The voice of the OSS/BSS industry.
Barracuda Networks Creates Next-Generation Security Solutions That Enable Customers to Accelerate Their Adoption of Microsoft Azure MICROSOFT AZURE APP.
<Name of Product>Pilot Closeout Meeting <Customer Name>
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
Yellowfin: An Azure-Compatible Business Intelligence Platform That Connects People with Their Data for Better Decision Making MICROSOFT AZURE APP BUILDER.
On-Premises, or Deployed in a Hybrid Environment
Developing a Baseline On Cloud Security Jim Reavis, Executive Director
Increase and Improve your PC management with Windows Intune
Requirements engineering in Cloud Computing
Presentation transcript:

© Cloud Security Alliance, 2015 March 2, 2016

Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates Looking Ahead

What is Security as a Service? © Cloud Security Alliance, Much focus has been on securing data and systems in the cloud. What about providing security services FROM the cloud? That is Security as a Service (SecaaS)! Provisioning elastic, scalable security solutions and services to both cloud based and traditional on premises systems in pure cloud or hybrid models.

The CSA SecaaS Working Group © Cloud Security Alliance, One of the many CSA branches of research Bringing together an international group of users, potential users, vendors and brokers of SecaaS solution. Research SecaaS – balanced and vendor neutral Define types / categories of service Produce architectural and implementation guidance Find us here:

SecaaS Working Group Charter © Cloud Security Alliance, 2015 Revised Charter early charter/ Working Group Executive Overview Scope and Responsibilities Work Group Membership and Structure Standard Operations Research Lifecycle Peer Review Deliverables/Activities Charter Revision History

Category Framework © Cloud Security Alliance, Define elements What (hardware, software) How (process, workflow) Why (governance, risk) Who (resources) When (plan, incident, report) Guidance (methodology) Multiple Target Audiences Control selection, disciplines Interfaces, Infrastructure SLAs and Service functions Implementation models

Category Outlines/Template © Cloud Security Alliance, 2015 Description Architecture ( Infrastructure, Public-Facing Services, Intrusion & Incident, Risk Framework ) Category General Description Business Elements Core Functionalities Optional Features Technical Elements Disciplines Related Services Standards Controls Threats and Challenges References – Links, CSA Controls, CSA Guidance

Looking Ahead © Cloud Security Alliance, Categories of Service Document version 2 Small Working Group, focus on standardization Continuous Monitoring Category 11 New working group or task force Built from new template, create a map of category relationships Category Guidance to version 2 Standard Template of Category Methodologies Controls, Disciplines, Services Enterprise—Location, Function, Process Delivery Model—In, Through, From Cloud to target environments (cloud, virtualized, traditional customer) Vertical Market Particulars—compliance, governance

Category Status © Cloud Security Alliance, 2015 Network Security Vulnerability Scanning Web Security Security Identity and Access Management Encryption Intrusion Management Data Loss Prevention Security Information and Event Management Business Continuity and Disaster Recovery Continuous Monitoring Security Assessments

Project Plan © Cloud Security Alliance, 2015 Bi-Weekly Meetings Status, updates, challenges Major Milestones Category Drafts Open Peer Review Final Drafts Individual Category Publishing Defined Categories of Service 2016 – Complete Series Individual Category - Implementation Guidance continued documents, 2016

Contacts/References © Cloud Security Alliance, 2015 SecaaS Leadership Reference Links CSA Website Basecamp

THANK YOU © Cloud Security Alliance, Big thank you to all contributors! Category Leads Group members Technical writers CSA support Now is a great time to volunteer – Get involved! Help define the future of the group here:

? ? ? ? © Cloud Security Alliance, 2015

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.