Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Cloud Security Alliance, 2015 March 2, 2016. Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates.

Published byMatthew Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "© Cloud Security Alliance, 2015 March 2, 2016. Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates."— Presentation transcript:

1 © Cloud Security Alliance, 2015 March 2, 2016

2 Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates Looking Ahead

3 What is Security as a Service? © Cloud Security Alliance, 2014. Much focus has been on securing data and systems in the cloud. What about providing security services FROM the cloud? That is Security as a Service (SecaaS)! Provisioning elastic, scalable security solutions and services to both cloud based and traditional on premises systems in pure cloud or hybrid models.

4 The CSA SecaaS Working Group © Cloud Security Alliance, 2014. One of the many CSA branches of research Bringing together an international group of users, potential users, vendors and brokers of SecaaS solution. Research SecaaS – balanced and vendor neutral Define types / categories of service Produce architectural and implementation guidance Find us here: https://cloudsecurityalliance.org/research/secaas/

5 SecaaS Working Group Charter © Cloud Security Alliance, 2015 Revised Charter early 2016 https://cloudsecurityalliance.org/download/security-as-a-service-working-group- charter/ Working Group Executive Overview Scope and Responsibilities Work Group Membership and Structure Standard Operations Research Lifecycle Peer Review Deliverables/Activities Charter Revision History

6 Category Framework © Cloud Security Alliance, 2014. Define elements What (hardware, software) How (process, workflow) Why (governance, risk) Who (resources) When (plan, incident, report) Guidance (methodology) Multiple Target Audiences Control selection, disciplines Interfaces, Infrastructure SLAs and Service functions Implementation models

7 Category Outlines/Template © Cloud Security Alliance, 2015 Description Architecture ( Infrastructure, Public-Facing Services, Intrusion & Incident, Risk Framework ) Category General Description Business Elements Core Functionalities Optional Features Technical Elements Disciplines Related Services Standards Controls Threats and Challenges References – Links, CSA Controls, CSA Guidance

8 Looking Ahead © Cloud Security Alliance, 2014. Categories of Service Document version 2 Small Working Group, focus on standardization Continuous Monitoring Category 11 New working group or task force Built from new template, create a map of category relationships Category Guidance to version 2 Standard Template of Category Methodologies Controls, Disciplines, Services Enterprise—Location, Function, Process Delivery Model—In, Through, From Cloud to target environments (cloud, virtualized, traditional customer) Vertical Market Particulars—compliance, governance

9 Category Status © Cloud Security Alliance, 2015 Network Security Vulnerability Scanning Web Security Email Security Identity and Access Management Encryption Intrusion Management Data Loss Prevention Security Information and Event Management Business Continuity and Disaster Recovery Continuous Monitoring Security Assessments

10 Project Plan © Cloud Security Alliance, 2015 Bi-Weekly Meetings Status, updates, challenges Major Milestones Category Drafts Open Peer Review Final Drafts Individual Category Publishing Defined Categories of Service 2016 – Complete Series Individual Category - Implementation Guidance continued documents, 2016

11 Contacts/References © Cloud Security Alliance, 2015 SecaaS Leadership secaas-leadership@cloudsecurityalliance.org research@cloudsecurityalliance.org Reference Links CSA Website https://cloudsecurityalliance.org/group/security-as-a-service/ Basecamp https://basecamp.com/1825565/projects/1179002

12 THANK YOU © Cloud Security Alliance, 2014. Big thank you to all contributors! Category Leads Group members Technical writers CSA support Now is a great time to volunteer – Get involved! Help define the future of the group here: https://cloudsecurityalliance.org/group/security-as-a-service//#_initiatives

13 ? ? ? ? © Cloud Security Alliance, 2015

Download ppt "© Cloud Security Alliance, 2015 March 2, 2016. Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates."

Similar presentations

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 7 April 2010 Camas, WA – PWG F2F Meeting Ira McDonald (High.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 7 April 2010 Camas, WA – PWG F2F Meeting Ira McDonald (High.
1Copyright © 2011, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary May 2011 Webster, NY – PWG Meeting Ira McDonald (High North.

1Copyright © 2011, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary May 2011 Webster, NY – PWG Meeting Ira McDonald (High North.
What’s New for 2013 Steve Allen CEO, iDatix Corproation.

What’s New for 2013 Steve Allen CEO, iDatix Corproation.
Cloud computing security related works in ITU-T SG17

Cloud computing security related works in ITU-T SG17
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Www.cloudsecurityalliance.org Copyright © 2013 Cloud Security Alliance.

Copyright © 2013 Cloud Security Alliance.
VIRTUALIZATION PRODUCT FOCUS 8/18/14 – 8/29/14 INTRODUCTION Our Product Focus for the next two weeks is Virtualization. More than 90% of mid- and large.

VIRTUALIZATION PRODUCT FOCUS 8/18/14 – 8/29/14 INTRODUCTION Our Product Focus for the next two weeks is Virtualization. More than 90% of mid- and large.
The COUNTER Code of Practice for Books and Reference Works Peter Shepherd Project Director COUNTER UKSG E-Books Seminar, 9 November 2005.

The COUNTER Code of Practice for Books and Reference Works Peter Shepherd Project Director COUNTER UKSG E-Books Seminar, 9 November 2005.
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev. 12-16-11)

1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.

Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Managing the Information Technology Resource Jerry N. Luftman

Managing the Information Technology Resource Jerry N. Luftman
1 Project Management & Project Management Software Yale Braunstein School of Information Management & Systems UC Berkeley.

1 Project Management & Project Management Software Yale Braunstein School of Information Management & Systems UC Berkeley.
Geneva, Switzerland, 15-16 September 2014 Cloud security standardization activities in ITU-T Huirong Tian, China ITU Workshop on “ICT.

Geneva, Switzerland, September 2014 Cloud security standardization activities in ITU-T Huirong Tian, China ITU Workshop on “ICT.
Defining Services for Your IT Service Catalog

Defining Services for Your IT Service Catalog
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Security Framework For Cloud Computing -Sharath Reddy Gajjala.

Security Framework For Cloud Computing -Sharath Reddy Gajjala.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.

MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
Web Development Process Description

Web Development Process Description

Similar presentations

Ads by Google