Research Artifacts

GDPR Preparation and Awareness Survey Report

GDPR Preparation and Awareness Survey Report

Description: Cloud computing, the Internet of Things, Artificial Intelligence, and other new technologies allow businesses to have better customer engagement, more access to data, and powerful analytical tools. Providers are racing to bring these technologies to the enterprise and users are anxious to take advantage of their benefits.

Release Date: 04/17/2018
State of Cloud Report

State of Cloud Report

Description: Innovators and early adopters have been using cloud for years taking advantage of the quicker deployment, greater scalability, and cost saving of services. The growth of cloud computing continues to accelerate offering more solutions with added features and benefits, including security.

Release Date: 04/16/2018
Best Practices for Cyber Incident Exchange

Best Practices for Cyber Incident Exchange

Description: No organization is immune from cyber attack. Malicious actors collaborate with skill and agility, effectively moving from target to target at a breakneck pace. New attacks are directed at dozens of companies within the first 24 hours and hundreds within a few days.

Release Date: 04/16/2018
Using Blockchain Technology to Secure the Internet of Things

Using Blockchain Technology to Secure the Internet of Things

Description: In the last four years, technical experts, chief digital officers, marketing managers, journalists, bloggers and research institutions have discussed and promoted a new distributed model for secure transaction processing and storage using blockchain technology. IDC FutureScape predicted that by 2020, 20% of global trade finance will incorporate blockchain.

Release Date: 02/13/2018
The State of Enterprise Resource Planning Security in the Cloud

The State of Enterprise Resource Planning Security in the Cloud

Description: The State of ERP Security in the Cloud briefly highlights some of the issues and challenges of migrating ERP solutions to the cloud. The document examines common security and privacy risks that organizations might incur during a transition to the cloud, as well as how organizations have mitigated these hazards.

Release Date: 02/07/2018
Top Threats to Cloud Computing Plus: Industry Insights

Top Threats to Cloud Computing Plus: Industry Insights

Abstract: The Top Threats to Cloud Computing Plus: Industry Insights serves as a validation of the relevance of security issues discussed in the earlier document as wells as provides references and overviews of these incidents. In total, 21 anecdotes and examples are featured in the document. The references and overview of each anecdote and example are written with the help of publicly available information.

Credits:
Fitzgerald Barth
Victor Chin
Moshe Ferber
Sean Hittel
Laurie Jameson
Nathaniel Mason
Hardeep Mehrotara
Ashish Mehta
Mihir Mohanty
Krishna Narayanaswamy
Michael Roza

Release Date: 10/20/2017
Consensus Assessments Initiative Questionnaire v3.0.1 (9-1-17 Update)

Consensus Assessments Initiative Questionnaire v3.0.1 (9-1-17 Update)

Description: The CAIQ is based upon the CCM and provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix.

Release Date: 10/12/2017
Cloud Controls Matrix v3.0.1 (9-1-17 Update)

Cloud Controls Matrix v3.0.1 (9-1-17 Update)

Description: The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing. CCM is currently considered a de-facto standard for cloud security assurance and compliance.

Release Date: 10/03/2017
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

The rise of cloud computing as an ever-evolving technology brings with it a number of opportunities and challenges. With this document, we aim to provide both guidance and inspiration to support business goals while managing and mitigating the risks associated with the adoption of cloud computing technology.

Release Date: 07/26/2017
A Repeatable Cloud-first Deployment Process Model

A Repeatable Cloud-first Deployment Process Model

By now the benefits of cloud computing are generally understood at high level. What is not necessarily clear are the details of the potential security, legal, financial, and compliance impacts that cloud adoption will produce. The stakeholders who are currently responsible for these areas are sometimes not sufficiently familiar with how a cloud-first strategy affects their roles and functions. While the organization as whole is still responsible for ensuring that all its obligations are met, the cloud changes the nature of risks, roles, and responsibilities and how stakeholders within the organization manage them.

Release Date: 06/06/2017
Observations and Recommendations on Connected Vehicle Security

Observations and Recommendations on Connected Vehicle Security

The introduction of Connected Vehicles (CVs) has been discussed for many years. Pilot implementations currently underway are evaluating CV operations in realistic municipal environments. CVs are beginning to operate in complex environments composed of both legacy and modernized traffic infrastructure. Security systems, tools and guidance are needed to aid in protecting CVs and the supporting infrastructure.

Release Date: 05/25/2017
SDP for IaaS

SDP for IaaS

Release Date: 02/13/2017