Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

Download Publication

Cloud Incident Response Framework
Cloud Incident Response Framework
Who it's for:
  • All cloud customers
  • Cloud service providers who need a clear framework for sharing incident response practices with customers

Cloud Incident Response Framework

Release Date: 05/04/2021

Preventive security controls cannot completely eliminate the possibility of critical data being compromised in a cyber attack. Therefore, organizations that utilize cloud services must ensure that they have a reliable cloud incident response strategy in place. Cloud incident response is simply the process used to manage cyber attacks in a cloud environment. There are several key aspects of a cloud incident response system that differentiate it from a non-cloud incident response system, notably in the areas of governance, shared responsibility, and visibility.

This framework created by the Cloud Incident Response Working Group serves as a go-to guide for cloud customers to effectively prepare for and manage cloud incidents. It explains how to assess an organization’s security requirements and then opt for the appropriate level of incident protection. Cloud customers will learn how to negotiate with cloud service providers, select security capabilities that are made-to-measure, and divide security responsibilities.

Key Takeaways:
  • How to effectively manage cloud incidents through the entire lifecycle of a disruptive event, including:
    • Preparation
    • Detection and analysis
    • Containment, eradication, and recovery
    • Post-mortem
  • How to coordinate and share information with stakeholders and other organizations

Download this Resource

LoginCreate Account

Prefer to access this resource without an account? Download it now.

Acknowledgements

Soon Tein Lim Headshot
Soon Tein Lim

Soon Tein Lim

This person does not have a biography listed with CSA.

Michael Roza Headshot
Michael Roza
Risk, Audit, Control and Compliance Professional

Michael Roza

Risk, Audit, Control and Compliance Professional

Since 2012 Michael has contributed to over 75 CSA projects completed by CSA's Internet of Things, Blockchain/Distributed Ledger, Top Threats, Cloud Control Matrix, Software-Defined Perimeter, Applications, Containers, and Microservices, and other working groups. In, 2020 he also served as co-chair to CSA's Enterprise Architecture and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, S...

Read more

Alex Siow Headshot
Alex Siow

Alex Siow

This person does not have a biography listed with CSA.

Ashish Vashishtha Headshot
Ashish Vashishtha
Cybersecurity - Sr. Risk Manager & Security Architect at IBM

Ashish Vashishtha

Cybersecurity - Sr. Risk Manager & Security Architect at IBM

Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...

Read more

Haojie Zhuang Headshot Missing
Haojie Zhuang

Haojie Zhuang

This person does not have a biography listed with CSA.

Larry Marks Headshot Missing
Larry Marks

Larry Marks

This person does not have a biography listed with CSA.

Oscar Monge Espana Headshot Missing
Oscar Monge Espana

Oscar Monge Espana

This person does not have a biography listed with CSA.

Dr. Hing-Yan Lee Headshot
Dr. Hing-Yan Lee
Executive Vice President of Government Affairs, CSA

Dr. Hing-Yan Lee

Executive Vice President of Government Affairs, CSA

Dr. Hing Yan Lee serves as the Executive Vice President of Asia Pacific (APAC) for Cloud Security Alliance. Dr. Lee has over 30 years of ICT working experience in both the public and private sectors. In the recent 9+ years, he was Director of National Cloud Computing Office at Infocomm Development Authority, where he was responsible for, inter alia, developing the cloud ecosystem, promoting cloud adoption by government agencies and private...

Read more

Nirenj George Headshot Missing
Nirenj George

Nirenj George

This person does not have a biography listed with CSA.

Fadi Sodah Headshot Missing
Fadi Sodah

Fadi Sodah

This person does not have a biography listed with CSA.

Abhishek Pradhan Headshot Missing
Abhishek Pradhan

Abhishek Pradhan

This person does not have a biography listed with CSA.

Saan Vandendriessche Headshot Missing
Saan Vandendriessche

Saan Vandendriessche

This person does not have a biography listed with CSA.

Tanner Jamison Headshot Missing
Tanner Jamison

Tanner Jamison

This person does not have a biography listed with CSA.

Bowen Close Headshot Missing
Bowen Close

Bowen Close

This person does not have a biography listed with CSA.

David Cowen Headshot Missing
David Cowen

David Cowen

This person does not have a biography listed with CSA.

Ekta Mishra Headshot
Ekta Mishra
Membership Director & Country Manager (India), CSA APAC

Ekta Mishra

Membership Director & Country Manager (India), CSA APAC

This person does not have a biography listed with CSA.

Ashish Kurmi Headshot Missing
Ashish Kurmi

Ashish Kurmi

This person does not have a biography listed with CSA.

Alex Siow Headshot
Alex Siow

Alex Siow

This person does not have a biography listed with CSA.

Christopher Hughes Headshot Missing
Christopher Hughes

Christopher Hughes

This person does not have a biography listed with CSA.

Karen Gispanski Headshot Missing
Karen Gispanski

Karen Gispanski

This person does not have a biography listed with CSA.

Vani Murthy Headshot
Vani Murthy
Senior advisor Security & Compliance at Akamai Technologies

Vani Murthy

Senior advisor Security & Compliance at Akamai Technologies

Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture

Read more

David Chong Headshot Missing
David Chong

David Chong

This person does not have a biography listed with CSA.

Sandeep Singh Headshot Missing
Sandeep Singh

Sandeep Singh

This person does not have a biography listed with CSA.

Ricci Ieong Headshot
Ricci Ieong

Ricci Ieong

Dr Ricci Ieong is the principal consultant of eWalker Consulting (HK) Ltd. and has over 20 years of industry experience in information technology, as well as more than 17 years of experience in IT security, where he specializes in security risk assessment, IT audit, penetration testing, and computer forensics investigation. He is the former vice chairman of professional development of Cloud CSA (HK & Macau Chapter) and has serve...

Read more

Aristide Bouix Headshot Missing
Aristide Bouix

Aristide Bouix

This person does not have a biography listed with CSA.

Chelsea Joyce Headshot Missing
Chelsea Joyce

Chelsea Joyce

This person does not have a biography listed with CSA.

Ashish Vashishtha Headshot
Ashish Vashishtha
Cybersecurity - Sr. Risk Manager & Security Architect at IBM

Ashish Vashishtha

Cybersecurity - Sr. Risk Manager & Security Architect at IBM

Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...

Read more

Soon Tein Lim Headshot
Soon Tein Lim

Soon Tein Lim

This person does not have a biography listed with CSA.

Dennis Holstein Headshot Missing
Dennis Holstein

Dennis Holstein

This person does not have a biography listed with CSA.

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?