Download Publication

Who it's for:
- All cloud customers
- Cloud service providers who need a clear framework for sharing incident response practices with customers
Cloud Incident Response Framework
Release Date: 05/04/2021
Working Group: Cloud Incident Response
This framework created by the Cloud Incident Response Working Group serves as a go-to guide for cloud customers to effectively prepare for and manage cloud incidents. It explains how to assess an organization’s security requirements and then opt for the appropriate level of incident protection. Cloud customers will learn how to negotiate with cloud service providers, select security capabilities that are made-to-measure, and divide security responsibilities.
Key Takeaways:
- How to effectively manage cloud incidents through the entire lifecycle of a disruptive event, including:
- Preparation
- Detection and analysis
- Containment, eradication, and recovery
- Post-mortem
- How to coordinate and share information with stakeholders and other organizations
Download this Resource
Prefer to access this resource without an account? Download it now.
Related Resources
Acknowledgements

Soon Tein Lim
This person does not have a biography listed with CSA.

Michael Roza
Risk, Audit, Control, and Compliance Professional
Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Alex Siow
This person does not have a biography listed with CSA.

Ashish Vashishtha
Security Compliance Leader
Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...

Haojie Zhuang
This person does not have a biography listed with CSA.

Larry Marks
This person does not have a biography listed with CSA.

Oscar Monge Espana
This person does not have a biography listed with CSA.

Dr. Hing-Yan Lee
Executive Vice President of Government Affairs, CSA
Dr. Hing Yan Lee serves as the Executive Vice President of Asia Pacific (APAC) for Cloud Security Alliance. Dr. Lee has over 30 years of ICT working experience in both the public and private sectors. In the recent 9+ years, he was Director of National Cloud Computing Office at Infocomm Development Authority, where he was responsible for, inter alia, developing the cloud ecosystem, promoting cloud adoption by government agencies and private...

Nirenj George
This person does not have a biography listed with CSA.

Fadi Sodah
This person does not have a biography listed with CSA.

Abhishek Pradhan
This person does not have a biography listed with CSA.

Saan Vandendriessche
This person does not have a biography listed with CSA.

Tanner Jamison
This person does not have a biography listed with CSA.

Bowen Close
This person does not have a biography listed with CSA.

David Cowen
This person does not have a biography listed with CSA.

Ekta Mishra
Membership Director & Country Manager (India), CSA APAC
This person does not have a biography listed with CSA.

Ashish Kurmi
This person does not have a biography listed with CSA.

Alex Siow
This person does not have a biography listed with CSA.

Christopher Hughes
This person does not have a biography listed with CSA.

Karen Gispanski
This person does not have a biography listed with CSA.

Vani Murthy
Sr. Information Security Compliance Advisor, Akamai Technologies
Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture

David Chong
This person does not have a biography listed with CSA.

Sandeep Singh
This person does not have a biography listed with CSA.

Dr. Ricci Ieong
Dr Ricci Ieong is the principal consultant of eWalker Consulting (HK) Ltd. and has over 20 years of industry experience in information technology, as well as more than 17 years of experience in IT security, where he specializes in security risk assessment, IT audit, penetration testing, and computer forensics investigation. He is the former vice chairman of professional development of Cloud CSA (HK & Macau Chapter) and has serve...

Aristide Bouix
This person does not have a biography listed with CSA.

Chelsea Joyce
This person does not have a biography listed with CSA.

Ashish Vashishtha
Security Compliance Leader
Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...

Soon Tein Lim
This person does not have a biography listed with CSA.

Dennis Holstein
This person does not have a biography listed with CSA.