Download Publication

Who it's for:
- All cloud customers
- Cloud service providers who need a clear framework for sharing incident response practices with customers
Cloud Incident Response Framework
Release Date: 05/04/2021
Working Group: Cloud Incident Response
This framework created by the Cloud Incident Response Working Group serves as a go-to guide for cloud customers to effectively prepare for and manage cloud incidents. It explains how to assess an organization’s security requirements and then opt for the appropriate level of incident protection. Cloud customers will learn how to negotiate with cloud service providers, select security capabilities that are made-to-measure, and divide security responsibilities.
Key Takeaways:
- How to effectively manage cloud incidents through the entire lifecycle of a disruptive event, including:
- Preparation
- Detection and analysis
- Containment, eradication, and recovery
- Post-mortem
- How to coordinate and share information with stakeholders and other organizations
Download this Resource
Acknowledgements

Soon Tein Lim
This person does not have a biography listed with CSA.

Michael Roza
Risk, Audit, Control and Compliance Professional
Since 2012 Michael has contributed to over 75 CSA projects completed by CSA's Internet of Things, Blockchain/Distributed Ledger, Top Threats, Cloud Control Matrix, Software-Defined Perimeter, Applications, Containers, and Microservices, and other working groups. In, 2020 he also served as co-chair to CSA's Enterprise Architecture and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, S...

Alex Siow
This person does not have a biography listed with CSA.

Ashish Vashishtha
Cybersecurity - Sr. Risk Manager & Security Architect at IBM
Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...