Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

Download Publication

Cloud Octagon Model
Cloud Octagon Model

Cloud Octagon Model

Release Date: 06/24/2019

In this document CSA provides an approach to assess risk in SaaS cloud computing. The Cloud Octagon Model stems from an approach conceptualized and implemented by the Cloud Security Group within the Technology & Engineering department, Corporate Information Security Office (CISO), ABN AMRO Bank NV (Netherlands). It counts such aspects as procurement, IT governance, architecture, development and engineering, service providers, risk processes, data classification, and country. The model provides practical guidance and structure to all involved risk parties in order to keep pace with rapid changes in privacy and data protection laws and regulations, and changes in technology and its security implications. The model aims to:
  • reduce risks associated with cloud computing;
  • improve the effectiveness of the cloud risk team;
  • improve manageability of the solution; and
  • improve security.

Download this Resource

LoginCreate Account

Prefer to access this resource without an account? Download it now.

Acknowledgements

Michael Roza Headshot
Michael Roza
Risk, Audit, Control and Compliance Professional

Michael Roza

Risk, Audit, Control and Compliance Professional

Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Key M...

Read more

Jim De Haas Headshot
Jim De Haas
Cloud Security Expert

Jim De Haas

Cloud Security Expert

Seasoned security professional with a demonstrated history of working on critical, complex and highly available banking applications. A technology enthusiast, who enjoys collaborating with cross-functional teams. A strong communicator who can evangelize security across the organisation. Specialised in Cloud Security (Both AWS and Azure), IT Security, training DevOps engineers in security topics and making security understandable to non-secu...

Read more

Cheyenne Seur Headshot Missing
Cheyenne Seur

Cheyenne Seur

This person does not have a biography listed with CSA.

Timo Muller Headshot Missing
Timo Muller

Timo Muller

This person does not have a biography listed with CSA.

Biswajt Behera Headshot Missing
Biswajt Behera

Biswajt Behera

This person does not have a biography listed with CSA.

Alok Saxena Headshot Missing
Alok Saxena

Alok Saxena

This person does not have a biography listed with CSA.

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?