Cloud Security Alliance Releases Minor Update to CCM v3.0.1
Blog Article Published: 11/12/2018
By the CSA Research Team
The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) Working Group has released a minor update for the CCM v3.0.1. This update incorporates mappings to IEC 62443-3-3 and BSI Compliance Controls Catalogue (C5).
The CCM is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. The CSA CCM provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains. The foundations of the Cloud Security Alliance Controls Matrix rest on its customized relationship to other industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001/27002, ISACA COBIT, PCI, NIST, Jericho Forum and NERC CIP and will augment or provide internal control direction for service organization control reports attestations provided by cloud providers.
As a framework, the CSA CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to the cloud industry. It strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.
The CSA CCM Working Group would like to thank the following individuals for their contributions to this minor update:
- Claus Matzke
- Kristian Beckers
CCM Working Group
- Noel Haskins-Hafer
- Kris Seeburn
- Amita Radhakrishnan
- Angela Dogan
- Dibya Ranjan Nath
- Hardeep Mehrotara
- Jevon Wooden
- Keith Stocks
- Leena Singal
- Loredana Mancini
- Manjunath A.T.
- Michael Roza
- Reid Leake
- Subrata Baguli
- Umar Khan
- Vamsi Kaipa
Please feel free to contact us at [email protected] if you have any queries regarding the update.
If you are interested in participating in future CCM Working Group activities, please feel free to sign up for the working group.
Trending This Week
#1 What are the Most Common Cloud Computing Service Delivery Models?
#2 Zero Trust and AI: Better Together
#3 Top Threat #2 to Cloud Computing: Insecure Interfaces and APIs
#4 101 Guide on Cloud Security Architecture for Enterprises
#5 Demystifying Secure Architecture Review of Generative AI-Based Products and Services
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.