CSA Launches 2 New Research Working Groups with Huawei – Call for Participation

In our mission to build a more secure Cloud ecosystem, the Cloud Security Alliance (CSA) is commencing on working on 2 new research working groups together with our executive member Huawei.

Cloud Component Specifications WG
Looking at the current environment, there are several internationally recognized standards that guide and evaluate cloud service providers in ISMS perspective. We see there is a gap that we should address, which is to ensure security at an even lower level – looking at the Cloud components. In this WG, the term cloud component refers to the different parts that make up cloud, for example the dedicated cloud firewalls, Swift and Glance in Openstack, virtual desktop integration. This WG aims to develop technical security best practices and guidelines for these components to provide better purchasing decisions for Cloud Service Providers (CSPs), better product development for cloud component suppliers and ultimately a more secure Cloud environment for the end users.

Interested parties please proceed to register at https://cloudsecurityalliance.org/group/cloud-component specifications/#_join.

Cloud Security Services Management WG
Collaboration and coordination among all stakeholders are critical to secure the cloud platform. The current gap is that there is no defined guideline dividing the security roles and responsibilities between the Cloud Service Providers (CSPs) and Cloud customers; on how to secure Cloud services in different Cloud deployment models. This is especially the case for those who have little cloud security knowledge.

This WG aims to develop a whitepaper will serve as a guideline for CSPs to secure its Cloud platform and provide Cloud security services to Cloud users; for Cloud users to select security qualified CSPs; for security vendors to develop their Cloud-based security products and services. Subsequently, this WG hopes to develop a platform for CSPs to publish their security requirements; for security vendors to share their security products and services, and to provide a platform for interoperability testing. This will be especially beneficial to SMBs which are CSPs, security vendors and Cloud customers. Ultimately, Cloud security services management will become a part of Governance, Risk and Compliance (GRC) implementation.

Interested parties please proceed to register at https://cloudsecurityalliance.org/group/cloud-security-services management/#_join. We would like to seek for contributors to join this 2 working groups, your contribution will be acknowledged.

Thank you in advance for your time and contribution.

Share this content on your favorite social network today!