Industry Leaders Form Cloud Security Alliance

Alliance to promote education and awareness of best practices to secure cloud computing

San Francisco, CA, March, 31 2009 - Key leaders within both the information security and cloud computing industries today announced the formation of the Cloud Security Alliance, to be formally launched at the RSA Conference 2009, in San Francisco on April 21, 2009. The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. "The very nature of how businesses use information technology is being transformed by the 'on-demand' cloud computing model," said Dave Cullinane, Chief Information Security Officer at eBay, Inc. "It is imperative that information security leaders are engaged at this early stage to help assure that the rapid adoption of cloud computing builds in information security best practices without impeding the business. I am proud to be a co-founder of this important initiative." As part of the launch at RSA, the Cloud Security Alliance will issue its inaugural whitepaper, "Guidance for Critical Areas of Focus in Cloud Computing", which outlines key issues and provides advice for both Cloud Computing customers and providers within 15 strategic domains. "We expect a great deal of migration towards cloud computing within the federal government in addition to the already robust private sector growth," said former White House advisor Paul Kurtz, partner with Good Harbor Consulting, LLC, and Cloud Security Alliance founding member. "The growth of the cloud should not outpace our ability to protect the data that goes into it, and the Cloud Security Alliance is a key collaborative effort to help assure that is the case." The Cloud Security Alliance has engaged noted experts within several fields, including governance, law, network security, audit, application security, storage, cryptography, virtualization, risk management and several others, in order to provide authoritative guidance to securely adopt cloud computing solutions. Alan Boehme, Cloud Security Alliance founding member and Senior Vice President of IT Strategy and Architecture at ING says that this guidance is timely, "Enterprises need pragmatic advice to qualify and engage with cloud providers in a way that is in alignment with organizational risk tolerances. We also need the flexibility to use cloud services for business needs of varying levels of sensitivity. It is important to me that the Cloud Security Alliance's recommendations are being driven by leading practitioners. " In the week following the RSA Conference, the Cloud Security Alliance will launch its one year roadmap of activities and deliverables at Infosecurity Europe in London.

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by industry practitioners and supported by founding charter companies PGP Corporation, Qualys, Inc. and Zscaler, Inc. For further information, the Cloud Security Alliance website is www.cloudsecurityalliance.org

Contact:

Zenobia Godschalk ZAG Communications for the Cloud Security Alliance [email protected] 678.799.8279 Jim Reavis Co-founder, Cloud Security Alliance [email protected]