Cloud Security Alliance Takes Major Steps to Secure the Cloud at RSA Conference 2010
Announcements of new initiatives and release of latest research at Cloud Security Alliance Summit highlight CSA’s mission to build a secure cloud computing ecosystem
San Francisco, CA – March 1, 2010 (RSA Conference) – The Cloud Security Alliance today is making several significant announcements at its CSA Summit to provide both cloud customers and cloud providers with research, tools and calls to action to further build trust and mitigate risks within cloud computing.
“Our phenomenal worldwide growth validates our position as the global leader enabling the transition to cloud computing in a secure and responsible manner. Our initial ‘Security Guidance for Critical Areas of Focus in Cloud Computing’ is already required reading within government and industry”, said former White House advisor Paul Kurtz, partner with Good Harbor Consulting, LLC, and Cloud Security Alliance board member, “It is upon this foundation that we are developing additional research, which thanks to our corporate members, we can provide free to the public.”
At the summit, CSA is making the following announcements:
- Top Threats to Cloud Computing. CSA is releasing the results of a research project to identify cloud threats, code named “Seven Deadly Sins”. See full press release here: https://cloudsecurityalliance.org/pr20100301a.html
- CSA & IEEE-SA Cloud Standards Survey and Research. This survey project has revealed industry demand for standards within cloud computing to promote security. See full press release here: https://cloudsecurityalliance.org/pr20100301c.html
- Trusted Cloud Initiative. CSA is announcing the kickoff of a 2010 program to develop a reference model and certification program for secure and interoperable identity management in the cloud. See full press release here: https://cloudsecurityalliance.org/pr20100301b.html
- Cloud Controls Matrix. CSA is also pre-announcing the availability of the Cloud Controls Matrix, a catalog of cloud security controls aligned with key information security regulations, standards and frameworks. The full tool is scheduled for release in April 2010, more information is available here: www.cloudsecurityalliance.org/cm.html
- Cloud Security Alliance Congress call for papers is open. This conference, to be held in Orlando, Florida on November 16-17, 2010 will be the fall’s top information security event. More information is here: https://cloudsecurityalliance.org/CSA-congress.pdf. The Call for Papers is here: https://cloudsecurityalliance.org/CSA-congress-CFP.pdf
“We understand the positive impact our best practices have made upon the industry. However, we must continue to deliver the missing pieces to create a complete ecosystem of providers, technologies and professions that can implement and maintain security in this new computing era”, said CSA co-founders Nils Puhlmann and Jim Reavis, “Security is universally cited as the primary concern preventing organizations from adopting the cloud computing, yet we know that these same organizations can yield tremendous benefits by adopting cloud. For us to get there, standards must exist, security practitioners must have tools, lawyers must be able to develop appropriate contracts, auditors must be able to assess the cloud, and providers must be certified. This is a long term proposition, but we are making tremendous progress.”
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, the Cloud Security Alliance Web site is www.cloudsecurityalliance.org.
ZAG Communications for the Cloud Security Alliance