CSA Official Press Release

Published 07/15/2015

Cloud Security Alliance Unveils Project STRATUS Research Results

Cloud Security Alliance Unveils Project STRATUS Research Results

CSA together with elite team of researchers and practitioners demonstrate prototype tool that automates the auditing process of cloud data governance

Hamilton, New Zealand, July 15, 2015 – Cloud Security Alliance® (CSA) participated in the third quarterly meeting of the STRATUS project, a six-year, NZ $12.2 million cyber security project funded by the Ministry of Business, Innovation, and Employment. Led by the University of Waikato, CSA is part of the consortium that was awarded the funding and the work which began in November 2014. STRATUS, which is an acronym for Security Technologies Returning Accountability, Transparency and User-centric Services in the Cloud, is an ambitious project that intends to create a suite of novel security tools, techniques and capabilities that will return control of data to cloud computing users. More importantly, it aims to put New Zealand ICT industry onto the world map capitalizing on the global trend in cloud computing, cybersecurity and data analytics.

At the last meeting, CSA demonstrated how cloud data governance could be audited with auditing guidelines and compliance regulations with a prototype online tool. This tool automates the auditing process of cloud data governance. The tool also assists the auditor on mapping the auditing result with standards such as CSA Cloud Control Matrix and ISO. It was also announced that the CSA APAC Education Council and the CSA APAC Innovative Initiative will provide the necessary support for any commercialization of the research artifacts as well.

"STRATUS' approach to research commercialization is different from typical scientific research grants. STRATUS understands that for cloud security innovation to reach a global audience, it will require a platform which will allow these cutting-edge cloud services to quickly align to global best practices and requirements - a core CSA strength given its strong research outputs such as the Cloud Controls Matrix and the Cloud Data Governance Working Group," Dr Ryan Ko, Principal Investigator of STRATUS, and CSA APAC Research Advisor said. "Having CSA as our 'window to the world' provides added validation for a new user-centric security industry created via STRATUS."

Within STRATUS, CSA leads the data governance and accountability project, which covers the cloud data governance and links technical implementations with auditing guidelines and compliance regulations. CSA also leads the effort for internationalization of the New Zealand ICT industry through STRATUS and has also created a platform for the commercial exploitation of research artifacts deriving from STRATUS work.

“We are excited to be part of STRATUS and look forward to providing a positive impact to the New Zealand’s cloud security industry,” said Aloysius Cheang, Managing Director for CSA APAC. “We have developed a prototype tool based on our work so far, that has received positive reviews. In addition, we are working to connect STRATUS and New Zealand to the CSA eco-system through our local chapter. More importantly, we are beginning to see some preliminary results of the efforts to connect to dots to commercialization efforts as well as standardization efforts. I am excited and confident that we can announce the fruit of these efforts in November at the inaugural STRATUS Forum, where our chapter will be co-hosting our inaugural CSA New Zealand Summit in Wellington.”

For further information about STRATUS visit https://stratus.org.nz.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, such as the “Security Guidance for Critical Areas of Focus in Cloud Computing”, the “Cloud Controls Matrix”, “Top Threats to Cloud Computing” and 50 other cloud security research artifacts. For further information, visit us at https://www.cloudsecurityalliance.org.


Kari Walker for the CSA ZAG Communications 703.928.9996 [email protected]

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.