Introduction to CloudCERT
Computer Security Incident Response Teams (CSIRTs) form the cornerstone of coordinated incident response and computer security information sharing for governments and large enterprises around the world. This model has worked well for handling malicious activity on the traditional Internet. However, the advent of Cloud Computing has created a new set of challenges for security professionals in securing the platforms that deliver the cloud. It is unclear that traditional CSIRTs are currently positioned to provide the same level of support for Cloud Computing platforms and their Providers. However, the concentration of assets that is the very nature of Cloud Computing creates the real possibility that the consequences of incidents within Cloud will be much more severe than traditional incidents. For that reason, the Cloud Security Alliance has launched the CloudCERT Initiative.
Although Cloud Computing is clearly built upon traditional Internet services, protocols, and infrastructure, these components are brought together in novel ways. The definitional characteristics of Cloud Computing, such as multi-tenancy, elasticity, resource sharing and on demand provisioning have the potential to complicate traditional CSIRT operations. In addition, the business models of Cloud Computing encourage many tiers of providers and customers within a single virtual infrastructure. How to coordinate appropriate and efficient incident response without impacting continuity of operations for other customers or without violating laws and contractual agreements is not clear today. In addition, the speed with which incidents must be resolved becomes much greater. Therefore, there may be significant enough differences to warrant the creation of a Cloud CSIRT capability that specifically concerns itself with Cloud Security and serves the Cloud Computing community.
In January 2011, the CloudCERT working group adopted an initial mission statement to: Enhance the capability of the cloud community to prepare for and respond to vulnerabilities, threats, and incidents in order to preserve trust in cloud computing.
John Howie, CSA
- Join the CloudCERT email announcement list.
Download CloudCERT Related Documents
September 05, 2012
CSA today signed a Memorandum of Understanding with ASTRI to advance cloud computing security and build capabilities that will accelerate the development of the cloud ecosystem in Hong Kong.
May 21, 2012
CSA announced today the appointment of information and communications technology veteran John Howie to the position of Chief Operating Officer (COO).
February 15, 2011
At the CSA Summit at RSA on February 14, 2011, the Cloud Security Alliance (CSA) unveiled its 2011 roadmap, which builds on an already extensive body of work put together by the alliance in its first two years of existence.