The Cloud Security Alliance announced the launch of a new initiative to encourage transparency of security practices within cloud providers.
Cloud Security Alliance (CSA) announced that it has received a no‑cost license for the CloudTrust Protocol (CTP) from CSC.
The Cloud Security Alliance (CSA) launched revision 1.1 of the CCM Security Controls Matrix, available for free here. The Cloud Security Alliance Cloud Controls Matrix (CCM), as part of the CSA GRC Stack, is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. The CSA CCM provides a controls framework that gives a detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance’s 13 domains. The foundations of the CSA CCM rest on its customized relationship to other industry-accepted security standards, regulations, and controls frameworks such as ISO 27001/27002, ISACA COBIT, PCI, and NIST. As a framework, the CSA CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to the cloud industry. The CSA CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardize security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud. Phil Agcaoili, Cloud Security Alliance Cloud Controls Matrix co-founder and steering committee co-chair, said, “I continue to be amazed at the unprecedented level of collaboration and cooperation among the global security community and continue to be very pleased with the industry support to quickly and efficiently produce results.
The Cloud Security Alliance (CSA) announced the free download of the CSA Governance, Risk Management and Compliance (GRC) Stack, a suite of enabling tools for GRC in the cloud. Achieving GRC goals requires appropriate assessment criteria, relevant control objectives and timely access to necessary supporting data.
The Cloud Security Alliance (CSA) announced that CloudAudit has become an official project of the CSA, with the joint mission of promoting the use of best practices for providing security assurance within cloud computing.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.