Liberty Hall, Dublin

chirpskulkInternet και Εφαρμογές Web

3 Νοε 2013 (πριν από 4 χρόνια και 6 μέρες)

101 εμφανίσεις

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

Liberty Hall, Dublin



March 30th 2012

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

Brian Honan

CSA
-

UK & Ireland Chapter

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Global, not
-
for
-
profit organization


Over 23,000 individual members, 100 corporate members,
50 chapters


Building best practices and a trusted cloud ecosystem


Agile philosophy, rapid development of applied research


GRC: Balance compliance with risk management


Reference models: build using existing standards


Identity: a key foundation of a functioning cloud economy


Champion interoperability


Enable innovation


Advocacy of prudent public policy

“To promote the use of best practices for providing security assurance within Cloud
Computing, and provide education on the uses of Cloud Computing to help
secure all other forms of computing.”

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Over 2,000 individual members


Focused on Information Risk Management



To provide the guidance and tools required to allow business
and home users of cloud services to manage risks to their
information in order to embrace the opportunities afforded
by the interconnected information society of the 21st
century.


www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

…from the Knights Templar
to Jeremy Clarkson, onto
James May and beyond!

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

“the
state of being free from danger or
threat”


www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


The original ‘trust
authority’


Conveyed money around
the middle east during the
crusades


Founders of modern
banking systems…


…which are based on
trust

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Money isn’t real


You
trust

the bank to pay you


based
on a promise!

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


The bank teller model worked for
centuries


Until the 1990’s


When trust moved…

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Web 2.0 creates new
challenges…


…for which we create new
controls


Which surely enhance security?


Enter our second guest…

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Published bank details
after HMRC breach in
2008


Direct debit setup to make
charitable contribution

“The
bank cannot find out who did
this because of the Data
Protection Act and they cannot
stop it from happening
again”

Jeremy Clarkson

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


That the boundaries have moved


Security no longer exists as we understand
it


That technology can’t be controlled using
traditional thinking


That we need to evolve our thinking

Time for our third guest…

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Understanding your
assets allows tangible
benefit


Defined frameworks are
required


Requires constant re
-
evaluation to achieve
goals

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


You’re here, now!


The line between
consumerisation

and
business is dissolving rapidly


Technology and adoption evolves faster
than ever before


Risks are not to be feared, but managed


Compliance will not help you!

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland


Ask questions about your business


Determine the information assets being
used


Don

t assume control context


Determine the information risks
you
need
managing


Determine responsibility for operating
controls


Ensure metrics measure desired control
performance

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

www.cloud
-
security.org.uk

Copyright © 2012 Cloud Security Alliance


UK & Ireland

Have your say and be heard in the Cloud
discussion


Joining us is free


Join at
www.cloud
-
security.org.uk



Email me on
brian.honan@cloud
-
security.org.uk


Follow us on twitter: @CSAUKEire