Secure Cloud 2010
Yesterday I arrived in Barcelona in advance of Secure Cloud 2010 organised jointly by Cloud Security Alliance (CSA), European Network and Information Security Agency (ENISA), ISACA and IEEE.
In advance of the conference I attended the initial meeting of a new ENISA project to develop a security metric tool for cloud and other computing services, based around the information assurance framework outlined in last year's excellent report on cloud computing risks. I am participating on behalf of the Open Web Application Security Project (OWASP) and its Global Industry Committee so we can share our knowledge and experience from application development and operation. The initiative seems to have the support of the major vendors (Microsoft, eBay, Google, Amazon Web Services, etc) and other security groups (CSA, ISACA, ISF, ISSA, Jericho Forum, etc), and plans to build on other existing efforts (e.g. Shared Assessments, CloudAudit, FTC, NIST, etc). There are high expectations that something relevant, open, transparent and practical—for all sizes of organisation—can be delivered in the next year.
Now, off to the conference.
Posted on: 16 March 2010 at 08:05 hrs
Comments are filtered automatically and should appear shortly after they been checked.