Add to collection(s) Add to saved
  1. Business

ITU‐TRCSL Symposium on Cloud Computing  Cloud Security Challenges and Solutions Jayaraj Sayanthan Lead Engineering Manager – IDC and Cloud

advertisement 
ITU‐TRCSL Symposium on Cloud Computing (28‐30 July 2015 Colombo Sri Lanka)
Cloud Security Challenges and Solutions
Jayaraj Sayanthan
Lead Engineering Manager – IDC and Cloud
Dialog Axiata PLC
Evolving Cloud Computing Challenges
Cloud Security Concerns and Threats
Cloud Security and Defense Plans (lots of devices???)
CIO’s Preferred Ways to Improve Cloud Security
What are we missing? and Bridging the gap…!!!
Setting and Enforcing Security Policies
Information and Cloud Security Compliance /Standards
Effective Mapping of Security Control ISO/IEC 27001: 2013
Cloud Controls Matrix v3.0.1
ISO/IEC 27000 – a success story Original requirement identified by the Department of Trade and Industry (DTI) in late 1980s • UK companies held back by lack of information security advice and guidance • Market needed a “code of practice” Developed for DTI, published by BSI Became a British Standard, BS 7799, in 1995 and Certification standard BS 7799‐2 followed in 1999 Became International Standards ISO/IEC 27001 and 27002 in 2005 Other information security standards now being developed or harmonized into 270xx series standards ISO/IEC 27001 family of standards
Overview and vocabulary 27000
Code of practice 27002
Guide 73
27016
27016 Organizational economics
27014
Governance
27003
Implementation guidance
Vocabulary
Principles and
guidelines
31010
Risk assessment
techniques
27001
27005
31000
Risk Management
Requirements
27009
27x Extended Range
Certification
27001
+
industry vertical
Conformity Assessment –
Vocabulary and general principals
27006
Conformity assessment
- ISMS
19011
Applicability
27010
Inter-sector and
Inter organizational
27011 Telecommunications
27013 27001+20000-1
17000
17021
27004 Measurements
Requirements for bodies
audit and certification
27015 Financial services
27017 Cloud Computing service
27007
Guidelines for
auditing management system
Guidelines for ISMS
auditing
27018 Data protection control of
public cloud computing service
27019 Process control system -
27008 Guidance for auditors
on controls - TR
TR
27799 Health
New, Cleaner Organization of Domains in ISO 27001:2013
The New ISO/IEC 27001:2013 Structure
Cloud Control Matrix
Cloud Control Matrix – Domains and Controls
Sample Control and Applicability
Cloud Control Matrix Mapping with Other Standards
Cloud Security Alliance : The CSA STAR Certification
The CSA Open Certification Framework is an industry
initiative to allow global, accredited, trusted certification of
cloud providers.
Copyright © 2014 Cloud Security Alliance
Suitable Security Policies / Controls are mandatory to enforce proper security with security devices and applications
Cloud Security Solutions On Demand
QUESTIONS…?
Thank You Very Much
Related documents
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Slide - People
Slide - People
Download
advertisement