6

www.cloudsecurityalliance.or Copyright © 2011 Cloud Security Alliance Cloud Controls Matrix Work Group Session Sean Cordero President of Cloudwatchmen, Co-chair CCM, CSA Evelyn de Souza Data Center Security Strategist, Cisco, Co- chair CCM, CSA

Cloud Controls Matrix Work Group Session

Download PPTX Report

Upload
melora
View
52
Download
0

Tags:

Embed Size (px)

DESCRIPTION

Sean Cordero President of Cloudwatchmen , Co-chair CCM, CSA Evelyn de Souza Data Center Security Strategist, Cisco, Co-chair CCM, CSA. Cloud Controls Matrix Work Group Session . Who Controls What in the Cloud Ecosystem?. CSA Security Guidance v3.0. - PowerPoint PPT Presentation

Citation preview

Page 1: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

Cloud Controls Matrix Work Group Session

Sean Cordero President of Cloudwatchmen, Co-chair CCM, CSAEvelyn de Souza Data Center Security Strategist, Cisco, Co-chair CCM, CSA

http://www.cloudsecurityalliance.org/

Page 2: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

Who Controls What in the Cloud Ecosystem?

CSA Security Guidance v3.0

http://www.cloudsecurityalliance.org/

Page 3: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

Cloud Controls Matrix (CCM)CSA Security Guidance 3.0x 3 new control domains to address new ways cloud data is accessedImproved clarity and cohesiveness of control domains

Mobile SecuritySupply Change Management, Transparency and AccountabilityInteroperability and Portability

http://www.cloudsecurityalliance.org/

Page 4: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

CCM Release PipelineVersion 1.x Releases – 1.0 (April 2010), 1.01 (Oct 2010), 1.1 (Dec 2010), v1.2 (Aug 2011), v1.3 Aprill, 2013,

v1.4 (TBD)

Next Full Revision Release – April 2013

CCM 1..3 Align to Security Guidance 3.0

CCM 1.4

Baseline Control Assurance Framework for Cloud Security – mapped to:

**COBIT 4.1**HIPAA / HITECH ActISO/IEC 27001:2005**NIST Special Publication (SP) 800-53 Rev 3FedRAMP 3.0PCI DSS v2.0BITS Shared AssessmentsGAPPJericho ForumNERC CIPAICPA Trust Services Principles & Criteria (TSP)

**CCM .xx Future Pipeline Mapping Considerations:• Open Data Center Alliance (ODCA)• HIPAA/HITECH Act (CSA HIMG)• COBIT 5 (Information Security)• NIST SP 800-53 Rev 4• Slovenian Information Commissioner on Privacy

Guidance for Cloud Computing• New Zealand Information Security Manual

(NZISM)

http://www.cloudsecurityalliance.org/

Page 5: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

Your Call to Action

Become involved as a subject matter expert and a reviewer for upcoming releases

Advise on different standards that we should consider mapping in going forward

Implement the CCM in your organization’s compliance reporting tools

http://www.cloudsecurityalliance.org/

Page 6: Cloud Controls Matrix Work Group Session

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance

Thank You

http://www.cloudsecurityalliance.org/

Matrix Controls building automation - bms-technology.combms-technology.com/pdf/BMS Matrix Controls.pdf · Matrix Controls Pte Ltd is the leading provider of direct digital controllers,

Matrix Controls building automation - bms-technology.combms-technology.com/pdf/BMS Matrix Controls.pdf · Matrix Controls Pte Ltd is the leading provider of direct digital controllers,

Documents

SME Cloud Security Survey Report 2017 v0...the PD(P)O. SMEs can also follow the Security Guidance for Critical Areas of Focus in Cloud Computing and Cloud Controls Matrix (CCM released

SME Cloud Security Survey Report 2017 v0...the PD(P)O. SMEs can also follow the Security Guidance for Critical Areas of Focus in Cloud Computing and Cloud Controls Matrix (CCM released

Documents

CCM (Cloud Controls Matrix)におけるマッピング手 …...本書「CCM (Cloud Controls Matrix)におけるマッピング手法の解説」は、Cloud Security Alliance (CSA)が公開している「METHODOLOGY

CCM (Cloud Controls Matrix)におけるマッピング手 …...本書「CCM (Cloud Controls Matrix)におけるマッピング手法の解説」は、Cloud Security Alliance (CSA)が公開している「METHODOLOGY

Documents

Discover Cloud System Matrix

Discover Cloud System Matrix

Documents

How To Earn Your Certiﬁcate In Cloud Security...Security Guidance v.4 The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is a cloud security controls framework from the

How To Earn Your Certiﬁcate In Cloud Security...Security Guidance v.4 The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is a cloud security controls framework from the

Documents

Introducing Oracle Advanced Financial Controls Cloud Service

Introducing Oracle Advanced Financial Controls Cloud Service

Business

Cloud Computing Compliance Controls Catalogue (C5)

Cloud Computing Compliance Controls Catalogue (C5)

Documents

Cloud Computing Risks N Controls V1.0

Cloud Computing Risks N Controls V1.0

Technology

Matrix degradability controls multicellularity of 3D cell

Matrix degradability controls multicellularity of 3D cell

Documents

Strategic Cloud Adoption - BSI Group€¦ · 2. Cloud Controls Matrix (CCM) is speciﬁcally designed to provide fundamental security principles to guide cloud vendors and to assist

Strategic Cloud Adoption - BSI Group€¦ · 2. Cloud Controls Matrix (CCM) is speciﬁcally designed to provide fundamental security principles to guide cloud vendors and to assist

Documents

COBIT 5 Controls & Assurance in the Cloud€¦ · · 2015-11-09von Cloud Computing und dabei welcher Cloud-Service der beste für das ... Cloud Control Matrix Jericho Forum® Self-Assessment

COBIT 5 Controls & Assurance in the Cloud€¦ · · 2015-11-09von Cloud Computing und dabei welcher Cloud-Service der beste für das ... Cloud Control Matrix Jericho Forum® Self-Assessment

Documents

20 Security Controls for the Cloud

20 Security Controls for the Cloud

Technology

Esri Managed Cloud Services Advanced Plus CSA CCM 3.0 · 2017-09-26 · Esri Managed Cloud Services – Advanced Plus . Cloud Security Alliance (CS A) Cloud Controls Matrix (CCM)

Esri Managed Cloud Services Advanced Plus CSA CCM 3.0 · 2017-09-26 · Esri Managed Cloud Services – Advanced Plus . Cloud Security Alliance (CS A) Cloud Controls Matrix (CCM)

Documents

SAP Business One Cloud Platform Support Matrix

SAP Business One Cloud Platform Support Matrix

Documents

Control The Cloud, Before The Cloud Controls YouControl The Cloud, Before The Cloud Controls You feaTuring researCh from forresTer Forrester Data: Cloud Security Solutions Forecast,

Control The Cloud, Before The Cloud Controls YouControl The Cloud, Before The Cloud Controls You feaTuring researCh from forresTer Forrester Data: Cloud Security Solutions Forecast,

Documents

DRAFT The Change Matrix Cloud Process - c.ymcdn.comc.ymcdn.com/.../change_matrix_cloud_process_.pdf · new method – the Change Matrix Cloud Process (CMCP) – which consists of

DRAFT The Change Matrix Cloud Process - c.ymcdn.comc.ymcdn.com/.../change_matrix_cloud_process_.pdf · new method – the Change Matrix Cloud Process (CMCP) – which consists of

Documents

Export Controls and Cloud Computing: Complying with ITAR ...media.straffordpub.com/products/export-controls-and-cloud... · Export Controls • Export controls apply to the export,

Export Controls and Cloud Computing: Complying with ITAR ...media.straffordpub.com/products/export-controls-and-cloud... · Export Controls • Export controls apply to the export,

Documents

Welcome to Matrix Controls and MKMS Matrix Knit Monitoring System

Welcome to Matrix Controls and MKMS Matrix Knit Monitoring System

Documents

Auditing the Cloud - Cloud Security Alliance · Auditing the Cloud Paul Engle CISA, CIA. ... Governance Domain • Policies, ... • Cloud Security Alliance Cloud Controls Matrix

Auditing the Cloud - Cloud Security Alliance · Auditing the Cloud Paul Engle CISA, CIA. ... Governance Domain • Policies, ... • Cloud Security Alliance Cloud Controls Matrix

Documents

Cloud controls final2

Cloud controls final2

Technology

4.24 Cloud Security Alliance Cloud Controls Matrix (CCM) v3.0.763 4.24 Cloud Security Alliance Cloud Controls Matrix (CCM) v3.0. Introducción. Esta matriz proporciona principios de

4.24 Cloud Security Alliance Cloud Controls Matrix (CCM) v3.0.763 4.24 Cloud Security Alliance Cloud Controls Matrix (CCM) v3.0. Introducción. Esta matriz proporciona principios de

Documents

HP Cloud System Matrix Overview

HP Cloud System Matrix Overview

Technology

Cloud Security Advantage, GDPR Regulationdownload.microsoft.com/documents/cs-cz/gdprsnidane/05_Roman_… · Cloud Controls Matrix Content Delivery and Security Association * SOC 2

Cloud Security Advantage, GDPR Regulationdownload.microsoft.com/documents/cs-cz/gdprsnidane/05_Roman_… · Cloud Controls Matrix Content Delivery and Security Association * SOC 2

Documents

Trust in Cloud · 2020. 5. 20. · CCM V3.0 Control ID Updated Control Specification The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental

Trust in Cloud · 2020. 5. 20. · CCM V3.0 Control ID Updated Control Specification The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental

Documents

Understanding HP Cloud Matrix

Understanding HP Cloud Matrix

Documents

Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Cloud Controls Matrix Work Group Session Sean Cordero President of Cloudwatchmen,

Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Cloud Controls Matrix Work Group Session Sean Cordero President of Cloudwatchmen,

Documents

Information Security Exchange · The Cloud Controls Matrix (CCM) •Technology-neutral framework of controls •Aligns to multiple IS frameworks and methodologies •V1.4 98 Controls

Information Security Exchange · The Cloud Controls Matrix (CCM) •Technology-neutral framework of controls •Aligns to multiple IS frameworks and methodologies •V1.4 98 Controls

Documents

Integrating Enterprise Controls with the Cloud

Integrating Enterprise Controls with the Cloud

Technology

ACI's Global Encryption, Cloud & Cybersecurity Controls

ACI's Global Encryption, Cloud & Cybersecurity Controls

Technology

Guidance Document Auditing the Cloud Controls Matrix · PDF fileCLOUD SECURITY ALLIANCE STAR Certification Guidance Document: Auditing the Cloud Controls Matrix ... Guidance Document:

Guidance Document Auditing the Cloud Controls Matrix · PDF fileCLOUD SECURITY ALLIANCE STAR Certification Guidance Document: Auditing the Cloud Controls Matrix ... Guidance Document:

Documents