Virtualization Technology News and Information
ISF Releases Using Cloud Services Securely: Harnessing Core Controls
According to the Information Security Forum (ISF), trusted resource for executives and board members on cyber security and risk management, the growth of cloud computing has become ever more apparent, as organizations are drawn to the elasticity and scalability offered by cloud services. With an expanding number of cloud services underpinning business operations, the risks incurred through cloud usage are key concerns for business leaders. For an organization to have confidence that it can move to the cloud while ensuring that vital technological infrastructure is secure, a robust strategy is required. 

In an effort to support global organizations, the ISF is releasing Using Cloud Services Securely: Harnessing Core Controls, the organizations latest digest which provides a comprehensive approach to securing cloud services for organizations that are considering using, or already actively use, one or multiple cloud service providers (CSPs). While CSPs provide a certain level of security for their cloud services, organizations need to be aware of their security obligations and deploy the necessary security controls. This requires organizations to understand and address the many security challenges presented by the complex and heterogeneous aspects of the cloud environment.

"Cloud computing has evolved at an incredible speed and, in many organizations, is now intertwined with the complex technological landscape that supports critical daily operations. However, this ever-expanding cloud environment gives rise to new types of risk," said Steve Durbin, Managing Director, ISF. "Our latest report empowers organizations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events. Whether using one or multiple cloud services, organizations will be well-positioned to make the most of the opportunities offered by cloud computing."

The cloud environment has become an attractive target for cyber attackers, highlighting the pressing need for organizations to enhance their existing security practices. However, consistently implementing the fundamentals of cloud security can be a complicated task due to the diverse and expanding nature of the cloud environment. Using Cloud Services Securely: Harnessing Core Controls provides organizations with a compelling approach to meeting security obligations in the cloud environment, providing guidance on how to:

  • Enforce some practical and actionable principles of cloud security governance
  • Deploy and maintain a set of core cloud security controls, with reference to the specific responsibilities of the organization as the cloud customer  
  • Select the right combination of cloud security products and services to support the implementation of the security controls.

"Business and security leaders already face many challenges in protecting their existing IT environment. They must now also find ways to securely use multiple cloud services, supported applications and underlying technical infrastructure," continued Durbin. "Whether your organization is considering, or already actively using one or multiple CSPs, taking proactive steps to implement the security controls recommended in this report will instil confidence in business leaders that they can use cloud services securely and maximize the potential offered by the cloud environment."

Using Cloud Services Securely: Harnessing Core Controls is primarily directed at individuals who are responsible for securing cloud services in their organization, such as cloud security architects, cloud development managers and cloud engineers. The report will also be of interest to individuals in executive management who have a governance and oversight role for cloud security, including the Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Risk Officer (CRO) and Data Protection Officer (DPO).

The report is available now to ISF Member companies via the ISF website.

Published Tuesday, November 19, 2019 7:16 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2019>