Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance.

Download Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance.

Post on 17-Dec-2015

213 views

Category:

Documents

1 download

Embed Size (px)

TRANSCRIPT

  • Slide 1
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance
  • Slide 2
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Daniele Catteddu, Managing Director EMEA, CSA
  • Slide 3
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance WHO AM I?
  • Slide 4
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Why CSA has decided to reinforce its presence in EU? Dont ask me, ask Jim... My assumptions are: because EU is a huge potential market because EU cloud market has different rules, needs and requirements than USA and rest of word, because, we, Europeans are begging CSA for support :-)
  • Slide 5
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance CSA to contribute in shaping EU cloud policy CSA as centre of gravity in EU cloud security CSA as a hub for research projects and network of excellence connecting Industries, EU Institutions and Member States, Academia, Research Centres, Independent Experts
  • Slide 6
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance
  • Slide 7
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance According to Gartner, Western Europe share of the worldwide cloud services market is forecast to account for 29% in 2014.
  • Slide 8
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Europe not just "cloud-friendly" but "cloud-active" First, the legal framework: users' rights, data protection and privacy - including the global aspects of each of those. Second, technical and commercial fundamentals: boosting research efforts, and focussing them on critical issues such as security and reliability. Third, the market: we will support pilot projects for cloud deployment, and push public procurers into action.
  • Slide 9
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance UK G Cloud The Netherlands cloud strategy French G Cloud Danish G Cloud Italian Cloud for PAs etc
  • Slide 10
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Heterogeneous set of national rules Restriction to data trans border New Data Protection Directive to be published soon (Nov.) Possible introduction of Binding Safe Processor Rules and mandatory incident reporting scheme NO other legislative intervention to be expected Strong support to open standards
  • Slide 11
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance FP 7 Information and Communication Technology Research Programme (ends 2013): INTERNET OF SERVICES FUTURE INTERNET PPP FP 8 - HORIZON 2020: in preparation, to be launched 2013
  • Slide 12
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance
  • Slide 13
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Involvement of CSA in the definition of EU Cloud Strategy, launched by Commissioner Kroes, due to be delivered in 2012 HOW? CSA was requested to draft a position paper suggesting concrete actions. We welcome your contributions!
  • Slide 14
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Reinforce territorial presence Consolidate already existing EU Chapters Support the creation of new chapters Connect them and coordinate their activities Knowledge transfer
  • Slide 15
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance A European virtual cyber security research centre a multi-stakeholder NoE for cyber security collaboration on cutting edge cyber security projects between European research and academic community, decision makers and technical experts from the industry, policy makers from EU Member States and EU Institutions, CERT/CSIRT and Cyber Security Operations Centres and international organisations.
  • Slide 16
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Creating consortia to participate in EC funded initiatives: Networking of researchers for a high level multi organisational and cross-border collaboration Network of Excellence ICT - 2011.1.2 Cloud Computing, Internet of Services and Advanced Software engineering SEC-2012.2.5-2 Cyber resilience Secure cloud computing for critical infrastructure...and more to come
  • Slide 17
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Constitution of an EU Advisory Board: Provide high level strategic advices CSA ambassadors
  • Slide 18
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Parameters: identification of security parameters (e.g.reachability, through-put, QoS, e2e availability) relevant in CLOUD SLA Measuring: proposition of smart measuring system SLA building: definition of security SLA model for cloud
  • Slide 19
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance WG on Privacy Level Agreements PLA are meant to be similar to SLA for privacy In PLA a CSP clearly declares the level of privacy that undertakes to maintain w.r.t. relevant data processing PLA have a twofold objective: Provide cloud customers with a tool to assess the level of compliance of the CSP w.r.t. Data Protection legislation Offer contractual protection against possible damages due to lack of compliance
  • Slide 20
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance Help Us Secure Cloud Computing www.cloudsecurityalliance.org info@cloudsecurityalliance.org LinkedIn: www.linkedin.com/groups?gid=1864210www.linkedin.com/groups?gid=1864210 Twitter: @cloudsa
  • Slide 21
  • www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright 2011 Cloud Security Alliance

Recommended

View more >