Information Security Forum Examines Risks of Cloud Services in Latest Report
By: Information Security Forum
In an effort to support global organizations, the ISF is releasing Using Cloud Services Securely: Harnessing Core Controls, which provides a comprehensive approach to securing cloud services for organizations that are considering using, or already actively use, one or multiple cloud service providers (CSPs). While CSPs provide a certain level of security for their cloud services, organizations need to be aware of their security obligations and deploy the necessary security controls. This requires organizations to understand and address the many security challenges presented by the complex and heterogeneous aspects of the cloud environment.
"Cloud computing has evolved at an incredible speed and is now intertwined with the complex technological landscape that supports critical daily operations. However, this expanding cloud environment gives rise to new types of risk," said Steve Durbin, Managing Director, ISF. "Our latest report empowers organizations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events. Whether using one or multiple cloud services, organizations will be well-positioned to make the most of the opportunities offered by cloud computing."
Using Cloud Services Securely: Harnessing Core Controls provides organizations with a compelling approach to meeting security obligations in the cloud environment, providing guidance on how to:
· Enforce some practical and actionable principles of cloud security governance
· Deploy and maintain a set of core cloud security controls, with reference to the specific responsibilities of the organization as the cloud customer
· Select the right combination of cloud security products and services to support the implementation of the security controls.
Using Cloud Services Securely: Harnessing Core Controls is primarily directed at individuals who are responsible for securing cloud services in their organization, such as cloud security architects, cloud development managers and cloud engineers. The report is available now to ISF Member companies via the ISF website (http://www.securityforum.org/
About the Information Security Forum
The Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. The ISF is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members. For more information on ISF membership, please visit https://www.securityforum.org/