IT disaster recovery, cloud computing and information security news

Daisy

Cloud Security Alliance releases new model to assist cloud computing risk assessment

The Cloud Security Alliance (CSA) has developed the Cloud Octagon Model, a new approach to overcoming the challenges involved in cloud computing environments. This model, which can be used in conjunction with CSA’s Cloud Controls Matrix (CCM) or Consensus Assessments Initiative Questionnaire (CAIQ), makes it easier for organizations to identify, represent, and assess risks in the context of their cloud implementation across multiple factors by introducing a logical approach to holistically dealing with security aspects involved in moving to the cloud.

The Cloud Octagon Model stems from an approach conceptualized and implemented by the Cloud Security Group within the Technology & Engineering department, Corporate Information Security Office (CISO), ABN AMRO Bank NV (Netherlands). It counts such aspects as procurement, IT governance, architecture, development and engineering, service providers, risk processes, data classification, and country. The model provides practical guidance and structure to all involved risk parties in order to keep pace with rapid changes in privacy and data protection laws and regulations, and changes in technology and its security implications. The model aims to:

  • Reduce risks associated with cloud computing;
  • Improve the effectiveness of the cloud risk team;
  • Improve manageability of the solution; and
  • Improve security.

The model can be supplementary to an organization’s existing risk assessment methodology in the event, for example, that it already has procedures and tools for cloud risk assessment or its regulator demands that the risk assessment methodology be supported by international standards.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.