Source: VM Blog
20 Nov 2019
The growth of cloud computing has become ever more apparent, as organizations are drawn to the elasticity and scalability offered by cloud services. With an expanding number of cloud services underpinning business operations, the risks incurred through cloud usage are key concerns for business leaders. For an organization to have confidence that it can move to the cloud while ensuring that vital technological infrastructure is secure, a robust strategy is required.
In an effort to support global organizations, the ISF is releasing Using Cloud Services Securely: Harnessing Core Controls, the organizations latest digest which provides a comprehensive approach to securing cloud services for organizations that are considering using, or already actively use, one or multiple cloud service providers (CSPs). While CSPs provide a certain level of security for their cloud services, organizations need to be aware of their security obligations and deploy the necessary security controls. This requires organizations to understand and address the many security challenges presented by the complex and heterogeneous aspects of the cloud environment.
“Cloud computing has evolved at an incredible speed and, in many organizations, is now intertwined with the complex technological landscape that supports critical daily operations. However, this ever-expanding cloud environment gives rise to new types of risk,” said Steve Durbin, Managing Director, ISF. “Our latest report empowers organizations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events. Whether using one or multiple cloud services, organizations will be well-positioned to make the most of the opportunities offered by cloud computing.”
The cloud environment has become an attractive target for cyber attackers, highlighting the pressing need for organizations to enhance their existing security practices. However, consistently implementing the fundamentals of cloud security can be a complicated task due to the diverse and expanding nature of the cloud environment. Using Cloud Services Securely: Harnessing Core Controls provides organizations with a compelling approach to meeting security obligations in the cloud environment, providing guidance on how to:
- Enforce some practical and actionable principles of cloud security governance
- Deploy and maintain a set of core cloud security controls, with reference to the specific responsibilities of the organization as the cloud customer
- Select the right combination of cloud security products and services to support the implementation of the security controls.