An overview of the Cloud Security as a Service (SecaaS) working group goals, outputs and proposed timeline was presented at the RSA conference on the 14th of February. His has been recorded for prosperity and uploaded to YouTube. The presentation can be found here;
This gives a great update on one of the things I’ll be working on during the next few months. Check the video out, fell free to ask me any questions you have, and of course if interested get involved and provide feedback via the surveys mentioned in the presentation.
For those interested in cloud security options, I am currently on the steering committee for the Security as a Service (SecaaS) working group. In this instance I mean how cloud computing can be used to secure everything, including cloud and non cloud based IT, rather than how to secure cloud computing (paraphrased from Jim Reavis).
If you are not familiar with the Cloud Security Alliance I suggest you check out their site, it is a great resource for all things cloud security related and can be found here;
The purpose of the specific SecaaS working group is to;
– Identify consensus definitions of what security as a Service means
– Categorise the different types of Security as a Service
– Provide guidance to organisations on reasonable implementation practices
The site specific to the SecaaS work can be found here;
Proposed timelines for the work we produce are for;
– Categories of service to be defined by late April.
– Draft SecaaS Guidance, mid-May.
– SME Guide, mid-July.
– Final Draft SecaaS Guidance, mid-September.
This should be a great piece of work so I will keep you updated with our progress.