The first officially published work from the recently formed Cloud Security Aliance – Security as a Service (SecaaS) working group has been published. This is a great first step as we have identified the key categories of service that can / will make up security as a service.
This document can be found here;
I’m personally very proud of this work as I am the co-chair for the Security as a Service working group which has meant bringing together input from multiple streams of expersts working from many global locations and different time zones. I have also had to arbitrate any disagreements around content and ensure all experts who wanted to participate were able to provide their input.
In addition to the coordinating the various inputs and running steering meetings I also provided input into various categories where extra detail was required and also wrote most of one category that wasn’t picked up by the various experts who volunteered to help.
Our next steps are to to be finalised but they are likely to include;
– Finalising the version of the document that will be put forward towards an ISO standard
– Working on getting SecaaS added as the 14th domain of the official Cloud Security Alliance guidance
– Creating implementation guidance and examples for those looking to implement various SecaaS solutions
Watch this space and / or check in on the Cloud Security Alliance web site for progress updates.