SlideShare ist ein Scribd-Unternehmen logo

Cloud security and cyber security v 3.1

C
CloudExpoEurope

Cloud Security and Cyber Security, David Spinks, HP

Technologie
1 von 13
Downloaden Sie, um offline zu lesen
Cyber Security in Real-Time Systems CSIRS David Spinks - Chairman February 2011
Quote by : Sun Tzu As Sun Tzu, the military theoretician and strategist extraordinaire of ancient China, wrote in his seminal work "The Art of War", "The skilful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.” Lush Stuxnet LSE NYSE E-Trading RBS ATM
The Cloud Defined:
Cloud (IAAS) Pressures Instant now any time anywhere Limitless Continued cost reduction Flexibility beyond Outsourcing Secure IT Utility Services Managed Services Limitless Volumes Up and Down
What are the obstacles to Cloud Services ? 2008
What are the obstacles to Cloud Services ? 2009
2010
Into the (Cloud) Futurewith hp SERVICES ECOSYSTEM SYSTEMS INTEGRATION TECHNOLOGY ISLAND ADVANCED AGILITY CLOUD ENTERPRISE CLOUD SERVICES UTILITY AUTOMATED SERVICES MANAGED HOSTING HOSTING TRADITIONAL CONFIGURED SERVICES SOURCING MODELS 8
So what are the security hot buttons? Robust acceptable pan-client Information Security policies and procedures. One single independent assurance certificate - no your auditors and will not be allowed access. Identity and access management need to get this working anyway! Business continuity and IT DR acceptance of standard RTO and RPO. Encryption (key management) will be a client responsibility this issue is related to IdM! Flexibility in contracts and please kill off the “old school” purchasing and contracts departments!
Solutions and Best Practice :
Cloud Computing Security Assessment Process Flow Week 1 Week 2 Week 2 1 2 3 Review InfoSec Program Documentation Interview Subject Matter Experts (SME) Inspect Infrastructure & Controls Week 2 Week 2 Week 3 4 5 6 Complete Security/Continuity Checklists Cloud Computing Readiness Workshop Analyze Data & Determine Gaps Week 4 Week 4 Week 4 7 8 9 Cloud Computing Security Roadmap Workshop Create Service Improvement Plan (SIP) Create Remediation Roadmap Confidential & Proprietary 11 April 20th, 2010 - v1 Information of Hewlett-Packard Company
Conclusions Adoption of Cloud lessons leant not available Implementation experiences limited Security and risk management methods immature Best practice evolving but gaps exist still Views of regulators and auditors still not clear Legal and regulatory issues (e-Discovery Jury is still out!) Watch this space ....
Finally Linkedin CSIRS : http://www.linkedin.com/groupRegistration?gid=3623430 David.spinks@hp.com http://www.cloudsecurityalliance.org/ http://www.hp.com/hpinfo/newsroom/press/2009/090331xa.html Q and A

Empfohlen

Reinhard Posch
Reinhard PoschReinhard Posch
Reinhard PoschTecnimap
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Grouptwproject
 
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр... "Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...Cisco Russia
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochuretmcleland
 
Belgacom - Cloud Computing-Meer business met minder IT
Belgacom - Cloud Computing-Meer business met minder ITBelgacom - Cloud Computing-Meer business met minder IT
Belgacom - Cloud Computing-Meer business met minder ITPLATOVlaanderen
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Fonitel Solutions
Fonitel SolutionsFonitel Solutions
Fonitel Solutionsiefvancouillie
 

Empfohlen

Reinhard Posch
Reinhard PoschReinhard Posch
Reinhard PoschTecnimap
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Grouptwproject
 
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр... "Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...
"Преимущества облачных решений от Cisco" (Обзор облачной стратегии Cisco, Пр...Cisco Russia
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochuretmcleland
 
Belgacom - Cloud Computing-Meer business met minder IT
Belgacom - Cloud Computing-Meer business met minder ITBelgacom - Cloud Computing-Meer business met minder IT
Belgacom - Cloud Computing-Meer business met minder ITPLATOVlaanderen
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
Fonitel Solutions
Fonitel SolutionsFonitel Solutions
Fonitel Solutionsiefvancouillie
 
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco Public Relations
 
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data CenterCloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data CenterCisco Service Provider
 
Cisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaborationCisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaborationCisco Public Relations
 
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco Public Relations
 
securematics_vendor_line_card 2015
securematics_vendor_line_card 2015securematics_vendor_line_card 2015
securematics_vendor_line_card 2015Nelson Venezia
 
Business Service Management Made Easy!
Business Service Management Made Easy!Business Service Management Made Easy!
Business Service Management Made Easy!Michele Hudnall
 
Seguridad en la Nube
Seguridad en la NubeSeguridad en la Nube
Seguridad en la NubeMundo Contact
 
eircom Managed Security
eircom Managed Securityeircom Managed Security
eircom Managed Securityeircom
 
IBB Energie AG
IBB Energie AGIBB Energie AG
IBB Energie AGCisco Case Studies
 
2016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v22016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v2David Stern
 
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...HKISPA
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ramy Houssaini
 
Cisco tec surya panditi - service provider
Cisco tec surya panditi - service providerCisco tec surya panditi - service provider
Cisco tec surya panditi - service providerCisco Public Relations
 
Intel open stack v1
Intel open stack v1Intel open stack v1
Intel open stack v1benbenhappy
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Arrow ECS UK
 
2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the Cloud2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the CloudRightScale
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityShane Glenn
 
Hp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentationHp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentationlaurabeckcahoon
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securityn|u - The Open Security Community
 
Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentationTelstra
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco Public Relations
 
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data CenterCloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data CenterCisco Service Provider
 
Cisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaborationCisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaborationCisco Public Relations
 
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco Public Relations
 
securematics_vendor_line_card 2015
securematics_vendor_line_card 2015securematics_vendor_line_card 2015
securematics_vendor_line_card 2015Nelson Venezia
 
Business Service Management Made Easy!
Business Service Management Made Easy!Business Service Management Made Easy!
Business Service Management Made Easy!Michele Hudnall
 
Seguridad en la Nube
Seguridad en la NubeSeguridad en la Nube
Seguridad en la NubeMundo Contact
 
eircom Managed Security
eircom Managed Securityeircom Managed Security
eircom Managed Securityeircom
 
2016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v22016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v2David Stern
 
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...HKISPA
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ramy Houssaini
 
Cisco tec surya panditi - service provider
Cisco tec surya panditi - service providerCisco tec surya panditi - service provider
Cisco tec surya panditi - service providerCisco Public Relations
 
Intel open stack v1
Intel open stack v1Intel open stack v1
Intel open stack v1benbenhappy
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Arrow ECS UK
 
2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the Cloud2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the CloudRightScale
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityShane Glenn
 
Hp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentationHp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentationlaurabeckcahoon
 

Was ist angesagt? (19)

Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networkingCisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networking
 
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data CenterCloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
Cloud Connect 2011 - Cisco and the Cloud: Within and Beyond the Data Center
 
Cisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaborationCisco tec de beer, andersen, o'sullivan - video & collaboration
Cisco tec de beer, andersen, o'sullivan - video & collaboration
 
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
 
securematics_vendor_line_card 2015
securematics_vendor_line_card 2015securematics_vendor_line_card 2015
securematics_vendor_line_card 2015
 
Business Service Management Made Easy!
Business Service Management Made Easy!Business Service Management Made Easy!
Business Service Management Made Easy!
 
Seguridad en la Nube
Seguridad en la NubeSeguridad en la Nube
Seguridad en la Nube
 
eircom Managed Security
eircom Managed Securityeircom Managed Security
eircom Managed Security
 
IBB Energie AG
IBB Energie AGIBB Energie AG
IBB Energie AG
 
2016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v22016 10 31_mef_brief_nonotes_v2
2016 10 31_mef_brief_nonotes_v2
 
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
Data center 2.0: Uptime assurance for data centre or cloud computing by Mr. J...
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at Cisco
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011
 
Cisco tec surya panditi - service provider
Cisco tec surya panditi - service providerCisco tec surya panditi - service provider
Cisco tec surya panditi - service provider
 
Intel open stack v1
Intel open stack v1Intel open stack v1
Intel open stack v1
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
 
2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the Cloud2012 RightScale Conference NYC - State of the Cloud
2012 RightScale Conference NYC - State of the Cloud
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
 
Hp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentationHp gavin pratt - open stack networking presentation
Hp gavin pratt - open stack networking presentation
 

Ähnlich wie Cloud security and cyber security v 3.1

Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentationTelstra
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Service Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustextService Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustextMicrosoft Norge AS
 
Why We Fail: How an architect learned to stop worrying and love the cloud
Why We Fail: How an architect learned to stop worrying and love the cloudWhy We Fail: How an architect learned to stop worrying and love the cloud
Why We Fail: How an architect learned to stop worrying and love the cloudAlex Jauch
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...NetworkCollaborators
 
Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Azlan NL
 
Increase your it agility and cost efficiency with hds cloud solutions webinar
Increase your it agility and cost efficiency with hds cloud solutions webinarIncrease your it agility and cost efficiency with hds cloud solutions webinar
Increase your it agility and cost efficiency with hds cloud solutions webinarHitachi Vantara
 
Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Cisco Public Relations
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Pune open cloudfoundry keynote niranjan maka share
Pune open cloudfoundry keynote niranjan maka share Pune open cloudfoundry keynote niranjan maka share
Pune open cloudfoundry keynote niranjan maka share nmaka
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaAsheem Chandna
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudNETSCOUT
 
PCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerPCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerIBM Danmark
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudnooralmousa
 
Cloud Computing - game changer for telcos
Cloud Computing - game changer for telcosCloud Computing - game changer for telcos
Cloud Computing - game changer for telcosSaibalDC
 
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...HKISPA
 
Windows Azure Platfrom App Fabric
Windows Azure Platfrom App FabricWindows Azure Platfrom App Fabric
Windows Azure Platfrom App FabricWes Yanaga
 
Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Enrico Boverino
 

Ähnlich wie Cloud security and cyber security v 3.1 (20)

null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentation
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Service Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustextService Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustext
 
Why We Fail: How an architect learned to stop worrying and love the cloud
Why We Fail: How an architect learned to stop worrying and love the cloudWhy We Fail: How an architect learned to stop worrying and love the cloud
Why We Fail: How an architect learned to stop worrying and love the cloud
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
 
Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2Build 4 The Cloud By Cisco V Mware2
Build 4 The Cloud By Cisco V Mware2
 
Increase your it agility and cost efficiency with hds cloud solutions webinar
Increase your it agility and cost efficiency with hds cloud solutions webinarIncrease your it agility and cost efficiency with hds cloud solutions webinar
Increase your it agility and cost efficiency with hds cloud solutions webinar
 
Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012Tech editors conf tucker yen-jacoby revised final for may 24 2012
Tech editors conf tucker yen-jacoby revised final for may 24 2012
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
Pune open cloudfoundry keynote niranjan maka share
Pune open cloudfoundry keynote niranjan maka share Pune open cloudfoundry keynote niranjan maka share
Pune open cloudfoundry keynote niranjan maka share
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - Chandna
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
 
PCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf FegerPCTY 2012, Cloud security (real life) v. Ulf Feger
PCTY 2012, Cloud security (real life) v. Ulf Feger
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 
Cloud Computing - game changer for telcos
Cloud Computing - game changer for telcosCloud Computing - game changer for telcos
Cloud Computing - game changer for telcos
 
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
 
Windows Azure Platfrom App Fabric
Windows Azure Platfrom App FabricWindows Azure Platfrom App Fabric
Windows Azure Platfrom App Fabric
 
Open Group Conference Csi V5.1
Open Group Conference Csi V5.1Open Group Conference Csi V5.1
Open Group Conference Csi V5.1
 

Mehr von CloudExpoEurope

Data storage for the cloud ce11
Data storage for the cloud ce11Data storage for the cloud ce11
Data storage for the cloud ce11CloudExpoEurope
 
Peter judge - Is the Cloud Green?
Peter judge - Is the Cloud Green?Peter judge - Is the Cloud Green?
Peter judge - Is the Cloud Green?CloudExpoEurope
 
J miller cloud expo europe 3 feb 11
J miller cloud expo europe 3 feb 11J miller cloud expo europe 3 feb 11
J miller cloud expo europe 3 feb 11CloudExpoEurope
 
David king logica - cloud expo europe 2011 public
David king logica - cloud expo europe 2011 publicDavid king logica - cloud expo europe 2011 public
David king logica - cloud expo europe 2011 publicCloudExpoEurope
 
Steps to the cloud 080211 claranet
Steps to the cloud 080211 claranetSteps to the cloud 080211 claranet
Steps to the cloud 080211 claranetCloudExpoEurope
 
Constantino vazquez open nebula cloud case studies
Constantino vazquez open nebula cloud case studiesConstantino vazquez open nebula cloud case studies
Constantino vazquez open nebula cloud case studiesCloudExpoEurope
 
U share soft-eurocloud-040211
U share soft-eurocloud-040211U share soft-eurocloud-040211
U share soft-eurocloud-040211CloudExpoEurope
 
Parting the mists of cloud computing 030211 print
Parting the mists of cloud computing 030211 printParting the mists of cloud computing 030211 print
Parting the mists of cloud computing 030211 printCloudExpoEurope
 
Cloud expo John Darlington - Imperial College
Cloud expo John Darlington - Imperial CollegeCloud expo John Darlington - Imperial College
Cloud expo John Darlington - Imperial CollegeCloudExpoEurope
 
Open source engagement – best practices_v0.5
Open source engagement – best practices_v0.5Open source engagement – best practices_v0.5
Open source engagement – best practices_v0.5CloudExpoEurope
 

Mehr von CloudExpoEurope (18)

VMwareAidan Dalgleish
VMwareAidan DalgleishVMwareAidan Dalgleish
VMwareAidan Dalgleish
 
Data storage for the cloud ce11
Data storage for the cloud ce11Data storage for the cloud ce11
Data storage for the cloud ce11
 
Peter judge - Is the Cloud Green?
Peter judge - Is the Cloud Green?Peter judge - Is the Cloud Green?
Peter judge - Is the Cloud Green?
 
J miller cloud expo europe 3 feb 11
J miller cloud expo europe 3 feb 11J miller cloud expo europe 3 feb 11
J miller cloud expo europe 3 feb 11
 
David king logica - cloud expo europe 2011 public
David king logica - cloud expo europe 2011 publicDavid king logica - cloud expo europe 2011 public
David king logica - cloud expo europe 2011 public
 
Cloud expo emer coleman
Cloud expo emer colemanCloud expo emer coleman
Cloud expo emer coleman
 
Steps to the cloud 080211 claranet
Steps to the cloud 080211 claranetSteps to the cloud 080211 claranet
Steps to the cloud 080211 claranet
 
Armangil presentation
Armangil presentationArmangil presentation
Armangil presentation
 
On app Ditlev Bredahl
On app Ditlev BredahlOn app Ditlev Bredahl
On app Ditlev Bredahl
 
On app Carlos Rego
On app Carlos RegoOn app Carlos Rego
On app Carlos Rego
 
Ow2
Ow2Ow2
Ow2
 
Constantino vazquez open nebula cloud case studies
Constantino vazquez open nebula cloud case studiesConstantino vazquez open nebula cloud case studies
Constantino vazquez open nebula cloud case studies
 
U share soft-eurocloud-040211
U share soft-eurocloud-040211U share soft-eurocloud-040211
U share soft-eurocloud-040211
 
Parting the mists of cloud computing 030211 print
Parting the mists of cloud computing 030211 printParting the mists of cloud computing 030211 print
Parting the mists of cloud computing 030211 print
 
Cloud expo John Darlington - Imperial College
Cloud expo John Darlington - Imperial CollegeCloud expo John Darlington - Imperial College
Cloud expo John Darlington - Imperial College
 
Open source engagement – best practices_v0.5
Open source engagement – best practices_v0.5Open source engagement – best practices_v0.5
Open source engagement – best practices_v0.5
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Cee holding
Cee holdingCee holding
Cee holding
 

Kürzlich hochgeladen

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 

Kürzlich hochgeladen (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 

Cloud security and cyber security v 3.1

  • 1. Cyber Security in Real-Time Systems CSIRS David Spinks - Chairman February 2011
  • 2. Quote by : Sun Tzu As Sun Tzu, the military theoretician and strategist extraordinaire of ancient China, wrote in his seminal work "The Art of War", "The skilful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.” Lush Stuxnet LSE NYSE E-Trading RBS ATM
  • 4. Cloud (IAAS) Pressures Instant now any time anywhere Limitless Continued cost reduction Flexibility beyond Outsourcing Secure IT Utility Services Managed Services Limitless Volumes Up and Down
  • 5. What are the obstacles to Cloud Services ? 2008
  • 6. What are the obstacles to Cloud Services ? 2009
  • 8. Into the (Cloud) Futurewith hp SERVICES ECOSYSTEM SYSTEMS INTEGRATION TECHNOLOGY ISLAND ADVANCED AGILITY CLOUD ENTERPRISE CLOUD SERVICES UTILITY AUTOMATED SERVICES MANAGED HOSTING HOSTING TRADITIONAL CONFIGURED SERVICES SOURCING MODELS 8
  • 9. So what are the security hot buttons? Robust acceptable pan-client Information Security policies and procedures. One single independent assurance certificate - no your auditors and will not be allowed access. Identity and access management need to get this working anyway! Business continuity and IT DR acceptance of standard RTO and RPO. Encryption (key management) will be a client responsibility this issue is related to IdM! Flexibility in contracts and please kill off the “old school” purchasing and contracts departments!
  • 10. Solutions and Best Practice :
  • 11. Cloud Computing Security Assessment Process Flow Week 1 Week 2 Week 2 1 2 3 Review InfoSec Program Documentation Interview Subject Matter Experts (SME) Inspect Infrastructure & Controls Week 2 Week 2 Week 3 4 5 6 Complete Security/Continuity Checklists Cloud Computing Readiness Workshop Analyze Data & Determine Gaps Week 4 Week 4 Week 4 7 8 9 Cloud Computing Security Roadmap Workshop Create Service Improvement Plan (SIP) Create Remediation Roadmap Confidential & Proprietary 11 April 20th, 2010 - v1 Information of Hewlett-Packard Company
  • 12. Conclusions Adoption of Cloud lessons leant not available Implementation experiences limited Security and risk management methods immature Best practice evolving but gaps exist still Views of regulators and auditors still not clear Legal and regulatory issues (e-Discovery Jury is still out!) Watch this space ....
  • 13. Finally Linkedin CSIRS : http://www.linkedin.com/groupRegistration?gid=3623430 David.spinks@hp.com http://www.cloudsecurityalliance.org/ http://www.hp.com/hpinfo/newsroom/press/2009/090331xa.html Q and A