Description

CSA Guide to Cloud Computing brings you the most current and comprehensive understanding of cloud security issues and deployment techniques from industry thought leaders at the Cloud Security Alliance (CSA).

For many years the CSA has been at the forefront of research and analysis into the most pressing security and privacy related issues associated with cloud computing. CSA Guide to Cloud Computing provides you with a one-stop source for industry-leading content, as well as a roadmap into the future considerations that the cloud presents.

The authors of CSA Guide to Cloud Computing provide a wealth of industry expertise you won't find anywhere else. Author Raj Samani is the Chief Technical Officer for McAfee EMEA; author Jim Reavis is the Executive Director of CSA; and author Brian Honan is recognized as an industry leader in the ISO27001 standard. They will walk you through everything you need to understand to implement a secure cloud computing structure for your enterprise or organization.

Key Features

  • Your one-stop source for comprehensive understanding of cloud security from the foremost thought leaders in the industry
  • Insight into the most current research on cloud privacy and security, compiling information from CSA's global membership
  • Analysis of future security and privacy issues that will impact any enterprise that uses cloud computing

Readership

InfoSec professionals of all levels; systems architects; app developers; project managers; IT decision-makers; students studying information security and computer science.

Table of Contents

  • Forewords
  • About the Authors
  • About the Cloud Security Alliance
  • Acknowledgments
  • CSA Guide to Cloud Computing—Introduction
  • Chapter 1. Cloud Computing, What is it and What’s the Big Deal?
    • Defining Cloud Computing
    • Economic Opportunities for Cloud Computing
    • The Cloud is “Not” Secure
  • Chapter 2. Selecting and Engaging with a Cloud Service Provider
    • Security, Trust and Assurance Repository Initiative
    • Engaging with the Cloud Service Provider
  • Chapter 3. The Cloud Threat Landscape
    • The Cloud Threat Landscape
    • Notorious Nine
    • Additional Cloud Threats
  • Chapter 4. Secure Cloud for Mobile Computing
    • Mobile Top Threats: Evil 8.0
    • Addressing the Threat: Mobile Components for Consideration
  • Chapter 5. Making the Move into the Cloud
    • Cloud Computing Checklist
    • Security for the Cloud
  • Chapter 6. Certification for Cloud Service Providers
    • Certification for Cloud Service Providers
  • Chapter 7. The Privacy Imperative
    • Does Cloud Computing Make My Data Any Less Private?
    • Privacy Level Agreement
    • Data Protection Certification
  • Chapter 8. Cloud Security Alliance Research
    • Big Data Working Group
    • Cloud Data Governance
    • CloudCERT
    • CloudTrust Protocol
    • Enterprise Architecture Working Group
    • Incident Management and Forensics
    • Innovation Initiative
    • Security as a Service
    • Security Guidance for Critical Areas of Focus in Cloud Computing
    • Software Defined Perimeter
  • Chapter 9. Dark Clouds, What to Do In The Event of a Security Incident
    • Building a Security Incident Response Team
    • Incident Response Challenges in the Cloud
    • The

Details

No. of pages:
236
Language:
English
Copyright:
© 2015
Published:
Imprint:
Syngress
Electronic ISBN:
9780124201859
Print ISBN:
9780124201255

About the authors

Raj Samani

Raj Samani is an active member of the Information Security industry, through involvement with numerous initiatives to improve the awareness and application of security in business and society. He is currently working as the VP, Chief Technical Officer for McAfee EMEA, having previously worked as the Chief Information Security Officer for a large public sector organisation in the UK and was recently inducted into the Infosecurity Europe Hall of Fame (2012). He previously worked across numerous public sector organisations, in many cyber security and research orientated working groups across Europe. Examples include the midata Interoperability Board, as well as representing DIGITALEUROPE on the Smart Grids Reference Group established by the European Commission in support of the Smart Grid Mandate. In addition, Raj is currently the Cloud Security Alliance’s Strategic Advisor for EMEA having previously served as the Vice President for Communications in the ISSA UK Chapter where he presided over the award of Chapter Communications Programme of the Year 2008 and 2009, having previously established the UK mentoring programme. He is also on the advisory council for the Infosecurity Europe show, Infosecurity Magazine, and expert on both searchsecurity.co.uk, and Infosec portal, and regular columnist on Computer Weekly. He has had numerous security papers published, and appeared on television (ITV and More4) commenting on computer security issues. He has also provided assistance in the 2006 RSA Wireless Security Survey and part of the consultation committee for the RIPA Bill (Part 3).

Jim Reavis

Jim Reavis is the Executive Director of the CSA, and was recently named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com. Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, large enterprises and other organizations on the implications of new trends and how to take advantage of them. Jim has previously been an international board member of the ISSA and formerly served as the association’s Executive Director. Jim was a co-founder of the Alliance for Enterprise Security Risk Management, a partnership between the ISSA, ISACA and ASIS, formed to address the enterprise risk issues associated with the convergence of logical and traditional security. Jim currently serves in an advisory capacity for many of the industry’s most successful companies.

Brian Honan

Brian Honan is recognized as an industry expert on information security, in particular the ISO27001 information security standard, and has addressed a number of major conferences relating to the management and securing of information technology. Brian was a founding member of the Irish Corporate Windows NT User Group and also established Ireland’s first ever national Computer Security Incident Response Team. He is a member of the Information Systems Security Association, Irish Information Security Forum, Information Systems Audit and Control Association, and a member of the Irish Computer Society and the Business Continuity Institute. Brian’s previous publications include The Cloud Security Rules, ISO27001 in a Windows Environment, and Implementing ISO27001 in a Windows Environment.

Reviews

"The book provides useful information…" --Computing Reviews

"For those looking for a solid introduction to the issue around the security and privacy of cloud computing, the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security is a solid guide in which to use." --RSAConference.com

"...this book is one of the best ones I've ever read about migrating resources to the cloud. With the resources and knowledge of the Cloud Security Alliance as a basis, this should not come as a surprise." --Help Net Security, December 2014