Through a funded initiative called the EU-SEC Project, CSA has analyzed the issue of the proliferation of cloud security standards and compliance schemes, and has observed that many security requirements and control objectives in different standards are largely overlapping.
As a consequence, the process of adhering to different standards, laws and regulations for CSPs is inefficient, with a lot of duplicated work that unduly increases costs and complexity.
The idea behind the MPRF is not to create yet another cloud certification or auditing architecture. Instead, it aims to provide a unified method of systematic and consistent activities with the goal of minimizing the burden and complexity of compliance and obtaining certification.
CSA partners with organizations like the Center for Internet Security (CIS) and The Cyber Risk Institute as well as our approved Assessment Firms to work together to build a process that eliminates redundancy, complexity, reduces cost and facilitates lower risk all the while building a culture of resiliency.
Join us as we interview representatives from CIS, CRI and Shellman and discuss this State of the art in cloud service monitoring and certification.