CSA Security Update
CSA STAR is the industry's most powerful program for security assurance in the cloud.The Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies who use STAR indicate best practices and validate the security posture of their cloud offerings.This podcast series explores CSA STAR as well as CSA best practices and research along with associated technologies and tools.
CSA Security Update
Multi-party Recognition (MPRF) - Reduces cost and facilitates lower risk all the while building a culture of resiliency.
•
John DiMaria; Assurance Investigatory Fellow
Through a funded initiative called the EU-SEC Project, CSA has analyzed the issue of the proliferation of cloud security standards and compliance schemes, and has observed that many security requirements and control objectives in different standards are largely overlapping.
As a consequence, the process of adhering to different standards, laws and regulations for CSPs is inefficient, with a lot of duplicated work that unduly increases costs and complexity.
The idea behind the MPRF is not to create yet another cloud certification or auditing architecture. Instead, it aims to provide a unified method of systematic and consistent activities with the goal of minimizing the burden and complexity of compliance and obtaining certification.
CSA partners with organizations like the Center for Internet Security (CIS) and The Cyber Risk Institute as well as our approved Assessment Firms to work together to build a process that eliminates redundancy, complexity, reduces cost and facilitates lower risk all the while building a culture of resiliency.
Join us as we interview representatives from CIS, CRI and Shellman and discuss this State of the art in cloud service monitoring and certification.
The idea behind the MPRF is not to create yet another cloud certification or auditing architecture. Instead, it aims to provide a unified method of systematic and consistent activities with the goal of minimizing the burden and complexity of compliance and obtaining certification.
CSA partners with organizations like the Center for Internet Security (CIS) and The Cyber Risk Institute as well as our approved Assessment Firms to work together to build a process that eliminates redundancy, complexity, reduces cost and facilitates lower risk all the while building a culture of resiliency.
Join us as we interview representatives from CIS, CRI and Shellman and discuss this State of the art in cloud service monitoring and certification.
https://cloudsecurityalliance.org/star/