Cloud Security Alliance crosses the Pond

Bringing cloud to the masses


“The cloud agenda has to move beyond the security field and into business,” says Jacqui Taylor, freshly minted director of communications for the UK and Ireland wing of the Cloud Security Alliance (CSA).

“There is an education process that has to be done, and it needs an independent voice. That is where we come in.”

A not-for-profit organisation, the CSA was set up in the US to establish and promote best practice for IT security in cloud computing.

Local heroes

The launch of the local chapter, CSA UK & Ireland, earlier this year was prompted by a recognition that the issues raised by cloud computing vary hugely across regions, and that local context is needed to provide the best guidance to members.

But even this remit is too narrow.

“We held a meeting at Infosec this year,” Taylor says. “Something like 80 or 90 people came and most stayed for the whole debate. We are still pulling together all the strands from that, but it is clear that we are not at the point where we can focus just on IT security professionals.”

Cloud is now a mainstream proposition, attracting interest from users outside IT: teachers, small businesses, parents and executives.

“Cloud can deliver what a business needs, while it still needs it. We are not talking two or three years development time, but months or even weeks from someone having an idea to being able to realise it,” Taylor says.

“In my day job, we see much less technical involvement in these projects. It used to be maybe 80 per cent IT, 20 per cent management. Now it is the other way round, and that is going to increase as generation Y comes into the workplace. They don’t have a background of doing it the hard way.”

Age of innocence

The explosion of mainstream interest in cloud means it is necessary to take a step back and “re-do cloud 101”. It is also dangerous to assume too much technical knowledge.

“I don’t think we realised when we launched how much we had to explain. The brief is wider in terms of our members,” Taylor says.

"We see people who are using cloud but have no idea they are doing so”

“Before 2011, I don’t think we were having these debates. It was all very industry focused. We are still dealing with early adopters, but the curve is growing. We see people who are using cloud but have no idea they are doing so.”

The members of the CSA UK & Ireland board come from a range of backgrounds. Some, such as Peter Wood, are dyed-in-the-wool IT security professionals; Amanda Goodyear works in security in government and Benedict Olaoya works in the NHS.

It means that in the course of their normal work they confront just about every issue cloud computing can raise, and bring that experience to the alliance.

Free speech

It also means president Des Ward can draw on a good roster of speakers to help pursue the next goal: that no cloud or security-related conference agenda should be without one of the alliance members appearing as a speaker.

The task now is to sift through the mountains of feedback and suggestions for research. “I’d love to tell you what is on the list, but the shortlist has 45 proposals still. We need to prioritise,” says Taylor.

She adds that the organisation also aims to make information available on the web site.

“We will start by collecting the information that is already there and making it available to people who want to use it,” Taylor says.

“That includes material from presentations any of our board members make, but we will develop new material, too, such as whitepapers, presentations and so on.

“We want to be the first resource for people who want to know about security and the cloud.” ®


Keep Reading

Tech Resources

The State of Application Security 2020

Forrester analyzed the state of application security in 2020 and found over 75% of external attacks are attributed to web application and software exploits.

How backup modernization changes the ransomware game

If the thrill of backing up your data and wondering if you will ever see it again has worn off, start the new year by getting rid of the lingering pain of legacy backup. Bipul Sinha, CEO of the Cloud Data Management Company, Rubrik, and Miguel Zatarain, Director of Global Infrastructure Technology at PACCAR, Fortune 500 manufacturer of trucks and Rubrik customer, are talking to the Reg’s Tim Phillips about how to eliminate the costly, slow and spotty performance of legacy backup, and how to modernize your implementation in 2021 to make your business more resilient.

Webcast Slide Deck | Three reasons you need a hybrid multicloud

Businesses need their IT teams to operate applications and data in a hybrid environment spanning on-premises private and public clouds. But this poses many challenges, such as managing complex networking, re-architecting applications for the cloud, and managing multiple infrastructure silos. There is a pressing need for a single platform that addresses these challenges - a hybrid multicloud built for the digital innovation era. Just this Regcast to find out: Why hybrid multicloud is the ideal path to accelerate cloud migration.

Anatomy of a Private Cloud

Learn the key elements that combined, build a true Private Cloud

Biting the hand that feeds IT © 1998–2021