CIAOPS - Need to Know podcasts

CIAOPS - Need to Know podcasts header image 1

Episode 50 - Susan Bradley

April 16th, 2013

In this anniversary episode we welcome back our original guest, Susan Bradley, to talk all about compliance and security for IT systems. These topics are becoming much more important for all IT systems and present unique challenges as more information moves to the 'cloud'.

Susan Bradley = susan@sbslinks.com or via the blog www.sbsdiva.com

http://office.microsoft.com/en-us/business/office-365-security-and-privacy-verified-by-a-third-party-FX103089231.aspx

http://certification.comptia.org/getCertified/certifications/security.aspx

https://www.isc2.org/cissp/default.aspx

http://www.guidancesoftware.com/computer-forensics-training-courses.htm

http://www.rand.org/pubs/technical_reports/TR933.html

https://cloudsecurityalliance.org/

https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf

https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

Cloud Computing Risk Assessment

https://www.enisa.europa.eu/activities/risk-management/files/deliverables/cloud-computing-risk-assessment

Cloud Computing Information Assurance Framework https://www.enisa.europa.eu/activities/risk-management/files/deliverables/cloud-computing-information-assurance-framework

Procure Secure: A guide to monitoring of security service levels in cloud contracts https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing/procure-secure-a-guide-to-monitoring-of-security-service-levels-in-cloud-contracts

Just to add that ENISA (the European Network and Information Security Agency) has some excellent material for free;

Cloud Computing Risk Assessment

https://www.enisa.europa.eu/activities/risk-management/files/deliverables/cloud-computing-risk-assessment

Cloud Computing Information Assurance Framework

https://www.enisa.europa.eu/activities/risk-management/files/deliverables/cloud-computing-information-assurance-framework

Procure Secure: A guide to monitoring of security service levels in cloud contracts

https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing/procure-secure-a-guide-to-monitoring-of-security-service-levels-in-cloud-contracts

ALSO, RAND did a decent cloud security / trust overview ...

http://www.rand.org/pubs/technical_reports/TR933.html

AND As these guys are good too, great organization... recent papers on top security threats..

https://cloudsecurityalliance.org/

https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf

https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

http://www.verizonenterprise.com/DBIR/2012/

http://governmentcio.com/content/going-all-cloud-computing

00:0000:00