Cloud Security Alliance 2020 Initiatives Changing the Face of IT Audit and Cloud Assurance – AiThority

Certificate of Cloud Auditing Knowledge and Cloud Controls Matrix v4 represent critical progress to modernize the audit profession and align cloud assurance with technology innovations

TheCloud Security Alliance (CSA), the worlds leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, announced a call for subject-matter experts to support the ongoing review of its flagship document, the Cloud Controls Matrix (CCM), Version 4 of which will be released later this year. CCM v4 will reflect the current cloud technology landscape, providing cloud users with a better, more comprehensive security framework and guidelines to facilitate both implementation and audit.

Calling all today cloud subject-matter experts! @cloudsa is asking for help to support the ongoing review of its flagship document, the Cloud Controls Matrix (CCM) Version 4. Join Us!

Additionally, CSA is pleased to announce that theCertificate of Cloud Auditing Knowledge (CCAK)subject-matter expert working group has held initial program development meetings and that the CCAK credential and courseware will be previewed at CSAsSECtemberconference (Seattle, Sept. 14-18). The CCAK is a new credential for industry professionals that demonstrates expertise in the essential principles of assessing and auditing cloud computing systems and will be released in the second half of 2020. The CCAK will provide a common baseline of knowledge and shared nomenclature to ensure that IT and security professionals, as well as auditors, have the right expertise and tools to appropriately and accurately understand and measure the effectiveness of cloud security controls.

Recommended AI News: Incremental Growth in Cloud Spending Hits a New High while Amazon and Microsoft Maintain a Clear Lead

For 11 years, the Cloud Security Alliance has led the industry in delivering the necessary innovations to build the trusted cloud ecosystem on a global basis. In 2020, CSA will focus on supporting the cloud community in acquiring the necessary tools, skills, and expertise to ensure that the many iterations of cloud meet robust security and privacy objectives, said Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance. As organizations adopt DevOps, CI/CD, and related innovations, the audit function must keep pace. With the release of CCM and CCAK, we continue to support the community in their cloud journeys.

The Cloud Controls Matrix is the de facto standard in the market. Its latest iteration will include new control objectives in areas such as container and microservices, cryptography, and identity and access management, along with implementation guidance, and will improve upon the auditability of existing controls.

Recommended AI News: Cubic Signs Agreement With US Special Operations for Intelligence, Surveillance and Reconnaissance R&D

Cloud auditing skills are becoming a mandatory requirement for IT auditors and will become fundamental expertise for any IT manager and professional, especially in the areas of governance, risk management, compliance, and vendor/supply chain management. Traditional IT audit education and certification do not adequately prepare professionals for the challenges cloud provides. Recent breaches demonstrate the knowledge and responsibility gap that comprehensive cloud auditing frameworks such as the CCAK will solve.

Those interested in contributing to the development of the CCAK are encouraged to join the CSACloud Audit Expert Group. Group members should be familiar with CSAs best practices and control frameworks, such as theCloud Controls Matrix (CCM), theConsensus Assessment Initiative Questionnaire (CAIQ), andCSA STAR levels of assessment, as well as have knowledge in such key areas as cloud risk management, compliance, continuous auditing, and more. Members will be tasked with reviewing and providing advice on the scope, curriculum, objectives structure, go-to-market, and value proposition for the CCAK.

Recommended AI News: AiThority Interview with Adrian Leer, Managing Director Triad Group Plc

See the original post here:

Cloud Security Alliance 2020 Initiatives Changing the Face of IT Audit and Cloud Assurance - AiThority