Cyber Threats
Cloud Security Alliace Congress 2010 – Part 4 of 4
This is the final part of a four-part series summarizing popular sessions at the Cloud Security Alliance Congress in Orlando, Florida, November 16-17, 2010.
Cloud Security Alliance Congress 2010 Summary - Part 4 of 4
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at Congress, this four-part series summarizes some of the most popular sessions at the event. This is the final part of a four-part series summarizing popular sessions at the Cloud Security Alliance Congress.
Top Threats and Risks to Cloud Computing
Michael Sutton from Zscaler and Dan Hubbard from Websense lead the next talk on the top threats and risks to cloud computing. This was an update to the version 1 threats detailed this year at RSA. They have tried to look specifically at the threats from public cloud computing. These threats are in addition to the standard threats faced in any information security environment.
According to Sutton and the group that put together the top threats, these are:
* Shared Technology Vulnerabilities, for example the Cloudburst vulnerability discussed at Blackhat 2009 where a VMware driver could be used to escape the VM
* Account/Service Hijacking, for example weak password reset systems
* Data Loss/Data Leakage, for example the lost Sidekick data
* Malicious Insiders, for example the fired Google employee that was reading chat logs and emails
* Interception of Hijacking of Traffic, for example the Twitter DNS credentials being hijacked
* Insecure APIs, for example the lack of good authentication and encryption on APIs
* Abuse and Nefarious Use, for example botnets running on public clouds. There is also collateral damage here that IPs can be blacklisted and then rolled over to a legitimate company.
The new addition is distributed denial of service attacks running from the cloud. They broke this out even though it has elements of multiple of the existing threats. They found that on AWS they could exceed the default 20 instance limit by simply registering multiple accounts with the same credit card.
They did a survey with over 300 respondents and they found that data loss and leakage was the biggest concern followed by abuse and nefarious use.
Closing Keynote Address: The CSA Perspective: A Review of Cloud Security in 2010 and Our Roadmap for 2011
Chris Hoff closed out the CSA congress with a review of the present and future of the Cloud Security Alliance. Hoff covered the impacts to security caused by the shift to cloud computing. Cloud computing impacts practices, laws and regulations, tools, technology innovation, audit/assurance, education, certification and responsibility.
The CSA is comprised of 14,000 members and 70 corporate members. Currently the goal is to build best practices and drive a dialog.
In 2010 the CSA has a huge list of accomplishments including the creation of a top threat list, the establishment of a certification (CCSK), Trusted Cloud Initiative, Cloud Controls Matrix, Consensus Assessments Initiate, and CloudAudit.
In 2011 the CSA is planning expansions on these initiatives. First off, the next set of guidance is targeted at Q3 2011 (the previous document has had over 100K downloads!). They plan to expand the Trusted Cloud Initiative to release a reference architecture, certifications and a set of tools. Other plans include an evolution to the CCSK certification to include role-based extensions and new offerings for training and version 2 of the CCM is targeted at Q1 2011.
There are new initiatives planned as well. A new project has been formed to map cloud metrics to the controls matrix with an initial release in Q1 of 2011. They are also planning to launch a CloudCERT program to augment the traditional emergency response team within organizations or governments.
The Cloud Security Alliance is planning a few events in 2011. They will have another summit at RSA in San Francisco, and a summit in the UK. There will also be a two day conference co-developed with ENISA in May and another Congress event in 2011.
Overall, CSA Congress 2010 was a very successful inaugural event. Jim Reavis and all of the volunteers who have been involved with the CSA should be proud of what they have accomplished.
For very detailed information about Trend Micro and Security Built for Enterprise Virtualization and Cloud Environments, please go to this website: http://bit.ly/dEmlhv