The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharing. CSA has selected a partner, TruSTAR Technology, to create what we are calling the industry’s first Cloud CISC (Cyber Incident Sharing Center). We believe it is very important that we educate the government as to our information sharing capabilities to assure that any new legislation is appropriate, proportionate, and synergistic to the private sector.
Cloud CISC will have a role for both cloud providers and other cloud security experts. Cloud providers will be able to directly access the Cloud CISC information sharing system. The larger community of cloud security experts will have an important role in the governance of Cloud CISC, the development of vendor neutral best practices and technical standards, and the development of policies aligning Cloud CISC to industry and governmental mandates on an international basis. As always, CSA believes it will be important to leverage existing standards and communities as much as possible, and operate with the greatest transparency possible.
The initiative homepage is https://www.cloudsecurityalliance.org/cloudcisc/