The Compliant Cloud

Presented by

Marne Gordon, Regulatory Analyst, IBM Corporate Security Strategy

About this talk

Many organizations have embraced, or are considering, the benefits of cloud computing – speed, flexibility, increased expertise, shared workload, reduced costs, etc. The benefits are many – but so are the risks. What are the threats to cloud security? Which parties assume responsibility for securing the environment? What about the data? Which type of cloud deployment offers superior security benefits? This presentation examines cloud computing from a security and compliance perspective. Global information security standards and prevalent regulations focus on maintaining the confidentiality of data, leaving technology responsible for it processing to the discretion of the affected organizations. Most of these documents were written prior to general availability and adoption of cloud computing as a business model; none currently contain cloud-specific requirements. A regulated organization must therefore balance technological momentum with regulatory inertia. Is it realistically possible for forward-looking technologies to be retro-fitted for aging compliance requirements? How have global standards such as the Payment Card Industry Data Security Standard (PCI DSS), for example, kept pace with emerging technologies and business practices?

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (1370)
Subscribers (42895)
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.