The Compliant Cloud

Presented by

Marne Gordon, Regulatory Analyst, IBM Corporate Security Strategy

About this talk

Many organizations have embraced, or are considering, the benefits of cloud computing – speed, flexibility, increased expertise, shared workload, reduced costs, etc. The benefits are many – but so are the risks. What are the threats to cloud security? Which parties assume responsibility for securing the environment? What about the data? Which type of cloud deployment offers superior security benefits? This presentation examines cloud computing from a security and compliance perspective. Global information security standards and prevalent regulations focus on maintaining the confidentiality of data, leaving technology responsible for it processing to the discretion of the affected organizations. Most of these documents were written prior to general availability and adoption of cloud computing as a business model; none currently contain cloud-specific requirements. A regulated organization must therefore balance technological momentum with regulatory inertia. Is it realistically possible for forward-looking technologies to be retro-fitted for aging compliance requirements? How have global standards such as the Payment Card Industry Data Security Standard (PCI DSS), for example, kept pace with emerging technologies and business practices?

Related topics:

More from this channel

Upcoming talks (21)
On-demand talks (3501)
Subscribers (180305)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.