Story image

CipherCloud heads up cloud security open working group

30 Jun 15

The cloud access security broker space is still emerging, with standards yet to be fully defined. However, this space is recognised as the fastest-growing segment of cloud security.

In order to define protocols and best practices for implementing cloud data security as a part of the CASB framework, CipherCloud and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group.

Deloitte, InfoSys, Intel Security, SAP and other companies will also contribute.

The Cloud Security Open API Working Group will provide guidance on vendor-neutral data-security implementation to help accelerate cloud services adoption.

The working group also plans to produce API specifications and a reference architecture to guide cloud data protection.

Collaboration on these guidelines will also further accelerate security integrations across multiple clouds and with third-party technologies.

The initiative will enable enterprises to leverage standards-based APIs to protect data via encryption, tokenization and other technologies across cloud environments, helping eliminate the need for custom integration for each cloud.

"Standards are an important frontier for the cloud security ecosystem," says Jim Reavis, CSA CEO.

"The right set of working definitions can boost adoption. This working group will help foster a secure cloud-computing environment - a win for vendors, partners and users.

“Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications," Reavis says.

"Cloud is the killer app for security innovation. But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security," says Pravin Kothari, CipherCloud founder and CEO.

“Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in CASB, we are excited to co-lead this initiative with CSA to accelerate security across clouds," he says.

Jeff Margolies, Deloitte & Touche LLP principal, says, "Enterprises and governments are struggling with the challenge of how to manage their cyber risks as they move data and compute to the cloud.  

"Currently the cloud security ecosystem lacks basic integration standards for connecting third-party security solutions to cloud applications, platforms and infrastructure. 

“By bringing together vendor, channel and customer constituents, this working group plans to provide clarity on leading practices for integration, critical to continued cloud adoption."

Nayaki Nayyar, SAP senior vice president cloud for customer engagement, believes customers will be the ultimate beneficiaries of these standards.

"A clear set of cloud security standards and best practices will help enable organisations to reap the benefits of the cloud in less time with added assurance that their data is secure," she says.

"With enterprises scaling their use of hybrid cloud solutions to drive their business, the role of interoperable cloud security based on standard APIs is critical," says Curt Aubley, Intel vice president and Data Center Group CTO.

"Intel is committed to working with the industry to develop the foundation for interoperable cloud security and applauds CSA's continued leadership within this arena," he says.

Working group activities will formally commence in early July upon completion of the CSA corporate member subject matter expert review. 

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.