Cisco's Cloud Controls Framework was released to the public May 5. Pictured: A visitor tries out a tablet next to a cloud computing symbol at the 2013 CeBIT technology trade fair on March 5, 2013, in Hanover, Germany. (Photo by Sean Gallup/Getty Images)Cisco on Thursday released its Cloud Controls Framework (CCF), a set of comprehensive international and national security compliance and certification requirements combined into one framework.The CCF was developed as the foundational methodology to accelerate certification achievements across Cisco’s cloud offerings and to help companies establish a strong security baseline. According to Cisco, the CCF offers a structured, “build-once-use-many” approach for achieving the broadest range of international, national, and regional certifications.“The Cisco CCF is central to our company’s security compliance strategy,” said Prasant Vadlamudi, senior director for global cloud compliance at Cisco. “By making it available for public use, we are helping ease compliance strain and enabling smoother market access and scalability for the cloud community. By sharing our CCF with customers and peers, we also continue to support our commitment to transparency and accountability.”
At first glance, Cisco’s CCF looks like an ambitious and much-needed guidance to help organizations accelerate migration to the cloud while satisfying security and privacy requirements, said Mark Arnold, vice president, advisory services at LARES Consulting. Arnold said the CCF accounts for a decent swath of international and national standards, offering companies sufficient coverage of cloud computing standards.“One glaring omission from the list is the expansive works from the Cloud Security Alliance,” Arnold said. “One may wonder how Cisco’s vendor-pitched CCF holds court against CSA’s vendor-agnostic community approach to building a consensus cloud security framework.”
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Global job search and resume-building platform LiveCareer had more than 5.1 million files belonging to job seekers inadvertently leaked as a result of an unsecured Microsoft Azure storage container, Cybernews reports.
Nippon Steel Solutions, the leading Japanese steelmaker's cloud and cybersecurity service-focused subsidiary, has confirmed having information from its customers, partners, and employees pilfered following a March data breach facilitated by the exploitation of a network equipment zero-day vulnerability, reports Security Affairs.
Designed to operate in real time, Sysdig Sage empowers development and security teams to identify, understand, and remediate cloud risks with speed and clarity.
