In this video interview, recorded at the 2013 Cloud Security Alliance Congress in Orlando, CSA CEO Jim Reavis discusses the news announcements made at this year's show.
First, Reavis discusses the CSA's partnership with the Software Assurance Forum for Excellence in Code (SAFECode), a not-for-profit organization dedicated to advancing secure software development. The partnership, which is centered around research to determine whether new software security guidance is needed to address unique threats to cloud computing, has resulted in the release of a new white paper, "Guidance for the Secure Development of Cloud Applications (PDF)." In the paper, SAFECode and the CSA outline recommended software security practices that, when employed correctly, can help organizations avoid common threats to cloud computing.
MORE FROM THE CLOUD SECURITY ALLIANCE CONGRESS 2013
Next Reavis offers insight on the CSA's Software Defined Perimeter Initiative. The software-defined perimeter is an emerging concept that utilizes the cloud in place of the traditional network perimeter for the purposes of authentication and authorization. The CSA's SDP Initiative was created to develop an architecture for securing the "Internet of Things" -- the burgeoning number of nontraditional Internet-connected devices -- by using the cloud to create secure network connections between any IP addressable entities, reducing the likelihood that these devices can be exploited in an attack. Reavis talks about the CSA's new Software Defined Perimeter Report, a new white paper report that explains the SDP concept and how to deploy it.
Finally, Reavis recaps the CSA's progress in 2013, covering how the organization has matured along with the cloud computing industry. Its top priorities for 2014 include new and improved cloud security certifications and fostering greater CSA participation among Fortune 500 companies.