Analytics
5/16/2012
10:27 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Information Services Group Joins Cloud Security Alliance

ISG will align services to best practice frameworks, contribute to definition of standards

STAMFORD, Conn., May 15, 2012 /PRNewswire/ -- Information Services Group (ISG) (NASDAQ: III), a leading technology insights, market intelligence and advisory services company, today announced it has joined the Cloud Security Alliance (CSA) as a corporate member.

The CSA is a broad coalition of industry practitioners, corporations, associations and other key stakeholders dedicated to promoting best practices on security assurance within cloud computing environments and to providing education on the uses of cloud computing to help secure all other forms of computing. CSA activities include educational outreach via industry and online events and research on cloud computing security assurance issues.

"Security is obviously a critical concern for businesses exploring cloud-based service delivery options," said Steven Hall, Partner, Cloud Solutions ISG. "Our collaboration with the CSA will allow us to leverage industry knowledge and expertise in the services we provide our clients as well as to contribute to evolving standards and best practices."

Recent issues addressed by the CSA and its members include threats to cloud computing, "big data" security and privacy standards, and security considerations for healthcare providers using cloud-based services.

"We are delighted to welcome ISG as a corporate member," said Jim Reavis, Co-Founder and Executive Director, CSA. "As a leading global research and consulting firm, ISG can play a critical role in defining true industry standards and in developing and refining effective frameworks and best practices to ensure security for cloud initiatives."

In 2010, ISG became the first independent sourcing advisor with a dedicated business unit to serve clients interested in moving IT and business process operations to the cloud as a way to reduce costs, improve flexibility or create scale to achieve their business objectives. The firm plans to align its Cloud Solutions advisory services to CSA standards and guidelines.

"Businesses implementing cloud initiatives struggle to navigate the security implications of the many different options and delivery models," said Hall. "By working closely with the leading industry group in the security space, and through direct access to emerging standards and best practices, we can help our clients understand and address the issues."

For more information on ISG Cloud Solutions, please visit http://www.isg-one.com/web/expertise/cloud/.

About Information Services Group Information Services Group (ISG) (NASDAQ: III) is a leading technology insights, market intelligence and advisory services company, serving more than 500 clients around the world to help them achieve operational excellence. ISG supports private and public sector organizations to transform and optimize their operational environments through research, benchmarking, consulting and managed services, with a focus on information technology, business process transformation, program management services and enterprise resource planning. Clients look to ISG for unique insights and innovative solutions for leveraging technology, the deepest data source in the industry, and more than five decades of experience of global leadership in information and advisory services. Based in Stamford, Conn., the company has more than 700 employees and operates in 21 countries. For additional information, visit www.isg-one.com.

About the Cloud Security Alliance The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.