Survey By IEEE, Cloud Security Alliance Details Importance And Urgency Of Cloud Computing Security Standards

Enterprises eager to adopt cloud computing, but regulatory requirements demand security standards compliance

March 1, 2010

4 Min Read

PRESS RELEASE

SAN FRANCISCO --(Business Wire)-- Mar 01, 2010 IEEE, the world's leading professional association for the advancement of technology, and the Cloud Security Alliance (CSA), a not-for-profit organization formed to promote the use of best practices for providing security assurance within cloud computing, today announced results of a survey of IT professionals that reveals overwhelming agreement on the importance and urgency of cloud computing security standards.

"It's clear from the survey's findings that enterprises across sectors are eager to adopt cloud computing—but that security standards are needed both to accelerate cloud adoption on a wide scale and to respond to regulatory drivers," said Jim Reavis, founder and executive director of the Cloud Security Alliance. "Cloud computing is shaping the future of IT, but, as this study shows in a variety of ways, the absence of a compliance environment is having dramatic impact on cloud computing's growth."

Hundreds of IT professionals, many of whom are actively involved in implementing cloud-related projects, participated in the joint IEEE/CSA survey. Among the survey's findings:

* Ninety-three percent of respondents said the need for cloud computing security standards is important; 82 percent said the need is urgent. * Forty-four percent of respondents said they are already involved in development of cloud computing standards, and 81 percent said they are somewhat or very likely to participate in development of cloud security standards in the next 12 months. * Data privacy, security and encryption comprise the most urgent area of need for standards development. * The ISO 27001/27002 Information Security Management Standard is a key regulatory driver of standards compliance, as are Data Breach Notification, PCI/DSS (Payment Card Industry Standard), EU Data Privacy Legislation, SOX (Sarbanes-Oxley Act) and HIPAA (Health Insurance Portability and Accountability Act). * The use of public, private and hybrid clouds will rise over the next 12 months. The survey found that, while public clouds are most popular, private and hybrid implementations are quickly gaining in adoption. * The rate of using and providing software, platform and infrastructure as a service (SaaS, PaaS and IaaS) will increase consistently in the next 12 months. The survey showed that PaaS and IaaS are set for the sharpest growth.

"The Cloud Security Alliance, as the world's leading organization focused on cloud security, and IEEE, as a global leader in standards development across an unmatched range of industries, are the obvious partners to establish the baseline on the current and intended usage of cloud computing services, as well as the needs, attitudes and behaviors around cloud security standards," said Judy Gorman, managing director, IEEE-SA. "The insights revealed in this survey will prove valuable in informing how the cloud community moves forward."

In addition to the announcement today at the Cloud Security Alliance Summit (http://www.cloudsecurityalliance.org/rsa2010.html) at the RSA Conference in San Francisco, the Computer Security Alliance and IEEE will also present the survey's findings March 16 at SecureCloud 2010 in Barcelona (http://www.cloudsecurityalliance.org/sc2010.html).

About the Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by industry practitioners and supported by more than 25 corporate members . For further information, the Cloud Security Alliance website is http://www.cloudsecurityalliance.org/.

About the IEEE Standards Association

The IEEE Standards Association, a globally recognized standards-setting body, develops consensus standards through an open process that engages industry and brings together a broad stakeholder community. IEEE standards set specifications and best practices based on current scientific and technological knowledge. The IEEE-SA has a portfolio of over 900 active standards and more than 400 standards under development. For information on the IEEE-SA, see: http://standards.ieee.org.

About the IEEE

IEEE is the world's largest professional association advancing innovation and technological excellence for the benefit of humanity. Through its more than 375,000 members in 160 countries, IEEE is a leading authority on a wide variety of areas ranging from aerospace systems, computers and telecommunications to biomedical engineering, electric power and consumer electronics. Dedicated to the advancement of technology, IEEE publishes 30 percent of the world's literature in the electrical and electronics engineering and computer science fields, and has developed nearly 900 active industry standards. The organization annually sponsors more than 850 conferences worldwide. Additional information about IEEE can be found at http://www.ieee.org.

IEEE Karen McCabe, +1 732-562-3824 SA Marketing Director [email protected] or ZAG Communications for the Cloud Security Alliance Robert Nachbar, +1 206-427-0389 [email protected]

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights