The Information Security Forum (ISF) released its Using Cloud Services Securely: Harnessing Core Controls, which provides a comprehensive approach to securing cloud services for organizations that are considering using, or already actively use, one or multiple cloud service providers (CSPs).

“Cloud computing has evolved at an incredible speed and, in many organizations, is now intertwined with the complex technological landscape that supports critical daily operations. However, this ever-expanding cloud environment gives rise to new types of risk,” said Steve Durbin, Managing Director, ISF. “Our latest report empowers organizations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events. Whether using one or multiple cloud services, organizations will be well-positioned to make the most of the opportunities offered by cloud computing.“

The cloud environment has become an attractive target for cyber attackers, highlighting the pressing need for organizations to enhance their existing security practices, says the press release. Consistently implementing the fundamentals of cloud security can be a complicated task due to the diverse and expanding nature of the cloud environment, says ISF. Using Cloud Services Securely: Harnessing Core Controls provides organizations with an approach to meeting security obligations in the cloud environment, providing guidance on how to:

  • Enforce some practical and actionable principles of cloud security governance.
  • Deploy and maintain a set of core cloud security controls, with reference to the specific responsibilities of the organization as the cloud customer.
  • Select the right combination of cloud security products and services to support the implementation of the security controls.

“Business and security leaders already face many challenges in protecting their existing IT environment. They must now also find ways to securely use multiple cloud services, supported applications and underlying technical infrastructure,” continued Durbin. “Whether your organization is considering, or already actively using one or multiple CSPs, taking proactive steps to implement the security controls recommended in this report will instil confidence in business leaders that they can use cloud services securely and maximize the potential offered by the cloud environment.”

To access the report and more information, visit the ISF website.