Cloud Security Standards

They seem to be random character strings: ISO 27001/IEC 2005, SAS 70 Type II, SSAE-16, PCI DSS, EU DPD 9546 EC… But there is a value behind each one of them, if you understand the story. If we discount the smaller niche cloud players who provide very specialised services – let’s concentrate on the high-volume…

2

Play card games in your stride

  I recently gave a talk at the UK’s Cloud Circle Security Forum in which I included material on the Security Development Lifecycle and was quite amazed at the number of people who came up to me afterwards and expressed an interest in this formalised and process-oriented way of developing secure code. It struck me…