Secure Cloud Solutions for Open Government Forum: Abu Dhabi 28-30 April 2014

Securely delivering high-quality digital government information and services using cloud IT solutions is crucial for modern governance. Learn key principles and frameworks to design, build, and operate secure cloud solutions effectively. Explore the importance of automated continuous security monitoring in maintaining a robust security posture.

• Secure Cloud Solutions
• Government Forum
• Cybersecurity
• IT Solutions

jeferson Follow

Uploaded on Mar 02, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Secure Cloud Solutions Open Government Forum Abu Dhabi 28-30 April 2014 Karl Chambers CISSP PMP President/CEO Diligent eSecurity International

2. The e-Government Challenge Securely delivering high-quality digital government information and services utilizing cloud IT solutions: Anywhere Anytime On any device

3. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

4. Design and Build it Securely Using Cloud Risk Management Framework (CRMF) Federal Risk and Authorization Management Program (FedRAMP)

5. Design and Build it Securely Using Cloud Risk Management Framework (CRMF) Step 1:Categorize the Cloud Solution Step 2: Identify Security Controls to Protect the Cloud Solution Step 3: Implement the Selected Security Controls in the Cloud Security Architecture Step 4: Assess the Security Controls of the Cloud Solution using the FedRAMP process Step 5: Authorize the use of the Cloud Solution Step 6: Monitor the Cloud Solution Continually

6. Design and Build it Securely Using Federal Risk and Authorization Management Program (FedRAMP)

7. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

8. Operate it Securely Using Automated Continuous Security Monitoring Automated Continuous Security Monitoring is a risk management approach to Cybersecurity that: Maintains a picture of an organization s security posture Provides continuous visibility into information assets Leverages use of automated data feeds and data analytics Monitors effectiveness of security controls Enable prioritization of remedies.

9. Automated Continuous Security Monitoring (ACSM) Case Study US Department of State ACSM Tool: Analytics and Continuous monitoring Engine (ACE) solution from Virtustream ACE receives and analyzes continuous inputs from: Asset Management Vulnerability Scanners Patch Management Event Management Incident Management Malware Detection Configuration Management Network Management License Management Information Management Software Management ACE provides continuous risk updates to management dashboard.

10. Three Key Principles to a Secure Cloud Solution Design and Build it Securely Operate it Securely Always Encrypted Data

11. Always Encrypted Data In transit between systems and locations Stored in the cloud

12. Questions Karl Chambers PMP CISSP President/CEO Diligent eSecurity International, Inc. 1954 Airport Road Suite 233 Atlanta, Ga 30341 Karl.chambers@desintl.com 01-678-591-7764