▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

Cloud Security Alliance Announces Additional Mappings Between Cloud Controls Matrix (CCM) and National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CFT)

#CCM--RSA Conference--The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing ...

Business Wire

Mapping identifies misalignment and gaps between updated CCM and CFT

SAN FRANCISCO: #CCM--RSA Conference--The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announced an additional mapping and gap analysis between its flagship Cloud Controls Matrix (CCM) and the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v2.0.

Drafted by the CCM Working Group, this mapping serves to align CCM with CSF and to identify the equivalence, gaps, and misalignment between the control specifications of the two frameworks, allowing for more streamlined compliance. Cloud organizations can leverage this mapping to derive numerous key benefits, enhancing their cloud security and compliance programs.

“By expanding upon the CCM’s current mapping to NIST’s Cybersecurity Framework we are not only providing a means to aligning an organization's cloud security and compliance efforts, but ensuring that every step forward is in the right direction,” said Lefteris Skoutaris, Program Manager and Research Analyst, Cloud Security Alliance, EMEA.

Additionally, the Cloud Controls Matrix (CCM) Working Group would like to announce a new minor update to CCM v4.0.11. This update and release incorporates the additional mapping of CCMv4.0 with NIST CSF v2.0. This update serves to strengthen CCM’s position as the cloud security industry’s preferred control framework.

This additional mapping brings the total number of mappings to 15. The CCM Working Group previously mapped CCM to the following standards: NIST 800-53r5, NIST CSF v1.1 and v2.0, PCI DSS v3.2.1 and v4.0, ISO/IEC 27001 (2013, 2022), ISO/IEC 27002 (2013, 2022), ISO/IEC 27017 (2015), ISO/IEC 27018 (2019), AICPA TSC (2017), CIS v8.0, ISF SOGP 2022 and CCM v3.0.1. Additional mappings are under development and will be added in the future.

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing, composed of 197 control objectives structured in 17 domains, covering all key aspects of the cloud technology. It can be used as a tool for the systematic assessment of a cloud implementation, and provides guidance on which security controls should be implemented by which actor within the cloud supply chain. The controls framework is aligned to the CSA Security Guidance for Cloud Computing and is considered a de-facto standard for cloud security assurance and compliance.

Along with releasing updated versions of the CCM and CAIQ, the Cloud Controls Matrix Working Group provides control mappings, gap analysis, and addendums between the CCM and other industry standards and regulations to keep it continually up-to-date. Those interested in participating in the working group or its research are invited to join.

The CCM is a free resource and is available for download now.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

Gyala: a new "Made in Italy" cybersecurity

With a proven track record in the defence field, Gyala now also brings its cybersecurity technologies to the wider enterprise audience

ITALIAN PROJECT AWARDS 2023: the best IT projects of the year, awarded

Now in its third edition, the initiative is targeted at the ICT professional world and honours projects based on innovative ideas and technologies, realised…

I3P launches the Cybersecurity Incubation Program

The I3P's initiative is promoted together with the National Cybersecurity Agency in collaboration with Leonardo and C*Sparks.

iVis Technologies enables remotely-controlled corneal telesurgery

It's based on Italian technologies the first successful intercontinental telesurgery intervention for keratoconus carried out remotely, connecting Bari…

Most read

Argentina Prepaid Card and Digital Wallet Business Report 2024: Market…

The "Argentina Prepaid Card and Digital Wallet Business and Investment Opportunities Databook - Market Size and Forecast, Consumer Attitude & Behaviour,…

MDS Property Management Software Achieves SOC 2 Compliance

#newyorkcity--MDS Property Management Software is pleased to announce the successful completion of its System and Organization Controls (SOC) 2 audit,…

University of Phoenix Leadership Joins Proceedings of 2024 PESC-A4L Spring…

University of Phoenix is pleased to share that Vice Provost of Strategy, Marc Booker, Ph.D., Senior Director of Program Deployment; Hillary Halpern, M.B.A.;…

Ault Alliance Declares Monthly Cash Dividend of $0.2708333 Per Share of…

$AGREE #13_Percent_Cumulative_Preferred--Ault Alliance, Inc. (NYSE American: AULT), a diversified holding company (“Ault Alliance,” or the “Company”),…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!