CISO Digital Transformation Summit US West | November 18-20, 2019 | Westin Kierland Resort & Spa - Scottsdale, AZ, USA

session


Share:

Cloud Security Architecture (CSA) Capability Framework to Create Built-in Security for a CloudHybrid Data Center

Think Tank - 2:10 pm - 2:35 pm

Cloud enables a financial organization to achieve better business agility, speed to the market, long-term cost saving, and great security and compliance at a scale and speed that cannot be matched by a traditional on-premise data center. To achieve the most benefits, the organization may want to use services from multiple clouds with different service models (e.g., SaaS - O365, PaaS - Azure, and IaaS - AWS) and deployment models. The security risks must be addressed systemically and comprehensively to maintain confidence in the cloud systems and trust in the financial institution. The defense needs to be built-in from the beginning rather than bolted-on later. Once built-in, the security controls can be inherited or leveraged by business applications and data deployed in the cloud-hybrid data center, increasing speed to the market and better system security and compliance.  
This session introduces a Cloud Security Architecture (CSA) Capability framework that enables an organization to build the state-of-art defenses into a cloud-hybrid data center. It allows the organization to safely deploy high-risk workloads and process regulated and sensitive data in multiple clouds with built-in compliance to multiple regulatory mandates and industry standards, such as FFIEC, GLBA, SOX, FISMA, PCI, and NIST 800-53. The framework also allows the organization to rationalize its security technologies, providing portfolio clarity and simplification, identifying saving potential, improving cost efficiency, and reducing security risks.  

Takeaways

  1. The CSA Capability framework can help an organization to achieve better business agility, long-term cost saving, and great security by building security into a cloud-hybrid data center  
  2. The framework can handle top cloud security risks and security requirements from multiple regulatory mandates and an organization's control objectives & controls   
  3. It can clarify & simplify your organization's security technologies portfolio, identify saving potential, improve cost efficiency, and reduce security risks. 


Presented by:

Lian Jin, Chief Security Architect, MUFG Union Bank, N.A. View details