Cloud Controls Matrix

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris

I have fully recovered from the effects of my brain stroke and I am back to normal life. It did take some time but now I am raring for action. Please send me invites to this mapping.

Looking forward to contribute.

Regards

Agni

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris,

I am interested. It would be great working with Agni!

Thanks,

Deb

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris,

I am interested. It would be great working with Agni!

Thanks,

Deb

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris, 

  Cound me in.

Leo Magallon, CISSP, CISA

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris

Please count me in, looking to contribute.

Kind Regards

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hello and Good Evening Lefteris,

If the opportunity is still available, I would be interested!!

Regards,

Nilesh Roy | +919820094678 | [email protected]

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Thank you all for your interest.
Please consider joining the CCM WG calls to discuss further the means of your contribution to the project, or other CCM WG activities.
The mapping has kicked-off and it is in progress.

Hello and Good Evening Lefteris,

If the opportunity is still available, I would be interested!!

Regards,

Nilesh Roy | +919820094678 | [email protected]

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Thanks for the info @Lefteris Skoutaris .   I found a Cloud Controls Matrix group that appears to be a private community and a CCM User Group.   I am a member of the CCM User Group.  Is that the right group?

Thank you all for your interest.
Please consider joining the CCM WG calls to discuss further the means of your contribution to the project, or other CCM WG activities.
The mapping has kicked-off and it is in progress.

Hello and Good Evening Lefteris,

If the opportunity is still available, I would be interested!!

Regards,

Nilesh Roy | +919820094678 | [email protected]

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Thank you all for your interest.
Please consider joining the CCM WG calls to discuss further the means of your contribution to the project, or other CCM WG activities.
The mapping has kicked-off and it is in progress.

Hello and Good Evening Lefteris,

If the opportunity is still available, I would be interested!!

Regards,

Nilesh Roy | +919820094678 | [email protected]

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris, I am definitely interested.

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

I am definitely interested. FYI I help craft the first release of CSF.

Hi Lefteris, I am definitely interested.

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Thank you all for your interest in this project.
It's been a while since the initial post and the mapping is in very good progress.
I will reach out to you in case any additional support is needed.
In the meantime, please stay tuned for other project announcements, as there are a few coming up.
Looking forward to meeting you in our calls.

I am definitely interested. FYI I help craft the first release of CSF.

Hi Lefteris, I am definitely interested.

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------

Hi Lefteris, I am definitely interested.

Dear members,

CCM WG and leadership is interested in pursuing a mapping of CCM V4 to the NIST CSF v2.0 Draft.

 Introduction:
This new mapping project involves a mapping and gap analysis and it is expected to kick-off during the CCM WG call next Wednesday, Dec. 20th.

This mapping project follows a previous collaboration that CSA had with NIST with the mapping of CCM to CSF v1.1., that resulted in useful feedback to NIST of cloud security deltas to be included in CSF v2.0. The CCM - NIST CSF v1.1 mapping is published within the current version of CCM V4.0. (see Scope Applicability (Mappings) tab).

The objective of the project is the requirements comparison of the two frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM V4 security requirements in NIST CSF V2, especially when seeking to integrate these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST CSF and/or CCMv4 framework's security controls.

While the CSF v2.0 is not yet at a final version, it is expected that there are not going to be any major changes introduced until its release in early 2024.

CCM WG meetings cadence:
CCM WG has 2 call sessions, one is weekly, the other biweekly. Experts are needed to attend at least our biweekly calls to align to the CCM WG mapping methodology and touch base on progress.

Project duration:
The overall project duration is expected to be approx. 3-4 months.

Should you be interested in participating in the project, please reply back to this thread or message my inbox. Please also consider joining our next week's call.

Feel free to reach out in case you have any questions.

Best regards,

------------------------------
Lefteris Skoutaris
Cloud Controls Matrix, Program Manager
Cloud Security Alliance
------------------------------