CSA Presentation: Leveraging the CAIQ and CCM

When:  Nov 18, 2021 from 11:30:00 AM to 12:30:00 PM (CT)
Associated with  Austin Chapter

Join us November 18th to learn how the CAIQ and CCM can equip your organization with the tools necessary to properly assess potential cloud technologies using commonly accepted industry standards and documented security controls.

In 1997, Professor Ramnath Chellappa of Emory University coined the term, “Cloud.”  5 years later, Amazon Web Services (AWS) launched its initial public cloud offering in 2002.  By 2018, the global cloud computing market exceeded $270B; and recent events, like the COVID-19 pandemic, have served as accelerants for this cloud explosion with expectations to exceed $620B by 2023.

Along with this voracious appetite for cloud technologies, numerous security vulnerabilities have been exposed; and today, one of the most critical challenges for many organizations is understanding how to evaluate potential cloud service providers.

Since 2008, the Cloud Security Alliance (CSA) has defined standards, certifications, and best practices to help ensure secure cloud environments. The Consensus Assessments Initiative Questionnaire (CAIQ - pronounced “CAKE”) is a CSA survey designed to give consumers and auditors the ability to assess the security capabilities and Cloud Controls Matrix (CCM) compliance of cloud service providers.

The CCM is a CSA cybersecurity control framework for cloud computing composed of more than 130 control objectives across 16 domains of cloud technology, such as:

  • Application and Interface Security
  • Audit Assurance and Compliance
  • Business Continuity Management and Operations Resilience
  • Change Control and Configuration Management
  • Data Security and Information Lifecycle Management
  • Datacenter Security
  • Encryption and Key Management
  • Governance and Risk Management
  • Human Resources
  • Identity and Access Management
  • Infrastructure and Virtualization Security
  • Interoperability and Portability
  • Mobile Security
  • Security Incident Management, E-Discovery, and Cloud Forensics
  • Supply Chain Management, Transparency and Accountability
  • Threat and Vulnerability Management

CSA Austin Chapter Board:

Fred Meek, Membership Director

Fred has spent the last 26-year as a technology “geek” who has led large data center infrastructure and cloud solution architect teams, like Palo Alto Networks and CrowdStrike. Currently, Fred manages Solution Architect teams in the West and South territory for Wiz Security, a cloud security and threat research company. Fred and his family have resided in Austin, TX, for the last 25 years.

Dan Devane, Vice President & Program Director

Dan is a 20-year sales veteran who's led cloud teams at successful startups, like Box, and established Fortune-sized OEMs like Dell/EMC and Palo Alto Networks.  Currently, Dan manages the TOLA business for AppOmni, a SaaS posture management security company.  Dan and his family make their home in Driftwood, Texas.

Tomas Ball, President

Tomas is an Army veteran who has spent the last 20+ years in technology.  His career has ranged from software engineer to sales director roles across both startups and well-established companies. The native Texan is based in Austin as Lead Sales Engineer for Automation Anywhere, the leading cloud-based robotic process automation platform.

Event Image
Download to Your Calendar Outlook Google