Hello from the Cyber Console,
We’d love your help to build this chapter! There are four ways in which to get involved:
As you may know, the Cloud Security Alliance offers the cybersecurity practitioner a phenomenal opportunity to advance the science and art of cloud security. Its global reach, multinational working groups, and international conference programs have cultivated a communication channel that is unmatched in its following and focus.
At the CSA-DC Chapter, we seek to harness the DC Metro brain trust in order to advance the state and practice of cloud security to better enable cloud adoption and strengthen cyber solutions for the US government and highly regulated US industries. We started the CSA-DC Research Committee specifically to provide a place where locally seeded research could be vetted, explored without bias, supported, and published for the good of the membership and the industries we support.
Please join me in the quest to advance cloud security. Bring your research ideas and knowhow to the CSA-DC Research Committee, become a part of something rewarding, and let’s make a the difference that cyber adversaries remember best! The Research Committee is currently seeking research ideas and contributors to join the research working groups.
The CSA-DC Chapter Research Committee is dedicated to solving critical problems facing the Government and highly regulated business sectors important to our membership. Your ideas and enthusiasm to support the research are appreciated. To submit research ideas or to get involved in the activities of the Research Committee, please email [email protected].
Ms. Mari J. Spina, D.Sc.
CSA-DC Research Committee Chairperson
[email protected]
Abstract for CSA-DC Chapter Current Research Paper
As the Cloud Safe Task Force (CSFT) digs into commercial cloud security from a National Security perspective, the need to solve some of the most critical cloud security issues facing Government grows more urgent! Never before in our history has US commercial industry been engulfed in an American wartime operation like it is today in the cloud. As a result of the shared responsibility model, Cloud Service Provides (CSPs) are playing an increasingly vital role in nation cyber defense. The CSA-DC Chapter, along with CSA Global, has partnered with national groups concerned about national cyber defense. Faced with the prospect that the US Government might venture to rebuild on-premise IT systems, the CSFT, founded by CSA, IT-AAC, ATARC, and MITRE, is leading the way for major change to preserve the cloud computing industry for US Government workloads. This research activity seeks to place commercial solutions with national cloud cyber problem. Volunteers are asked to join the collaboration to foster discussion and demonstrations to support the CSFT. Please visit the latest CSFT recommendation and volunteer your solution to preserve the industry and protect the nation.
Cloud Safe 10 Step Recommendations: https://www.mitre.org/news-insights/publication/cloud-safe-task-force-recommendation-roadmap#:~:text=The%20Cloud%20Safe%20Task%20Force,security%20of%20government%20cloud%20environments
Cloud Adversarial Vectors, Exploits, and Threats - MITRE: Cloud_Adversarial_Vectors__Exploits__and_Threats_-_MITRE_sponsored_version_20231127.pdf
Call for Participation - Current Research Paper
ATT&CK & D3FEND with a CAVEAT - Discovering the Gaps and Plotting a Course for Cloud Specific Adversary Modeling
Cybersecurity practitioners continue to search for adversarial threat models to drive system assessment and operational analytic development. While the Lockheed Martin Cyber Kill Chain and the Microsoft STRIDE model have contributed to huge advancements in adversarial “Double Think”, MITRE’s ATT&CK Framework was developed to provide more granular detail on adversarial tactics, techniques, and procedures (TTPs). Still, developing an adversary model that addresses the mitigations demanded by NIST’s Cyber Security Framework (CSF) would appear to be an objective still out of reach. As MITRE’s D3FEND emerges to assist, the needs of the cloud security engineering industry remains a forgotten step child. The CSA-MITRE Cloud Adversarial, Vectors, Exploits, and Threats (CAVEAT) Collaboration seeks to bring more relevant content to the cloud security practice. This research will explore today’s available adversary models relevant cloud-based systems, examine their utility, and proposes a course of action for industry necessary to advance the state of the art for cloud adversary analysis.
Learn More / Get Involved: Email [email protected]
Chapter Research Publications
A Guided Approach to Support Your Zero Trust Strategy
As the world’s workforce sought to overcome the Covid-induced pandemic, a remote workforce suddenly became the new normal. At break-neck speed, information technology (IT) organizations were working to improve the security of millions of new endpoints that were accessing a network not optimized for remote work. To keep pace with these overwhelming security and risk management requirements, aggressive modernization initiatives were launched to include embracing new cloud-based services to quickly provision, operate, monitor and respond to security incidents. This emergent complex, hybrid infrastructure presented a new threat landscape that represents the new normal. It also became the perfect backdrop for the National Institute of Standards and Technology (NIST) to release its Special Publication (SP) 800-207 on Zero Trust Architectures (ZTAs) and in the United States, President Biden’s Executive Order 14028, Improving the Nation’s Cybersecurity, calling for the adoption of ZTAs.
As organizations contend with complying with a federal mandate, developing modernization journeys to the cloud and implementing resiliency from new attack vectors, the lead authors of this paper from the CSA-DC Chapter aimed to provide a guided approach on how organizations can navigate a highly complex environment to develop a Zero Trust (ZT) strategy.
Although ZT is in its infancy, we hope this paper provides a snapshot of the complexity and infancy of ZT adoption. We believe it helps IT stakeholders with a deeper understanding of:
-
An evolving and broad technology landscape
-
New government initiatives from CISA on a ZT Maturity Model
-
Developing a ZT strategy through conducting a ZT Maturity Assessment and developing a ZT Roadmap
-
The impact of technology, culture, policy, and regulatory factors have on the ability for organizations to adopt a ZTA
This paper concludes with Recommendations on how ecosystem stakeholders can improve collaboration to accelerate the adoption of ZT in their environments and meet government mandates.
Download Publication
Earning Trust in the 21st Century
In today’s interconnected and technology reliant world, the expectation of trust and need to trust is growing. Today’s trust-based solutions may become non-viable in the future. As use of the cloud grows, we are experiencing a shift in resource allocation from on-premise to off-premise systems. As systems move to cloud hosted environments, the loss of control over the access network becomes a concern. Today’s trust-based solutions typically start at the network level. If a user has access to a network, they are typically trusted to have access to some or all of the resources, data, and systems on that network.
But, when networks are unknown and untrusted, how is trust acquired? Zero Trust (ZT) architectures seek to provide access control techniques that assume the network is not trustworthy. One of the approaches suggested by industry is the use of trust scores. Like a credit score, a cyber trust score could be used to assess the risk potential associated with allowing any given user access to systems and information. But how would a trust score be calculated? Current approaches smack of a violation of privacy where the right to gain access is issued only by agreeing to be monitored.
This paper addresses the technical, social, policy, and regulatory issues associated with creating trust frameworks in a Zero Trust world. Industry and government are called to solve issues in ways that continue to protect the right to a users’ privacy.
CSA Research Artifact Library Access
Over the last 11 years, we have developed an extensive library of over 400 artifacts that speak to many different topics in cloud security. Accessing and downloading research has just become easier through our Research Artifacts Publications Library. Below are a few must-read artifacts:
Engaging CSA Research
https://cloudsecurityalliance.org/research/
As chapter members you have the opportunity to influence, leverage and participate in all aspects of CSA's Research Lifecycle by engaging our Working Groups, Open Peer Reviews, Surveys. You also have access to over 200 previously recorded CloudBytes webinars, which are a great way to stay educated on the latest trends in cloud security and earn CPE credits.
When in Doubt - Join a CSA Working Group!
https://cloudsecurityalliance.org/research/working-groups/
Above is the link to our active working groups spanning many different domains of cloud security. Simply click the working group microsite and you'll have access to the working group description, charter, latest artifact releases and upcoming meetings. By joining a working group you'll have intimate access to the latest technical documents in development, invited to working group calls and opportunities to collaborate with SME's. To get started with joining a working group, you will need to create a profile on our community platform Circle.
Circle - Your gateway to CSA resources, discussions and working groups!
https://circle.cloudsecurityalliance.org/home
Once you've signed up a Circle profile, please make sure to join your Chapter community. Below are a few steps to follow:
- Click on'Sign In' at the top, and sign in using your preferred mode (Google, LinkedIn, Microsoft, email).
- Once you're in, you can click on 'Communities', then 'All Communities'.
- Look for the group of your choice on the list and click 'Join'.