CSA, BSI launch cloud security cert program
The Cloud Security Alliance (CSA) and Australian business standards company BSI have launched a third-party security certification program for cloud providers.
The STAR Certification program assesses cloud providers’ security capabilities using ISO/IEC guidelines and the CSA’s own Cloud Control Matrix.
Companies looking to achieve STAR Certification will need to demonstrate compliance with the globally recognised ISO/IEC 27001 information security management standard.
Providers must also meet the various criteria of the Cloud Control Matrix, including sections covering data governance, information security and resilience.
Assessments will be carried out by CSA-accredited certification bodies such as BSI. There will be three levels of certification - gold, silver and bronze - based on the maturity of providers’ various processes.
BSI Managing Director Nick Koukoulas said the certification program will fulfil an unmet need. “In response to recent concerns raised by the government, both consumers and providers of cloud-based services have been asking for independent, technology-neutral certification to help them make more informed decisions about the services they purchase and use,” he said.
“In providing a rigorous, user-centric assessment, STAR Certification will provide an additional layer of transparency,” Koukoulas said.
The future of security lies in prevention, not reaction
Businesses have two choices: rely on outdated security approaches and react to threats as they...
The digital horizon: tracking security trends
Today's technological reality requires new ways of thinking about infrastructure, security...
Why Australia will play a pioneering role in 2025's tech innovation
How Australia can lead global innovation in the coming years by becoming a tech powerhouse.
