CipherCloud and Cloud Security Alliance forge Cloud Security Working Group

Cloud Security Open API Working Group to standardize key data security best practices for CASB deployments.

  • 9 years ago Posted in

Recognised as the fastest-growing segment of cloud security, the cloud access security broker (CASB) space is still an emerging one where standards have yet to coalesce. To fill this gap, CipherCloud, the leader in cloud visibility and data protection, and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group to jointly define protocols and best practices for implementing cloud data security as a part of the CASB framework. Deloitte, InfoSys, Intel Security, SAP and other technology leaders will also contribute.


The Cloud Security Open API Working Group will provide guidance on vendor-neutral data-security implementation to help accelerate cloud services adoption. Collaboration on these guidelines will also further accelerate security integrations across multiple clouds and with third-party technologies. This initiative will enable enterprises to leverage standards-based APIs to protect data via encryption, tokenisation and other technologies across cloud environments, helping eliminate the need for custom integration for each cloud. The working group plans to produce API specifications and a reference architecture to guide cloud data protection.
“Standards are an important frontier for the cloud security ecosystem,” said Jim Reavis, CEO of CSA. “The right set of working definitions can boost adoption. This working group will help foster a secure cloud-computing environment – a win for vendors, partners and users. Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications.”
“Cloud is the killer app for security innovation,” said Pravin Kothari, founder and CEO of CipherCloud. “But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security. Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in CASB, we are excited to co-lead this initiative with CSA to accelerate security across clouds.”

“Enterprises and governments are struggling with the challenge of how to manage their cyber risks as they move data and compute to the cloud,” said Jeff Margolies, principal, Deloitte & Touche LLP. “Currently the cloud security ecosystem lacks basic integration standards for connecting third-party security solutions to cloud applications, platforms and infrastructure. By bringing together vendor, channel and customer constituents, this working group plans to provide clarity on leading practices for integration, critical to continued cloud adoption.”
“We believe that customers will be the ultimate beneficiaries of these standards,” said Nayaki Nayyar, senior vice president, Cloud for Customer Engagement, SAP. “A clear set of cloud security standards and best practices will help enable organisations to reap the benefits of the cloud in less time with added assurance that their data is secure.”

"With enterprises scaling their use of hybrid cloud solutions to drive their business, the role of interoperable cloud security based on standard APIs is critical," said Curt Aubley, vice president and Data Center Group CTO at Intel. "Intel is committed to working with the industry to develop the foundation for interoperable cloud security and applauds CSA's continued leadership within this arena." 

On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.
Commvault provides cloud-first organisations with greater choice and flexibility to protect and...