This workshop revolves around the EU-SEC approach for adopting Continuous Auditing Based Certification scheme for Cloud Services. The workshop will include a demo and hands-on session showing the pilot architecture modules and functionalities for the end-users and auditors.
Third party audits and certifications have become the most effective solution to increase the level of trust in the reliability of security and privacy measures implemented by CSPs. Such audits are traditionally performed annually or bi-annually, which means that whenever interim changes are made to security and privacy practices, these amendments go unaudited until the next official check. This creates gaps in assurance during the periods where no audits are conducted. While this may be an acceptable risk for some cloud customers, for others, these assurance gaps remain a strong barrier to cloud adoption.
The EU-SEC project is developing a process that will bring continuous assurance by addressing the lack of regularity and proactivity of traditional “point-in-time” certifications. The method developed for this is called Continuous Auditing Based Certification. By using technology to monitor and flag non-compliant activity on an ongoing basis, continuous auditing delivers an enhancement to traditional certification. It increases the assessment frequency via a continuous workflow. State of the art security monitoring systems supervise the IT’s security status by collecting data from the CSP’s information system. This collected data is further assessed and used as the basis for continuous auditing.
Registration is free of charge and available at https://www.sec-cert.eu/eu-sec/ws_bln8.
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use