CIO Washington D.C. Summit | December 10, 2019 | Convene - 600 14th Street NW - Washington, DC, USA

session


Cloud Security Architecture (CSA) Framework to Create a Built-in Security for a Multi-Cloud Data Center

Think Tank - 2:25 pm - 2:50 pm

Cloud enables a financial organization to achieve better business agility, speed to the market, long?term  cost saving, and great security and compliance at a scale and speed that cannot be matched by a  traditional on?premise data center. To achieve the most benefits, the organization may want to use  services from multiple clouds with different service models (e.g., SaaS - O365, PaaS - Azure, and IaaS - AWS), and deployment models (e.g., public, private, community). The security risks must be addressed  systemically and comprehensively to maintain confidence in the cloud system and trust in the financial  institution. The defense needs to be built?in from the beginning rather than bolted?on later. Once builtin, the security controls can be inherited or leveraged by business applications and data deployed in the  cloud?hybrid data center, increasing speed to the market and better system security and compliance.  This session introduces a Cloud Security Architecture (CSA) Capability framework that enables an  organization to build the state?of?art defenses into a cloud?hybrid data center, and allows the  organization to safely deploy high?risk workloads and process regulated and sensitive data in multiple  clouds with a built?in compliance to multiple regulatory mandates and industry standards, such as FFIEC,  GLBA, SOX, FISMA, PCI, and NIST 800?53. The framework also allows the organization to rationalize its  security tools and cloud security services to clarify & simplify tools portfolio, identify saving potential,  improve cost efficiency, and reduce security risks. 

Takeaways:  

  1. The CSA Capability framework can help an organization to achieve better business agility, longterm cost saving, and great security by building security into a cloud?hybrid data center  
  2. The framework can handle top cloud security risks and security requirements from multiple  regulatory mandates and the organization's control objectives & controls  
  3. It can clarify & simplify your organization's security tool portfolio, identify saving potential,  improve cost efficiency, and reduce security risks.  

Presented by:

Lian Jin, Chief Information Technology Security Architect, MUFG Union Bank, N.A. View details