Business Model Canvas for Cloud Providers

Cloud Computing is not so much about technology but more about the new business models that this technology enables. The question then is, how do these business models look? One of the most inspiring ways of looking at business models is Read more...

Using the Cloud Controls Matrix in procuring better cloud services

The Cloud Security Alliance (CSA) maintains the so-called Cloud Controls Matrix (CCM), a list of controls that can be used to get assurance on the quality of a cloud provider. (See earlier blog post for more details and background on Read more...

Which Cloud service model is right for you?

Cloud Computing is no longer an option, but a reality in the IT landscape of almost all organizations. At the same time cloud computing has a lot of variants and choices. These choices are relevant for the IT strategy, and Read more...

How does the NSA look from the inside?

A couple of weeks ago I attended the SecureCloud conference in Amsterdam, organized by the Cloud Security Alliance and its partners. As always with CSA conferences, it was packed with solid material: real world experience, actionable advice, very senior government Read more...

Cloud computing can make you more secure

The number one concern cited for avoiding cloud computing is security. And there is a reason for that. Cloud providers have demonstrated some spectacular failures in the past, including Amazon’s near total shutdown of an entire region, Dropbox’s authentication snafu, Read more...

Join our research – Cloud Assurance in practice

The Dutch CSA chapter has a plan to address the number one concern of organizations using cloud: “can we trust our provider?”. The CSA (Cloud Security Alliance) has developed a number of tools to address that situation. Our plan is Read more...

How does secure software development in the cloud work?

The typical software development model of develop, deploy and run (with security often as an afterthought) does not work very well in a cloud environment. The two biggest reasons are feature velocity and operational assurance. In a cloud provider environment, Read more...

The cloud of things

Cloud computing also promises to be a great tool for the 'Internet of Things'. Here is an example of how that is applied right now. The heating system in my house has a bit of a challenge: the thermostat does Read more...

Turning the IT-value chain upside down

Cloud computing will turn the IT-value chain upside down. That will lead to dramatic changes in the way hardware and software is being marketed and managed. These changes will be most profound for IT departments and value added resellers (VARs), Read more...

Why I go to Manila for Cloud Security

Next week (25/26 November 2013) I will deliver Cloud Security (CCSK) training near Manila, Philippines. If you are interested in attending, drop me a line, we may have a good seat for you. It is with very mixed feelings that Read more...