- +31 6 2268 4939
- Obrechtstraat 28, 3572 EE, Utrecht, Nederland
First CCSP delivery, and some thoughts on oldskool and newskool IT thinking
A few weeks ago I ran my first CCSP training session (I did more than 40 CCSK sessions before this). As of this writing, the attendants still have to do the exam. Apparently the exam slots are booked a few weeks in advance. This was an in-company training with a pretty advanced group: info security […]
Just did the CCSP exam
New cloud security certification CCSP to complement CCSK
Using the Cloud Controls Matrix in procuring better cloud services
Cloud computing can make you more secure
The number one concern cited for avoiding cloud computing is security. And there is a reason for that. Cloud providers have demonstrated some spectacular failures in the past, including Amazon’s near total shutdown of an entire region, Dropbox’s authentication snafu, and innumerous cloud providers that go belly-up. However, in the long run, cloud computing is […]
How does secure software development in the cloud work?
The typical software development model of develop, deploy and run (with security often as an afterthought) does not work very well in a cloud environment. The two biggest reasons are feature velocity and operational assurance. In a cloud provider environment, functional features come (and sometimes go) on a daily basis. At the same time, both […]
Why I go to Manila for Cloud Security
Next week (25/26 November 2013) I will deliver Cloud Security (CCSK) training near Manila, Philippines. If you are interested in attending, drop me a line, we may have a good seat for you. It is with very mixed feelings that I will travel to Manila. Is delivering CCSK training relevant in a country that has […]
Can we simplify cloud security?
Last week, the Cloud Security Alliance had its EMEA congress in Amsterdam. The day before, I got a chance to be the instructor on a CCSK workshop (Certificate of Cloud Security Knowledge). The lineup of industry experts at the congress was awesome, it included people directly involved in the security of the biggest cloud computing […]
CCSK training in Kuala Lumpur – trip report
Last week I delivered a two-day CCSK (certificate of cloud security knowledge) in Kuala Lumpur. The typical structure of this training, as suggested by the Cloud Security Alliance, calls for a day of lecture followed by a day of practical exercises. However, I mixed lecture with case study and exercise, because I have experienced that […]