Categories: CloudSecurity

Jericho Forum Targets Cloud Security

Security organisation Jericho Forum has published a model which it claims should help companies with security planning when assessing cloud computing applications and infrastructure.

The organisation, whose members include the chief information security officer (CISO) for BP and Symantec’s chief scientist, has published a positioning paper which describes the Jericho’s Cloud Cube Model approach to securing hosted applications.

The company has also posted a video on Youtube from Jericho board member Adrian Seccombe, who is also CISO and at US pharmaceutical giant Eli Lilly. Seccombe said that although there are significant security risks with cloud computing, if implemented right it can have enormous benefits in terms of flexibility.

“The cloud approach to organising business can be both more secure and more efficient than the old-style silo structure,” he said. “Viewed from a different perspective it opens a potential Pandora’s Box of security nightmares… not least of which is loss of data confidentiality and integrity.”

Seccombe added that a carefully approach to cloud computing should bring security issues back under control. “In fact, a pure cloud model really can make the user king, providing him with ultimate flexibility. But reaching that pure level is not easy,” he said .

Jericho says that for less than £100, spent on a credit card, companies can get access to huge computing resources that would have required months of planning and thousands of pounds of investment in the past. However that flexibility comes at a price of its own and has to be approached carefully, the organisation said.

“No need for big project plans, no lengthy presentations, no funding discussions or budget-sign-offs. But the cloud has massive implications for how you evaluate risk and also how you secure data or what business continuity set up you establish,” Jericho said in statement.

According to John Meakin, Jericho Forum board member and director digital security and CISO for BP, focusing on cloud security is a natural evolution of his group’s work on de-perimeterisation – a strategy based on securing specific assets rather than ring-fencing the whole corporate network.

“Developing a set of best practice principles addressing secure collaboration in the cloud is the obvious – and indeed important – next goal for us,” said Meakin.

Jericho is set to discuss its cloud approach at a panel session on Thursday, 30 April at Infosecurity Europe in London.

Andrew Donoghue

View Comments

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

4 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

19 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

21 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

23 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

23 hours ago