United Kingdom National Cyber Security Center (NCSC) has published an updated set of guidelines to support organizations in migrating their online services and sensitive data to the cloud, outlining what it describes as a “more adaptive approach” to technology delivery.
It dates back almost 10 years, although it has been revised and revised during that time, The cloud security guideis basically designed to help customers determine how confident they can be that a cloud service is secure enough to process their data through a framework that is built around 14 cloud security principles.
It starts on the opening day of its annual CyberUK conference in Wales, the guide is aimed at organizations of all sizes from the public and private sectors, reflecting the growing number of companies and organizations that use the benefits of the cloud to streamline their operations. To this end, it is specifically designed to be as accessible as possible – it now includes two frameworks that allow everyone from small businesses to the largest businesses to accept cloud services in confidence.
“The cloud is playing an increasingly important role in the functioning of online services in the UK and this trend will continue in the future,” said Paul Madinson, Director of National Sustainability and Strategy at NCSC.
“Our updated cloud security guide has the philosophy of design security basically, which means that organizations can have confidence in choosing a provider. I would strongly encourage network advocates in organizations of all sizes to take advantage of the helpful tips provided in our updated cloud security guide. ”
Reflecting the growing awareness of supply chain security issues – which is becoming more urgent when applied to cloud public service providers – it also now emphasizes the importance of buyers thoroughly scrutinizing and evaluating potential suppliers to reduce the risk of your data being lost or stolen.
It also adheres to a newly published, principle-based approach to technology assurance that, according to the NCSC, allows for an in-depth look at how technologies or systems can be preserved, and other systems (and people) that rely on them, safe from the threats they are likely to encounter during their lifetime.
Chris Heyman, UK Director of Public Sectors at Amazon Web Services (AWS), commented: “Organizations are using cloud computing for increasingly diverse and mission-sensitive uses, and we look forward to seeing that updated NCSC guidelines reflect this.
NCSC is a world leader in developing cloud security advice and guidance, and we look forward to continuing to work with them to support their mission to help make the UK the safest place to live and work online. .
“Security is important to all, and we will continue to innovate and help increase security for all,” Heyman said.
Meanwhile, the current CyberUK 2022 conference supports the so-called “whole society” approach to the UK’s national cybersecurity position, in line with the objectives of the government’s national cyber strategy.
The event includes various panels, sessions and interactive seminars, many broadcast live on the NCSC YouTube channelKey topics this year inevitably include the world community’s cybersecurity response to the war in Ukraine and the potential threat posed by Russia’s invasion to organizations in the United Kingdom.
The conference also hosts the Cyber Den competition, in which emerging security companies present their solutions to various security challenges to the NCSC Dragon Panel, with the winner receiving one year of support and custom assistance to further develop their skills. product or service.
The complete program for CyberUK 2022 can be found here.