I was glad to represent the Cloud Security Alliance at IBM La Gaude. The goal was to give an overview of cloud security issues focusing on the 7 top threats and then review the most important guidelines to IBM partners. Slides here.
It was interesting to see that cloud adoption is rising fast (even in Europe 😉 ), thanks to the efforts of IBM and other major players such as Cap Gemini. Of course, there is still a lot of hype and “cloud washing” at one hand and security concerns at the other, which have a negative effect on the adoption of cloud technology, but many tools are ready for production and real world projects are running in the cloud worldwide in lot of different domains. For example, there was a nice presentation about tools for cloud integration, and it will be interesting to see how the Cast Iron acquisition will influence the IBM cloud strategy.
However, in my opinion security tools for cloud environments are still lacking. As a consequence, private cloud is today’s answer to address the general and sometimes abstract concern with security in the cloud. A better approach would be to drill down each security risk (the CSA identified 13 different domains) and build concrete solutions for each of them.