Cloud Security Maturity Model (CSMM) Interview

WITH IANS FACULTY MEMBER AND SECUROSIS PRESIDENT MIKE ROTHMAN

1
Video Thumbnail
Why did you develop the Cloud Security Maturity Model (CSMM)?
2
Video Thumbnail
Why are you introducing a new model for cloud now? Why should anyone care?
3
Video Thumbnail
Can you tell us more about the model and the concepts behind it?
4
Video Thumbnail
How would IANS clients use the model and apply it within the context of their own environments?
5
Video Thumbnail
Aside from assessing cloud programs and projects, how else can the model can be used?
6
Video Thumbnail
How do you see the model working with other security control frameworks that already exist?
7
Video Thumbnail
In addition to the model, there is also a diagnostic tool. Can you describe the tool and its purpose?
8
Video Thumbnail
If an organization already has an understanding of their maturity, why would they take the diagnostic?
9
Video Thumbnail
What kind of organization would benefit the most from the model and this type of diagnostic?
10
Video Thumbnail
We have multiple cloud environments – how does the diagnostic account for that?
11
Video Thumbnail
What can I expect from the diagnostic output? What level of guidance does it provide?
12
Video Thumbnail
How do you use the results from the diagnostic in a consulting project?
13
Video Thumbnail
How often would you recommend a client complete the diagnostic and why?
14
Video Thumbnail
What additional developments do you see for the model and diagnostic in the future?
15
Video Thumbnail
How can the model and diagnostic results be used to present to business leadership or other audiences?

Is Your Cloud Security Optimized?

Security for cloud deployments is different from protecting traditional systems. With increased scrutiny on cloud security from large customers, Boards of Directors, and internal and external compliance assessors, all organizations need to consider the inherent security of their cloud stack and how they manage and control their access to it.

What will you get out of the diagnostic?

The CSMM diagnostic is designed to quickly determine your place on the maturity model. The point is to be able to pinpoint issues in your cloud security program and identify areas for improvement.

Take the Diagnostic Online
You will get maturity assessments across:
Entire Program Icon

Your Entire Program

You will get a score for your maturity across all three domains.

Each Domain Icon

Each Domain

You will get a score for each respective domain – Foundational, Structural, and Procedural.

Each Category Icon

Each Category

Finally, you will get a maturity score for each category within the model.

 
mike-rothman

Mike Rothman

IANS Faculty

Mike is the President of Securosis, an information security research and advisory firm, as well as Co-Founder and President of DisruptOps, a cloud detection and response company. His breadth of experience in the information security space and bold perspectives are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike started practicing and advising on security topics over 25 years ago, and he’s been trying to get out of the business ever since…to no avail.

Expertise:

  • Cloud Security Practices & Maturity
  • Security Program Building & Management
  • Security Monitoring & SIEM
  • Security Automation & SOAR
  • Email & Web Security
 

Want to know more? Let us know how we can help you.

Success! Thanks for filling out our form! Loading animation
 Privacy Statement.*

* Required Fields