Unsubscribe from this newsletter by sending us an email.
   
2.5.2015
CSA APAC Monthly Codebook
 
 
 
 
Welcome to the CSA APAC Cloud Codebook!
A monthly newsletter, and your source for the most up-to-date news on CSA APAC Region.
 
 
 
 
 
 
 
 

Corporate Members Spotlight

Check out what our corporate members are doing!

 
 

Meeting with Aconex, 29 January , Melbourne, Australia


 
 

The CSA APAC team visited Aconex's office in Melbourne on the 29th of January and met up with Aconex's CIO, David Chatterton and VP of Information Security, Michael Bruttigand. The team shared with Aconex the top 5 cloud trends changing information security and activities that CSA has been doing in the region.

 
 

CSA APAC Research Activities

Check out our research activities!

 
 

Mobile Application Security Testing (MAST) Working Group

Mobile Application Security Testing Working Group releases its white paper which incorporates elements in NIST’s SP 800-163, ISO 27034, Domain 10 of CSA’s Security Guidance (Application Security) as well as other best practices documents The goal of the project strives to create a more secured cloud ecosystem to protect mobile applications. Engineering methods are established by system protection and applied to structure, design testing, and review of applications. These assist in integrations and introduce security, quality control, and compliable evidence in mobile application development and management. The current version uses Special Publication 800-163 as the basis of consideration in determining the classification level for basic security vetting specifications. Security classification can be divided into three categories. Level C has 40 items, any single violation results in one point deduction. Consecutive violations of certain Level C items will be escalated to become Level B violation. Same rule applies to Level A similarly. The vetting benchmark provides the third party institution related App security vetting, vetting result analysis, and security risk assessment for mobile Apps and their corresponding security level rating, by which mobile app security level are perfected. The vetting standard complies with 「CSA MAST Mobile APP Security Testing and Vetting」to provide the necessary security vetting items and benchmarks for mobile apps. This vetting standard items can be applied to the common functionalities of mobile app of non-specific domain and mobile app to ensure the tested mobile app’s conformance to the Mobile APP Basic Information Security Specifications security classification and corresponding security requirement. Differentiations between the information security specification required by the domain functionalities of specific domain mobile apps and the vetting standard are suggested to be researched and written in the later revised versions.

 
 

If you wish to contribute your opinions and comments, please visit this Google Doc and leave us your valuable comments!

Remember to fill in your name, organisation and email in the form when making your contributions so that you could be recognised as one of the contributors to the white paper!

 
 

CSA Events and Activities

The latest updates about CSA APAC events and activities.

 
 

CloudAsia 2016 and CSA APAC Summit 2016 Industry Briefing, 28 January, Singapore


 
 

CSA together with ImageEngine and Infocomm Development Authority (IDA) of Singapore organised an industry briefing on 28th January to announce the new partnership of CSA APAC Summit and CloudAsia 2016.We are excited to share that CSA APAC Summit will be the curtain opener for CloudAsia 2016. The briefing was held at the IDA's office in Singapore where we saw more than 60 organisations attending the briefing, including representatives from some of the most recognisable ICT companies worldwide.

 
 
 

Chapter Spotlight

Featured chapter of the month

 
 

Waikato Chapter


 
 

Formation of Waikato Chapter was announced together with the announcement of the AN/Z Regional Coordinating Body. The Waikato Chapter covers the Waikato region located in the upper north island of New Zealand. We have seen strong support from our newly joined corporate member - Waikato District Health Board and our STRATUS partner - University of Waikato through out the region. With the help of our chapter chairman Sai Honig, we hope to see the rapid growth of cloud security awareness in the Waikato region.

 
 

APAC Volunteer Leadership Spotlight

 
 

Mr. Liu ZhiLe


 
 

Mr. Liu Zhi Le, chairman of CSA's HangZhou chapter. He also holds other roles as Vice President of HangZhou CCF YOCSEF 2016, Deputy Director of Zhejiang Province Security Association Technical Committee of Information Security Association, a member of the board for OWASP China Chapter, XP Range Challenge and XCTF League Technical Committee (hosted by China Cyberspace Security Association).

Mr. Liu is also DBAPPSecurity's Chief Security Officer and Senior Vice President. He is currently taking his EMBA in Peking University and was appointed Distinguished Professor of Zhejiang Normal University. He was awarded with the second Zhejiang Science and Technology Progress Award in 2015 and the first ever "CISP Elite". Mr Liu and his team are experts in information security field. Their researches and inventions cover innovative information security fields such as smart city security, big data security and situation awareness.

Mr. Liu is very passionate about information security, actively participating in multiple leading international information security events such as Blackhat and RSA Conference. He had presented in 2012's OWASP Annual Summit in Sydney. Aside participating in international platforms, he had also presented multiple times in China's premier information security summit and forum. As a subject-matter expert in network security group, he participated in the 2015 World Internet Conference network security protection forum. He is currently involved in 2016's G20 Summit in network security protection.

 
 

Upcoming Events

Come and Join Us!

 
    CSA APAC Events
  • CSA APAC Summit 2016, 3 May, 2016, Suntec Convention Centre, Singapore
  • Cloud technology has evolved from an exciting technology novelty into a white hot resource. Yet, adoption is far from optimal, and technological innovation within the field continues unabated. Never before has technology been so entwined with organizational optimization as with the advent of cloud. Charting viable directions from the myriad technology permutations for both users and their technology providers can be a daunting proposition. Which is why we are putting together the CSA APAC Summit 2016. To discuss, update,explain, clarify, and help out map out your future in the Cloud.

    Mark your Calendar now for 3rd May, 2016 For more information, please contact: csa-apac-summit@cloudsecurityalliance.org

  • 4th CSA APAC Leadership Workshop, 4 May, 2016, Suntec Convention Centre, Singapore
  • Inaugural CSA STAR Certification Summit, 5 May, 2016, Suntec Convention Centre, Singapore
  • 3rd CSA Japan Chapter Summit, 24 May, Japan
  • 2nd CSA Hong Kong Chapter Summit, 18-19 May, Hong Kong
  • 4th CSA ASEAN Summit, June, Bangkok, Thailand
  • Inaugural CSA APAC Government Cybersecurity Forum, September, Singapore
  • 2nd CSA APAC Innovation Conference, October, Hong Kong
  • 4th CSA APAC Congress, November, Bangalore, India
    CSA APAC-Supported Events
  • CloudAsia, 3-5 May, 2016, Suntec Convention Centre, Singapore
  • CloudSec 2016, 11 August, Chengdu, China
  • CloudSec 2016, 18 August, Mumbai, India
  • CloudSec 2016, 23 August, Singapore
  • CloudSec 2016, 30 August, Hong Kong
  • CloudSec 2016, 8 September, Seoul, Korea
 

Contacts

 
    If you are interested in utilising the CSA Cloud Codebook for marketing purposes, please contact the co-editors.