Cloud Security Alliance Asia-Pacific Congress - A Review

Cloud Asia 2013

Cloud Asia

Impressions from Cloud Asia – 2013

The cloud computing market in Asia is expected to earn revenues of over $12 billion in the year 2016.  While the aforementioned is only a small percentage in comparison to the global market that is expected to reach $130 billion in the same year according to Gartner, the average annual rate of growth each year is 34%, making Asia the largest growing market for cloud computing in the world. This message was the central theme during the Cloud Asia 2013 conference that took place in Singapore during mid-May.  Although Asia arrived late to the cloud computing market, it is storming the market with much decisiveness, as proven by more than 400 visitors from over 15 countries during the conference.  The adoption of the idea has begun in a similar manner as in other countries via the SMB market, but the presence at the conference of large companies from Japan, China, India, and Korea proves that big organizations are formulating strategies to enter the market.  “It is no longer a question of "if I should move to cloud computing?" but rather "When?" and "How?” said Eddie Chau, founder of Brandtology, whose lecture gave exposure to the Asian venture capital industry and elaborated his wish list from cloud computing providers.

Substantial differences to consider between Asia and Europe/U.S regard the nature of the content in the congress.  Conferences regarding cloud computing in the rest of the world allocate substantial time to legal matters such as privacy, responding to different regulations, trust relationships and responsibility distribution between the cloud provider and the consumer.  These issues only played a small part at cloud Asia, while the majority of the content focused on customer stories, methods for adopting/ strengthening cloud computing, and other technological issues like Big Data, Identity Management, and Cloud Forensics.

Amongst the lectures, it was interesting to listen to the lecture of Dr. Ryan Ko, research manager at Cloud Security Alliance, who presented his research on cloud Computing incidents and outages. In his research, Dr. Ko analyzed more than 11,000 published articles on cloud computing incidents and succeeded in identifying more than 172 major events between 2008-2012.  According to his data analysis, 60% of these events were related to security and only 10% were due to, for example, hardware failure.

Other interesting lectures that stood out included that of Todd Thiemann, Vice President of Marketing at Private Core, who surveyed various encryption methods used by cloud computing and detailed their advantages and disadvantages, and that of Raymond Lay, CiSO for Golden-Agri Resources Ltd., who spoke about the computing transition in his company towards the production of cloud computing and how they coped with security issues and new dangers.

The second day of the conference began with a lecture given by Daniel Catteddu, Cloud Security Alliance’s EMEA Manager, who spoke about the need for certification amongst the providers of cloud computing as a necessary means for creating trust in the industry.  Daniel surveyed the development of standardization regarding cloud computing around the globe and the established governmental programs in Asian and European countries.  He also described the vision of the CSA in regards to Open Certification Framework, a program for the certification of cloud computing providers regarding security, which should be official by September.

Jim Reavis, Vice President of Cloud Security Alliance ended the conference with a fascinating lecture in which he examined the opportunities for cloud computing both internationally and in Asia alone.  During the lecture, Jim spoke about how cloud computing and Big Data entail the potential for fixing large injustices and gave examples of how Big Data can be used to identify pandemics and natural disasters.  Jim spoke about his belief that cloud computing security should be able to transfer the power to the user and that it is a necessary step in order to transform cloud computing into a commodity infrastructure such as electricity and water.  He ended his lecture with a series of suggestions aimed at governments, cloud computing providers, and cloud consumers.  Jim recommended to the governments to adopt international treaties regarding privacy, to balance different regulations, and to invest in the SaaS market, rather than to build new data centers.  To the cloud provider he recommended that they invest in transparency ("Transparency is the new green", he said) and in the strengthening of customer trust.  For organizations considering the adoption of cloud computing, Jim claimed that waiting on the fence is no longer an option.  The only way for IT to remain innovative and involved is via intelligent strategic regarding the transition to cloud computing with appropriate risk management and while considering the compatibility of the organization’s architecture.

About the author:

MFMoshe Ferber is an entrepreneur and lecturer in the field of information security, with a record of 20 years in the market. After serving as Information Security Department Manager for Ness Technologies (NASDAQ: NSTC), Mr. Ferber founded Cloud7, a Security as a service provider (currently a Matrix company). Today Mr. Ferber is focused mostly on new ventures as partner and investor at FortyCloud and Clarisite.  Mr. Ferber also serves as a certified trainer for the Certified Security Alliance and is promoting best practices for cloud computing security. List of courses and additional information can be found at

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013
Join our newsletter and receive for FREE, our premium edition “Brute Force and Supply Chain Attacks”