The Organisation of the Islamic Cooperation-Computer Emergency Response Team (OIC-CERT) Cloud Security Working Group, co-chaired by the UAE Cybersecurity Council and National Telecommunications Regulatory Authority, unveiled the OIC-CERT Cloud Security Framework.
It was officially launched by H.E. Dr. Mohamed Hamad Al Kuwaiti, Head of Cybersecurity, United Arab Emirates Government, and H.E. Dr. Ahmed Abdel Hafez, Vice President of the National Telecommunications Regulatory Authority for Cybersecurity Affairs, and Head of the Executive Bureau of the Supreme Council of Cybersecurity, who have been spearheading the initiative since November 2022. It took place at the GISEC CISO Circle during GITEX GLOBAL 2023.
The framework is set to revolutionise cloud security governance and compliance for OIC member states. In a collaborative effort, this milestone represents a unified approach to address the pressing need for risk assessment, management, and technical challenges in cloud computing.
H.E. Dr. Mohamed Hamad Al Kuwaiti, Head of Cybersecurity, United Arab Emirates Government, stated: “The release of the OIC-CERT Cloud Security Framework marks a pivotal moment in our ongoing efforts to bolster cybersecurity in the cloud computing domain. This initiative has been a collaborative endeavor led by UAE and Egypt, and its significance against the backdrop of digital transformation is critical, given that cloud computing powers the future digital economy by enabling other technologies such as AI. This framework offers a comprehensive approach to tackling the ever-evolving challenges of cloud security.”
H.E. Dr. Ahmed Abdel Hafez, Vice President of the National Telecommunications Regulatory Authority for Cybersecurity Affairs, and Head of the Executive Bureau of the Supreme Council of Cybersecurity, said: “Cybersecurity has received great attention in the Egyptian constitution. As businesses migrate their data to the cloud, securing the cloud infrastructure is becoming increasingly crucial for business continuity, data protection, and regulation. We are glad to jointly cooperate with the esteemed UAE Cyber Security Council, driving the initiative to develop this OIC-CERT Cloud Security Framework to provide high-level strategic guidance necessary for cloud development.”
In today’s digital era, there’s an increased uptake of new technologies like cloud computing, the Internet of Things (IoT), blockchain, quantum computing, and AI. This requires multiple vendors and makes the cloud ecosystem more complex and diversified. In addition, cloud security threats are constantly evolving and bring greater challenges for security governance and compliance. Cloud computing can unleash a new era of intelligence and is transforming rapidly. However, it introduces more security risks, requiring greater cloud security controls that align with international best practices.
The OIC-CERT Cloud Security Framework is meticulously crafted to safeguard the interests of OIC member states, championing cloud security controls, standards, governance, and compliance. In an era where cloud computing is the prevailing standard, this framework offers a comprehensive strategy to navigate the intricacies and inherent risks of cloud adoption. It empowers organisations and entities by enhancing productivity through improved visibility, reduced complexity, and automated risk assessment, thereby streamlining cloud management to boost operational efficiency.
Simultaneously, it mitigates risk through well-defined security control domains, ensuring transparency, measurability, and traceability in security management, ultimately facilitating a holistic and effective approach to security governance. In addition, it bolsters compliance by helping organizations adhere to pertinent regulatory requirements within the cloud, effectively alleviating compliance-related challenges.
Discussion about this post