#eucs — Public Fediverse posts

Wie geht es weiter bei #Cloud #Cybersecurity?

Wo die EU in 5 Jahren nicht in der Lage war, sich auf ein einheitliches Zertifizierungsschema für Cloud (#EUCS) zu einigen, kann man davon ausgehen, dass zumindest der neue C5 die Themen Datensicherheit und Cloud #Souveränität stärker adressiert als bislang - dies betrifft u.a. die Aspekte der Lieferkettensicherheit, (Post Quanten)-#Kryptografie, Confidential Computing sowie die örtlichen Belegenheit von verarbeiteten Daten:

https://background.tagesspiegel.de/it-und-cybersicherheit/briefing/das-update-fuer-die-cloud-sicherheit

CNIL: Actuellement, le projet #EUCS ne permet plus aux fournisseurs de démontrer qu’ils protègent les données stockées contre tout accès par une puissance étrangère contrairement à #SecNumCloud. La CNIL appelle à rehausser le niveau de protection 👉 https://lnkd.in/eTTV6xrv

Actuellement, le projet #EUCS ne permet plus aux fournisseurs de démontrer qu’ils protègent les données stockées contre tout accès par une puissance étrangère contrairement à #SecNumCloud. La CNIL appelle à rehausser le niveau de protection 👉 https://www.cnil.fr/fr/cloud-les-risques-dune-certification-europeenne-permettant-lacces-des-autorites-etrangeres

How should #Europe protect its digital ☁️ infrastructure from third-country actors?

The EU's cloud certification scheme #EUCS aims to set criteria for certifying cloud providers over their security attributes.

Is there such thing as too sovereign?

https://www.euractiv.com/section/data-privacy/news/sovereignty-requirements-for-cloud-providers-will-not-make-it-to-commissions-proposal-for-implementing-act/

France questions latest EU cloud certification scheme https://www.euractiv.com/section/digital/news/france-questions-latest-eu-cloud-certification-scheme/?utm_source=dlvr.it&utm_medium=mastodon #cloudcertificationscheme #cloudcomputing #EUCS

European industrial giants condemn latest EU cybersecurity agency decision on cloud sovereignty https://www.euractiv.com/section/competition/news/european-industrial-giants-condemn-latest-eu-cybersecurity-agency-decision-on-cloud-sovereignty/?utm_source=dlvr.it&utm_medium=mastodon #cloud #ENISA #EUCS #Europeancybersecuritycertificationscheme

France, EU to take landmark decisions on cloud sovereignity requirements https://www.euractiv.com/section/data-privacy/news/france-eu-to-take-landmark-decisions-on-cloud-sovereignity-requirements/?utm_source=dlvr.it&utm_medium=mastodon #cloud #ENISA #EUCS #EuropeanCloudServicesschemeEUCS #healthdata

Zuerst #Hardliner, nun #Warmduscher? #EUCS

Seit drei Jahren nun schon verhandelt man über ein europäisches #Cloud Cybersecurity Certification Scheme - und schon 2022 hatte ich der EU-Kommission in einem Gutachten geschrieben, dass die im Entwurf skizzierten Cloud-Souveränitätsanforderungen nicht in der Lage sind, nachhaltig Technologiesouveränität herzustellen. Nun fliegen sie offensichtlich raus.

https://background.tagesspiegel.de/digitalisierung/frankreich-knickt-bei-cloud-cybersicherheit-ein

EU cloud scheme slightly tones down sovereignty requirements https://www.euractiv.com/section/cybersecurity/news/eu-cloud-scheme-slightly-tones-down-sovereignty-requirements/?utm_source=dlvr.it&utm_medium=mastodon #cloudservices #digitalsovereignty #EUCS

RT @BertuzLuca
The Commission chose US hyperscaler Oracle as the cloud provider for EU institutions for the next 6 years. I wonder what
@ThierryBreton & the strategic autonomy advocates think about this. Would Oracle meet the sovereignty requirements in #EUCS?

https://www.oracle.com/emea/news/announcement/european-commission-selects-oracle-cloud-infrastructure-2023-10-30/

Talked #compliance, the #EUCS and #OPA at #Google in #Stockholm this evening. A surprising amount of people attending actually gave a fuck.

It's hot outside, but you know what's even hotter? The #CloudNative meetup taking place at the Google office in #Stockholm this evening. I'll be talking about how to translate "real" policy, like the upcoming #EUCS framework into #PolicyAsCode using #OpenPolicyAgent and #Rego. Also, my buddy Abdel to present on ambient service mesh and #Istio. Good times!

https://community.cncf.io/events/details/cncf-stockholm-presents-stockholm-cloud-native-community-group-june-2023-meetup/

#CloudNativeNordics #CNCF #DevOps #DevSecOps #Code

Die EU COM hat mich beauftragt zu prüfen, welche Anforderungen in das EUCS eingeführt werden sollen. Das Gutachten wird in der heutigen Ausgabe vom Tagesspiegel zitiert. -> Das EUCS hat in der aktuellen Fassung inhaltlich noch einen langen Weg vor sich.

https://background.tagesspiegel.de/cybersecurity/zu-viel-politisierung

#eucs #csa #cybersecurity #politik #kommission #enisa #bmi

My #KubeCon talk from Amsterdam a few weeks ago is now up on YouTube! The #EUCS — a compliance certification scheme for service providers in the cloud — is on its way, and will have a big impact on how organizations work with #security, #compliance and #automation. A holistic framework like the EUCS provides #policy controls applicable to the whole stack. How would we codify and enforce such rules?

#OPA #PolicyAsCode #Rego #OSCAL @enisa_eu

https://www.youtube.com/watch?v=XoWf4QcSbDw

15:25 today at #KubeCon, I’ll talk about the upcoming #EUCS scheme for cloud service providers, and how #OpenPolicyAgent and other #CloudNative technologies can help solve #compliance and certification challenges across organizations. Join in, it’ll be fun!

https://kccnceu2023.sched.com/event/1HyW6

Studying the #EUCS framework pending my upcoming talk on the topic at #KubeCon in two weeks. Some of the rules around #identity and #IAM seem rather dubious to me. Like the requirement to automatically block users after certain period of inactivity (2 months), or X number of failed authentication attempts, with "approval from authorised personnel" required to unlock them. What could possibly go wrong..

Nice introduction
---
RT @enisa_eu
✅Want to know more about EU Cybersecurity Certification?

#ENISA has launched a mini-site to promote and disseminate information related to #cybersecurity #certification and the schemes in progress.

Check it out 🌐https://europa.eu/!dBYHDD
#EUCC #EUCS #EU5G
https://twitter.com/enisa_eu/status/1637725671798734848

✅Want to know more about EU Cybersecurity Certification?

#ENISA has launched a mini-site to promote and disseminate information related to #cybersecurity #certification and the schemes in progress.

Check it out 🌐https://europa.eu/!dBYHDD
#EUCC #EUCS #EU5G

🐦🔗: https://n.respublicae.eu/enisa_eu/status/1637725671798734848

Looks like #KubeCon EU will be a real #OpenPolicyAgent event this year! 😍 Maintainer track with @charlieegan3, Conftest talk by @NYTimes devs, #OPA for #EUCS compliance with me and Robert Ficcaglia, a contribfest session, *and* OPA and #Styra booths! And as a cherry on top, @Peteroneilljr doing a lightning talk on how to level up in the #CNCF RPG.

Can't wait 🚀

#KubeConEU #CloudNative #OpenSource

Joint industry communication on the #EUCS :
---
RT @CCIAeurope
Press release 📑 Cybersecurity: EU #Cloud Requirements Risk Excluding International Suppliers, Global Businesses Warn

🗨️ "The #EUCS proposed by ENISA would severely restrict competition and customer choice, but also undermine #cybersecurity."

👇 #TTC
https://www.ccianet.org/2022/12/cybersecurity-eu-cloud-requirements-risk-excluding-international-suppliers-global-businesses…
https://twitter.com/CCIAeurope/status/1598240730572640256