Anthony Lim is a pioneer and veteran in the Asia Pacific cyber-security and governance space, with over 20 years’ professional experience and in a variety of domains. He is a consultant, advocate, instructor and business leader. He has held inaugural Asia Pacific business director positions at IBM, CA and Check Point and was also a senior cyber-security advisor at a leading industry analyst firm in the region. He is also a director ofcloudsecurityalliance.org, advisor of isc.orgSingapore Chapter, and an ISO-27001 (ISMS) Lead Auditor.
Anthony is a long-time well-known speaker and content-provider for many regional and local industry, business, government and academic conferences, workshops, trainings, committee and media (print, broadcast, internet) and is interviewed often on TV news, on matters of cyber-security and governance.
He was a member of the author team of the world’s leading professional technical certification for cloud computing, and helped test-drive another for software security. He is a fellow of a Singapore university and a life alumni of the University of Illinois, Urbana-Champaign.
CLOUD SERVICES AND DATACENTER SECURITY GOVERNANCE FRAMEWORKS
Cloud services innovation, deployment and consumption are proliferating at a runaway rate today, for all the good reasons of opex cost management, storage, staging, business continuity, scalability, agility et al. New services like FinTech, IOT, mobile apps, SD-WAN etc all use the cloud infrastructure, and at the core of it, the datacenters, which host and run the storage, switches, networking, compute power, as well as the service reliability and robustness.
There are security and governance concerns, primarily regarding data and availability, given that cloud is an outsourced model and the consumer tends to lose visibility and control.
Hence it is paramount to consider and comply with nationally and internationally established security and trust frameworks and certifications, such as from ISO, CSA and also some local ones from monetary authority, government, etc – as at least a next-best assurance and trust reference, that certain processes, policies and methodologies are in place to ensure the cyber security of the cloud services. We also look at a sampling of statements of assurance from some big cloud providers like Microsoft, Amazon and local telcos.