SCF National Cyber Parks - Cloud Range (CLD)

The Secure Controls Framework (SCF) is focused on security, compliance & resilience capabilities. 

Security + Compliance + Resilience is a unified objective. With this multi-discipline approach to cybersecurity and data protection, it signals that an organization isn’t just protected, but also meets its compliance requirements and can quickly bounce back from incidents.

The SCF is a framework and technology-agnostic approach to cybersecurity and data protection controls that can be used to identify, implement and manage secure, compliant and resilient capabilities that covers an organization’s People, Processes, Technologies, Data and Facilities (PPTDF).

As part of the SCF's cybersecurity awareness initiative, we created a National Cyber Park for each SCF domain. Of the SCF's thirty-three (33) domains, this article focuses on the Cloud Security (CLD) domain.

Cloud Security (CLD)

CLD Domain Principle

Govern cloud instances as an extension of on-premise technologies with equal or greater security protections than the organization's own internal cybersecurity & data privacy controls. 

CLD Domain Intent

Organizations govern the use of private and public cloud environments (e.g., IaaS, PaaS and SaaS) to holistically manage risks associated with third-party involvement and architectural decisions, as well as to ensure the portability of data to change cloud providers, if needed. 

SCF National Cyber Parks

For fans of the SCF who want some free user awareness posters, you can access this master poster that has links to each of the SCF's National Cyber Parks.