BSA & Galexia Global Coud Computing Scorecard (2016) - Galexia Analytics Release
Users of cloud computing and other digital services need to be certain that cloud service providers can manage the security risks of storing their data and running their applications on cloud systems. These concerns have been intensified by a number of recent high-profile, international cybersecurity attacks, including breaches that range across the economy, from health insurance providers to hotel chains and even toymakers.
This section examines how countries regulate security criteria and test security measures. It also examines the status of electronic signature laws and the Internet censorship or filtering requirements some countries are imposing with a view to stemming certain Internet-related crimes. Overall, many countries have responded to emerging threats to cybersecurity by developing and implementing new cybersecurity frameworks, laws and policies.
The Scorecard indicates that most countries now have security requirements in place. Most also now have clear, technology-neutral electronic signature laws. Overall, cybersecurity scores have risen significantly when compared with the last Scorecard.
The Scorecard also reveals some overly prescriptive security requirements that duplicate accepted international standards and/or impose onerous local requirements. For example, Russia requires service providers to locate their data centers inside the country, and several countries have introduced local security testing requirements.
Several countries also continue to impose Internet filtering or censorship regimes that may act as barriers to the expansion of the digital economy and cloud computing. The intention of the schemes may be to address criminal conduct, including distribution of illegal material such as child pornography, but some are blocking sites that express political dissent.
The following visualisations show the transition and patterns in the overall scores and scoring components for this theme over time (from 2012 to 2016):