Security framework to achieve a continuous audit-based certificationn in compliance with the EU-wide cloud security certification scheme

Cloud computing is an essential element of innovative economies. The European Commission’s recent Data Strategy aims to make it possible for European businesses to access more secure, sustainable, interoperable, environmentally friendly and scalable cloud infrastructures and services. Despite trust-building efforts, the adoption of cloud computing is limited. A perceived lack of security and transparency is the reason for the slow uptake. The EU-funded MEDINA project will work to counter this trend. It will propose a framework for achieving a continuous audit-based certification for cloud service providers, complying with the EU Cybersecurity Act. The project will also address the definition and assessment of technical and organisational measures, security testing, machine-readable certification language and audit evidence management.