New Security Standards for the Cloud

At a recent workshop, there was extensive discussion of the steps to be taken to establish good security standards for cloud computing. Two initiatives were the focal point - FedRAMP and SAJACC. There was discussion of the adequacy of these standards as well as the possible alternatives.

It's a complicated issue. There are technical challenges as well as jurisdictional and leadership issues. Which agencies should take the lead? What should be the role of government?

It's an area that is going to be around for some time. There is an article on the discussion on InformationWeek.