Contact Us

Tech group urges G7 to standardize cloud security certification

BSA The Software Alliance has urged G7 nations to standardize cloud security certification to improve cooperation and counter national data localization. Representing companies like Microsoft and IBM, BSA argues this would ease compliance while maintaining high security standards.

AFP TECH
Published October 01,2024
Subscribe

A leading tech industry group on Tuesday called on G7 nations to harmonize cloud security certification across the world's richest nations, in an effort to stoke cooperation and counter calls that data should stay within national borders.

Industry group BSA The Software Alliance, which represents tech giants including Microsoft and IBM, argues that its initiative would reduce compliance burdens for cloud service providers while maintaining robust security standards.

"We encourage governments to look at where their cloud requirements are effectively the same, but using different language," said Aaron Cooper, senior vice president of global policy at BSA.

Greater unity among G7 nations could also "hopefully lead to a recognition that localization doesn't aid with security," he added. "But that's not specifically what this proposal is about."

The G7 nations are the United States, Britain, Canada, Japan and EU member states France, Germany and Italy.

Reliance on cloud computing, instead of companies or governments running software on-site, is regarded as computing's new reality.

This has been further cemented in recent years due to the intense processing needed to deliver artificial intelligence capabilities, with few companies able to alone provide the data infrastructure necessary.

The growth in-cloud computing has sparked governments worldwide to implement cloud security certification requirements to mitigate risks associated with widespread cloud adoption, such as cyber attacks, data theft or legal problems.

While these certifications have a lot in common, some countries, notably G7-member France, are insisting that cybersecurity standards come with strict geographic requirements in order to not leave sensitive or private data in foreign hands.

France's position has helped cause the delay of the EU's long promised cybersecurity standard, known as EUCS, with several EU member countries opposing Paris.

BSA also opposes that stance, instead arguing that cybersecurity agencies across friendly nations should find ways to cooperate.

Closer cooperation could also offer cloud companies easier market access and provide customers with a wider array of secure cloud options, BSA said.

BSA members also include Oracle, Siemens and ChatGPT-maker OpenAI.