US looking to bolster cloud security

Cloud security improvements are being mulled in the U.S. amid growing threats, according to SecurityWeek. The Cybersecurity and Infrastructure Security Agency has opened public comments for Secure Cloud Business Applications guidance aimed at bolstering government cloud visibility, standards, and security practices. Comments could be submitted for the SCuBA Technical Reference Architecture document, which contains guidelines for federal cloud, zero trust, and secure architecture deployment, as well as the Extensible Visibility Reference Framework guidebook, which details pointers on determining visibility data that could be leveraged for threat mitigation, until May 19. "We are requesting public comment on these two products to ensure our guidance enables the best flexibility to keep pace with evolving technologies and capabilities and protect the federal enterprise. Our intent is to properly address cybersecurity and visibility gaps within cloud-based business applications that have long hampered our collective ability to adequately understand and manage cyber risk across the Federal and IT enterprise," said CISA. Meanwhile, bipartisan legislation aimed at designating major cloud service providers as members of systematically important critical infrastructure is being considered in Congress.