Re: thought leadership
toggle quoted message Show quoted text
The CNCF is being looked to as a thought leader, and as I read the mission statement it seems to clearly evoke a strong leadership role “fostering and sustaining an ecosystem.” I like Liz’s framing of the CNCF thought leadership roles as “curating, not inventing.”
To address the specific questions on security, I want to highlight some of the work of the SAFE WG, which provides a foundation for the kind of resources that I believe will be useful to executives who are making decisions about cloud native technologies and would like to understand security implications.
Published resources based on initial vision and charter:
Other in-progress resources:
We recently prioritized the security white paper, now that it is a bit more clear the audience and purpose of that resource. We appreciate that the CNCF and the Linux Foundation is supporting this effort and look forward to collaborating with Jessica Wilkerson, Linux Foundation Cybersecurity Research Director on that effort.
SAFE WG, co-chair
p.s. I completely agree on the need for more guidance on compliance (HIPAA, GDPR have come up a lot in discussions, and my hope is that the current work on shared terminology and categorization the existing technologies and common approaches for enforcement, verification, auditing, explainability, etc. will serve as a solid foundational for additional resources.)
On Fri, Mar 22, 2019 at 12:17 PM Doug Davis <dug@...> wrote: