This kick-off meeting for the new platform for cloud stakeholders was attended by around 70 participants; the usual representatives from the previous Cloud Select Industry Groups (C-SIGs) were joined by many new faces. This was already an encouraging sign, as one of the main priorities stated by the Commission was to widen the discussion and encourage new stakeholders to join, especially SMEs and the public sector.
During the last plenary session of the C-SIG in February this year, the Commission discussed with industry stakeholders the extent to which the C-SIG was still up to date as a platform for discussion of the challenges and opportunities of cloud computing, in the new policy context. Moreover, on the same occasion the Commission also invited participants to assess the work streams, and to suggest new ones as they saw fit.
To kick-start the discussions, the Commission invited several key actors to present the past work of the platform, before it formally brought the C-SIG as we knew it to an end. Among those who have closely followed the work (which started as early as in 2012), there was clear consensus that the group had achieved important results. To mention just a few: the EU Code of Conduct for cloud service providers (currently overseen by SCOPE Europe), model contract clauses, service level agreements (SLAs), certification schemes list and meta-framework, including the Commission’s direct experience of tendering for cloud computing services and applying what it preaches. Among the attendees there was also a consensus that this great work needs more visibility and wider dissemination, as it seems that many stakeholders are still not aware of these useful tools when it comes to cloud computing uptake.
Moving forward with a new form of collaboration which will harness the work of the C-SIG, the second part of the meeting focused on impulse presentations, followed by brainstorming break-out sessions. These looked at the following key aspects: data portability, security and cloud certification, uptake by the public and financial sectors respectively, and the challenges faced by SMEs.
While the brainstorming sessions on data portability and cloud certification were overcrowded, the sessions looking at the financial and public sectors uptake were less attended – but the discussions were no less lively. The session specifically dedicated to the challenges faced by SMEs underlined the particularities that companies with more limited resources have to deal with. In the past, all these aspects have been less extensively discussed and the relevant stakeholders are only now starting to get more engaged. Therefore the specific issues in these sectors are still to be thoroughly identified and recommendations provided.
The lack of trust and perceived security risks seem to remain of high concern. When it comes to the uptake of cloud computing by the financial sector, what needs to be kept in mind is that the complexities of the financial regulations make the entire equation more difficult. Various requirements relating to financial data management and to control by financial authorities, on top of the general technical requirements (which apply to any sector), combine to make the financial sector rather more challenging than others. For the public sector, the challenges which surfaced reflect the fact that the national structures relating to the responsible persons managing the country’s IT systems – cloud included – differ significantly. Not all countries have national CIOs, some have various CIOs at different levels, and the legacy systems tend to be very long.
To sum up, the discussions covered many work streams, and currently the Commission is looking at what came out of the meeting. An essential point to be kept in mind is that the new cloud platform can work only if all stakeholders keep involved, express their concerns and actively participate in the search for solutions to the identified challenges. The intention now is to structure the work of the new platform by defining its governance, identifying among stakeholders the (co-)chairs of the different working groups, and mixing cloud suppliers with cloud users. Since the platform is foreseen to be autonomous by 2019, it is up to the stakeholders themselves to set the objectives, develop the work streams and achieve the deliverables. For now, we are waiting for the Commission to provide more details on the future work of the platform before it brings all stakeholders together in autumn.