Standardizing Secure Cloud Infrastructure for Financial Services
Stop mapping security controls manually. Start automating your cloud compliance.
Join the FINOS Common Cloud Controls (CCC) maintainers and community for a hands-on workshop exploring how the financial industry is collaborating on open standards for secure cloud infrastructure. Building on momentum from recent CCC workshops and industry adoption, this session will introduce the CCC project, demonstrate how organizations can use the controls and tooling in practice, and showcase progress across the ecosystem.
Workshop Description
Cloud adoption across financial services continues to accelerate, but inconsistent security controls, fragmented regulatory expectations, and cloud-vendor lock-in are major obstacles. This session will move past theory into practical application. Attendees will learn how the controls map to real-world cloud security requirements and see live demonstrations of validator tooling, control catalogs, and compliant infrastructure implementations across cloud providers. The workshop will conclude with practical, interactive exercises where participants can explore the standards themselves, contribute feedback, and get hands-on with the project.
WHO SHOULD ATTEND?
This session is designed to help technical professionals understand how CCC can reduce duplication, improve transparency, and strengthen cloud security collaboration across financial services.
- Cloud & Platform Engineers: Who need to define and deploy standard, compliant patterns across AWS, Azure, and GCP.
- Security Architects: Who want to move from manual security reviews to "Policy-as-Code" validation.
- Risk & Compliance Leads: Who need a transparent, verifiable way to map cloud infrastructure directly back to regulatory requirements.
- Open Source Contributors: Looking to get hands-on with the standard, provide feedback, and help shape the future of the project.
What You Will Walk Away With:
- Mapping Controls to Reality: A clear understanding of how CCC translates high-level regulatory expectations into machine-verifiable cloud security requirements.
- Validator Tooling Mastery: Live demonstrations and practical knowledge of how to use CCC validator tools and control catalogs.
- Compliant Infrastructure Models: Insight into how financial institutions are achieving compliant infrastructure implementations across multiple cloud providers.
- Direct Contribution Experience: Hands-on, interactive exercises that allow you to explore the standard, provide real-time feedback, and begin contributing to the project.
WORKSHOP PREREQUISITES & REQUIREMENTS:
- Laptop Required: You will be participating in interactive exercises and reviewing control catalogs.
- Technical Baseline: Familiarity with Public Cloud infrastructure (AWS/Azure/GCP), basic security principles, and Infrastructure as Code (IaC) concepts is recommended.
Logistics & Application
- Date: Tuesday, 23 June 2026
- Time: Exact time TBD (8:30 AM – 12:00 PM UK)
- Location: London (Venue details provided upon acceptance)
- Cost: Free for approved applicants (Standard Value: £1,000)
Note: Priority will be given to individuals from FINOS Member financial institutions and regulated industries.
APPLY FOR SEAT HERE