Security and Cloud Hosting were the main topics of the CSB-meeting on March 28. The Delft-FEWS product manager shared the status of the security roadmap activities, the security measures that can already be applied, and the documentation that is already available or will be coming up.

Security
Next to the update on the already available security measures, a newly implemented OWASP procedure was introduced. This procedure describes the steps that are taken by the Delft-FEWS development team when a new vulnerability is reported that affects the Delft-FEWS software.  A lively discussion followed with some very useful feedback, which will be used to adapt the OWASP procedure.

Cloud Hosting
Olav van Duin, product manager self-service multicloud at Deltares presents the digital transformation process Deltares is going through and what it will bring to our clients. Smart Co-creation with our clients is our primary goal for the future.  For the discussion on this topic Deltares has shared a few questions ahead of the meeting to reflect upon:

Delft-FEWS and all components can run in a cloud environment. More and more end users are considering use of the cloud (private, public, hybrid) for their software.
 
We are interested in your opinions with respect to the conditions, requirements that you have towards third-party companies hosting, supporting, and monitoring these cloud environments.
•    What requirements do you have for running your forecasting system in the cloud? 
•    What role do you envisage for Deltares for getting your operational forecasting systems up and running in the cloud?

The CSB members shared their ideas and experiences gained with running Delft-FEWS in the cloud. Their thoughts on where Deltares should focus on in the future were noted.