«The CloudWATCH MTRL training was vital in helping MUSA to understand that the project solution was made of services (and products) that target different markets and to realise the importance of communicating the services to these markets. Your messaging should speak to the customer and use language and terms that they understand. As technical experts you need to realise that no matter how good the technology is, if you don’t speak the market language, then you’ll not get recognised and you’ll never get off the ground.»
Erkuden Rios, Tecnalia & Coordinator MUSA
MUSA is an ambitious project to develop solutions for what is arguably the hottest area of tech development today, information security. MUSA is developing a framework for businesses deploying distributed applications over heterogeneous cloud resources. There are known risks, and this is an area attracting massive investment in response to those risks, on November 1st, 2016 the UK announced a £1.9Bn investment to support its National Cyber Security Strategy 2016-21 to combat cybercrime.
MUSA & EU General Data Protection Regulation
The EU General Data Protection Regulation (Regulation 2016/679, ‘GDPR’) comes into force on 25th May 2018 and every business and organisation will need to comply, or face substantial financial penalty. It is recognised that the rapid adoption of cloud services has not always been accompanied by rigorous evaluation of the assurance of those services and their compliance with GDPR. This directly feeds the process of evaluation of risk that is required of good governance.
Prior to our meeting at CloudWATCH2 workshop, MUSA had a project review with their project officer that resulted in decisions that were aligned with the recommendations reached by the independent team reviewing the MUSA project and presented at the workshop.
The recommendations were arrived at after reviewing the information provided by MUSA in a pre-workshop RFI, evaluation of the information on MUSA website and reviewing sources of information of others that have a similar technological focus to solving security in the way that MUSA describe (see above). The search revealed some interesting differences in the approaches taken to describe the problem/solution and the language used in those descriptions that were included in the recommendations to MUSA.
The main benefits to the project as relayed during the workshop are:
- Independent confirmation of the decisions reached during the official project review, e.g. focusing the exploitation efforts on only part of the tools in the MUSA framework.
- Guidance on how to build on the experience of business model generation and put that in the focus of TRL/MRL to have point in time assessment and develop a trajectory for the reassessment of the TRL/MRL leading up to product release.
- It is hard work to keep on top of website refresh and an independent assessment brings to the attention what the eye does not see when you are the owner of the website.
No hard follow actions were agreed with the project. The project will end in December 2017, and is now set on a new course following its last project review.
MUSA at C2NET seminar (Tampere, September 2017)