Cloud 101CircleEventsBlog
Join AT&T's experts & CSA's Troy Leach on April 4 to boost your cyber resilience in 2024!

Working Group

Security Guidance

The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders.
View Current Projects
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

Download

Working Group Overview
The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders. CSA brings together this diverse community of industry partnerships, international chapters, working groups, and individuals to create the Cloud Security Guidance.


CSA Security Guidance v5 in development
The CSA Security Guidance v4 has become a fundamental source for best practices in the cloud. We plan on updating this core research to integrate the latest best practices in cloud and aligning with version 4 of the CCM and CAIQ. This document is a proposal to restructure the fifth version of Guidance with details around each option. 


Drafts & Important Docs

Working Group Leadership

Rich Mogull
Rich Mogull

Rich Mogull

CEO at Securosis

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and fe...

Read more

Publications in ReviewOpen Until
AI Governance & Compliance in the IndustryApr 06, 2024
AI Legal and Regulatory LandscapeApr 06, 2024
CSA Large Language Model (LLM) Threats TaxonomyApr 19, 2024
Information Technology Governance, Risk, and Compliance in Healthcare v2Apr 26, 2024
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

AI Governance & Compliance in the Industry

Open Until: 04/06/2024

Governance and compliance serve as integral components of organizational management, ensuring adherence to regulations, sta...

CSA Large Language Model (LLM) Threats Taxonomy

Open Until: 04/19/2024

This document establishes a common taxonomy and definitions for key terms related to AI risk scenarios, threats, and contro...

Information Technology Governance, Risk, and Compliance in Healthcare v2

Open Until: 04/26/2024

Cloud GRC is an effective means for organizations to gather important risk data, validate compliance, and report results. O...