Mission Statement
To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. Learn more
To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. Learn more
May 14, 2018
System to be based on a common framework for deployment, use and maintenance Seattle, WA– May 14, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announces that it has partnered with the Federal Risk…
May 11, 2018
Joins world-class speaker line-up of federal and cybersecurity experts Seattle, WA – May 11, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announced today that Bob Gourley, former CTO of the Defense Intelligence Agency…
May 10, 2018
Presentations to focus on how agencies can shift to a secure cloud for mission critical systems Seattle, WA – May 9, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, is pleased to announce the speaker…
May 09, 2018
World’s leading cloud security organization brings its premier event to Europe’s top information security conference Seattle, WA – May 9, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the agenda for the second…
April 23, 2018
ATLANTA, GA (April 23, 2018) – The National Technology Security Coalition (NTSC) and the Cloud Security Alliance (CSA) announced a partnership to advance cloud computing security at the RSA Conference’s CSA Summit on Monday, April 16. Pete Chronis, CISO of Turner and an NTSC Board Member, announced the partnership during his talk “The CISOs’ role…
April 19, 2018
What would happen to our daily lives if our most commonly used methods of encryption were to suddenly disappear? SEATTLE, WA and SAN FRANCISCO, CA – RSA Conference Booth #1039 – April 19, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help…
April 17, 2018
Eighty-three percent of companies lack confidence in their ability to meet May 25 deadline SEATTLE, WA and SAN FRANCISCO, CA – RSA Conference Booth #1039 – April 17, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing…
April 16, 2018
Paper offers key considerations for corporations seeking to collaborate on security incidents impacting the cloud environment SEATTLE, WA and SAN FRANCISCO, CA – RSA Conference Booth #1039 – April 16, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure…
Security Boulevard | May 18, 2018
Secure Cloud Migration and the Cloud Security Alliance
CSO Online | May 16, 2018
Cloud Security Alerts: Automation Can Fill Gaps in Multi Cloud Approach
Washington Post | May 15, 2018
The Cybersecurity 202: Security community has its own encryption debate after discovery of new flaw
HostReview | May 15, 2018
Cloud Security Alliance Announces FedSTAR, A New Joint Certification System With FedRAMP
Federal News Radio | May 15, 2018
FedRAMP, Cloud Security Alliance creating new joint certification system
GoCertify | May 14, 2018
(ISC)² Security Congress 2018 a Top Cybersecurity Destination
Azure Blog | May 10, 2018
In case you missed it: 10 of your questions from our GDPR webinars
JD Supra | May 10, 2018
Ballard Sphar Interviews Two Leaders of the Colorado Information Security Community
May 21, 2018
By Rich Campagna, Chief Marketing Officer, Bitglass Barely five years old, the Cloud Access Security Broker (CASB) market is undergoing its second major shift in primary usage. The first CASBs to hit the market way back in 2013-2014 primarily provided visibility into Shadow IT. Interest in that visibility use case quickly waned in...
May 18, 2018
By Rich Campagna, Chief Marketing Officer, Bitglass It wasn’t long ago that the first breach under the Office of the Australian Information Commissioner’s (OAIC) Privacy Amendment Bill was made public. Now, OAIC is back with their first Quarterly Statistics Report of Notifiable Data Breaches. While the report doesn’t offer much in the way of detail, it...
May 17, 2018
By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —LinkedIn security gap exposes users’ data —Vector app reveals customers’ information —AWS misconfiguration makes LocalBlox user information public —New malware steals data via power lines —Banking apps deemed the most unsecured LinkedIn security gap...
May 11, 2018
By Jacob Serpa, Product Marketing Manager, Bitglass On March 1, 2018, Orbitz discovered that a malicious party may have stolen information from one of its legacy platforms. The compromised platform housed Orbitz customer information such as mailing addresses, phone numbers, email addresses, and full names, as well as details about nearly 900,000...
May 10, 2018
By Yoav Nathaniel, Customer Success Manager, Avanan We recently uncovered what may be the largest security flaw in Office 365 since the service was created. Unlike similar attacks that could be learned and blocked, using this vulnerability hackers can completely bypass all of Microsoft’s security, including its advanced services – ATP,...
May 08, 2018
By Rich Campagna, Chief Marketing Officer, Bitglass I recently caught wind of a survey of 3000 cybersecurity professionals commissioned by ServiceNow and Ponemon. One of the first statistics that jumped out at me? “57% of data breach victims said they were breached due to an unpatched known vulnerability.” That’s bananas! And this massive...
May 01, 2018
By Rich Campagna, Chief Marketing Officer, Bitglass Over the past couple of years, Cloud Access Security Brokers (CASBs) have gone from a nascent, barely known technology to the de facto standard for secure public cloud enablement in every enterprise vertical. Early on, it’s tough to draw patterns across industries, but once you have...
April 26, 2018
By Salim Hafid, Product Marketing Manager, Bitglass When evaluating security options, CISOs and security architects are always looking to the solution that will minimize cost and administrative overhead while maximizing data protection. At the highest levels, enterprises have relied on traditional tools as a means of protecting data over the long...
The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
The Cloud Security Alliance offers training in the following three areas: CCSK training, PCI Cloud training, GRC Stack training.
Release Date: May 21, 2018
Release Date: April 19, 2018
Release Date: April 17, 2018
Release Date: April 16, 2018
Release Date: April 16, 2018
Release Date: February 13, 2018
Description: The State of ERP Security in the Cloud briefly highlights some of the issues and challenges of migrating ERP solutions to the cloud. The document examines common security and privacy risks that organizations might incur during a transition to the cloud, as well as how organizations have mitigated these hazards.
Release Date: February 07, 2018
Release Date: January 26, 2018
Release Date: December 15, 2017
Release Date: December 15, 2017
Release Date: April 19, 2018
Release Date: April 17, 2018
Release Date: April 16, 2018
Release Date: April 16, 2018
Release Date: February 13, 2018
Description: The State of ERP Security in the Cloud briefly highlights some of the issues and challenges of migrating ERP solutions to the cloud. The document examines common security and privacy risks that organizations might incur during a transition to the cloud, as well as how organizations have mitigated these hazards.
Release Date: February 07, 2018
Release Date: October 12, 2017
Release Date: October 03, 2017
Release Date: July 26, 2017
Cloud Security Alliance Releases Candidate Mapping of ISO 27002/27017/27018 Security Controls At the Cloud Security Alliance Summit San Francisco 2016, the CSA announced the release of the Candidate Mappings of ISO 27002/27017/27018 to version 3.0.1 of the CSA Cloud Controls Matrix (CCM). The ISO 27XXX series provides an overview of information security management systems. ISO…
Release Date: June 06, 2016
Realigns the CAIQ questions to CCM v3.0.1 control domains and the Cloud Security Alliance “Security Guidance for Critical Areas of Focus in Cloud Computing V3.0”
Release Date: February 01, 2016
A research document outlining the six dimensions of big data to help decision makers navigate the myriad choices in compute and storage infrastructures as well as data analytics techniques, and security and privacy frameworks.
Release Date: September 18, 2014
The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business.
Release Date: February 25, 2013
The Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, information about the privacy and data protection policies, procedures and practices used when processing personal data that customers upload or store in the CSP’s servers.
Release Date: February 24, 2013
Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners, patients or students and each other. But they need to be supported with always current operational processes and information, whether from apps, the Internet, or documents from other people.
Release Date: November 08, 2012
The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment.
Release Date: November 14, 2011
Questionnaire is organized using CSA 13 governing & operating domains divided into “control areas” within CSA’s Control Matrix structure.
Release Date: September 01, 2011
Dial one of these phone numbers then enter the Meeting ID when prompted.
Can’t access your meeting?
Get help with Webex
STAR is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.
The CSA is a member-driven organization, chartered with promoting the use of best practices for providing security assurance within Cloud Computing. We would like to welcome our newest members:
