CSA Community Spotlight: Nerding Out About Security with CISO Alexander Getsin
Published 11/21/2024
As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we take pride in the organization's extensive research accomplishments throughout the years that have defined the trajectory of cloud security. Since its founding in 2009, CSA has produced groundbreaking research that has set the benchmark for best practices in cloud security. This robust body of work includes influential research publications on cloud computing threats, Zero Trust, DevSecOps, AI, quantum-safe security, and much more.
These achievements are made possible by a dedicated community of cybersecurity professionals, industry experts, and global volunteers. To honor this collaborative spirit, throughout 2024, we are recognizing 15 key contributors whose invaluable support has significantly advanced CSA's research and success.
Today we’re speaking with Alexander Getsin, CISO at RiseUp and Co-Chair of the CSA Top Threats Working Group. Alex is a financial technologies security leader with particular expertise and interest in cloud security, secure application design, and security governance. Alex leverages a decade of experience in the finance, military, technology, and cyber intelligence sectors in his current role. Alex is an alumnus of the IDF technical academic program, having served in the prestigious cyber and computing MAMRAM unit. Below, learn about Alex’s contributions to CSA research and why he continues to stay involved with the CSA community.
What are the various ways you’ve been involved with CSA over the years?
I am a Co-Chair of the Top Threats Research Working Group and contributor to the AI Technology and Risk Working Group. I have grown as an industry expert and lead author within the Top Threats group, with contributions such as the Cloud Penetration Testing Playbook, Cloud Threat Modeling, and more. I commonly act as a panel mediator, keynote speaker, and research group speaker at CSA and other industry conferences.
What’s your favorite memory of the CSA community?
Bringing together cloud defenders and vendors to collaborate on research and present at CSA conferences. The Top Threats Working Group is a magic circle where everyone's interests are aligned towards doing good at what we are lucky to call our full-time careers: cyber and cloud security. This was the case when working on Top Threats to Cloud Computing: Egregious Eleven, Top Threats to Cloud Computing: Pandemic Eleven, and the following publications.
Why do you continue to be a part of the CSA ecosystem?
We get to bring the industry together to nerd out about work we love and help make it better. I've grown fond of my colleagues and participation continues to reward me with industry and networking opportunities.
What do you see as one of CSA’s most significant contributions to the cybersecurity industry?
Rallying cloud defenders, vendors, and governing bodies towards the common goal of making things safer and building trust in the cloud, to make new cool things possible. CSA’s top cloud threats, CCM, and the CCSK certificate are synonymous with cloud security to many, thanks to the impact and contributions they’ve made and continue to make in defending, educating, and building trust.
What are your predictions for CSA in the next 15 years?
The Cloud Security Alliance will move to become the Cloud and AI Security Alliance, to the Everything-Bleeding-Edge-New Security Alliance. CSA will become the standard for professional interest group operation in cybersecurity and will become a partner to most security professionals on a growth journey.
Question from interviewee Jason Garbis: What do you see as CSA’s biggest opportunity for growth and impact?
Creating the AI Security Alliance using the best of what we've done already at CSA. I would also love to see CSA bring together the best of groups, individuals, techniques, platforms, and outcomes to define a golden standard and encourage its adoption across all groups, furthering collaboration and innovation outside of CSA too!
Do you have a question for the next interviewee to answer?
What was one time you remember using something made by CSA? How did it make you feel?
Make sure to check out more insights from the CSA community here.
Related Articles:
The EU AI Act and SMB Compliance
Published: 12/18/2024
Decoding the Volt Typhoon Attacks: In-Depth Analysis and Defense Strategies
Published: 12/17/2024
Top Threat #7 - Data Disclosure Disasters and How to Dodge Them
Published: 12/16/2024
Test Time Compute
Published: 12/13/2024