Cloud 101
Circle
Events
Blog

Download Publication

CSA's Perspective on Cloud Risk Management
CSA's Perspective on Cloud Risk Management

CSA's Perspective on Cloud Risk Management

Release Date: 08/20/2020

The rapid growth in both scope and market share, combined with the inherent complexity of cloud computing, appears to be straining the capabilities of existing governance and risk management frameworks. In light of the dramatic growth and apparent onset of harmful events, similar to those hampering non-cloud technology environments, CSA developed this position paper to question the perceived effectiveness of current governance and maturity in the use of risk management frameworks applied to cloud computing.

Download this Resource

Prefer to access this resource without an account? Download it now.

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional

Michael Roza

Risk, Audit, Control and Compliance Professional

Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Key M...

Read more

John Yeoh
John Yeoh
Global Vice President of Research, CSA

John Yeoh

Global Vice President of Research, CSA

With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next generation technology (IoT, Big Data, SecaaS, Quantum). John specializes in risk management, third party assessment, GRC, data protection, incid...

Read more

Jon-Michael Brook
Jon-Michael Brook

Jon-Michael Brook

Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. Mr. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Mr. Brook obtained a number of industry certifications, including CISSP and CCSK, has patents and trade secrets in...

Read more

Daniele Catteddu
Daniele Catteddu
Chief Technology Officer, CSA

Daniele Catteddu

Chief Technology Officer, CSA

Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, ...

Read more

Vincent Campitelli
Vincent Campitelli

Vincent Campitelli

After retiring from McKesson Corporation in 2016, Vince joined the Office of the President within the Cloud Security Alliance (CSA). Serving as an Enterprise Security Specialist, Vince supports the vast membership base of CSA in consuming and leveraging the numerous services, tools and expanding scope of research devoted to Cloud Computing. With his background in both the healthcare and financial service industries, Vince actively works wit...

Read more

Ryan Bergsma
Ryan Bergsma
Technology Director and Security Manager, CSA

Ryan Bergsma

Technology Director and Security Manager, CSA

This person does not have a biography listed with CSA.

Damir Savanovic
Damir Savanovic
Senior Analyst and Researcher at Cloud Security Alliance

Damir Savanovic

Senior Analyst and Researcher at Cloud Security Alliance

Damir Savanovic (M) is an Associate Director - Cloud Controls Lead at Willis Towers Watson, leading a team of subject matter experts to address compliance and control requirements for multiple compliance frameworks within information and cybersecurity for a global financial institution.

As a security evangelist and subject matter expert in the areas of security governance, risk and compliance, data protection with over...

Read more

John DiMaria
John DiMaria
STAR Program Director, CSA

John DiMaria

STAR Program Director, CSA

This person does not have a biography listed with CSA.

Louis Marinos Headshot Missing
Louis Marinos

Louis Marinos

This person does not have a biography listed with CSA.

Are you a research volunteer? Request to have your profile displayed on the website here.