Download Publication
Who it's for:
- Cloud service customers
- Cloud service providers
- HSM manufacturers
- Key management solution providers
- Application developers
- Auditors
HSM-as-a-Service Use Cases, Considerations, and Best Practices
Release Date: 04/03/2024
Working Group: Cloud Key Management
- The definition and architecture of an HSM
- The current and future state of the HSMaaS market
- Industry, compliance, and risk use cases for the HSMaaS model
- The importance of clearly defined responsibilities in the HSMaaS model
- Security considerations for HSMs
- Key management considerations unique to HSMaaS
- Important considerations when setting up governance for HSMs
- HSM vendor selection best practices
Download this Resource
Acknowledgements
Sam Pfanstiel Ph.D.
Principal in Industry Solutions at Coalfire
As Principal in the Industry Solutions team at Coalfire, Sam is responsible for providing advisory and assessment services for P2PE, PIN, and 3DS solutions and components; performing SSF application security assessments; and identifying the security and compliance impacts of innovative payment technologies for merchants and providers. Sam has been a key member of the Coalfire payments team for five years, bringing a quarter-century of exper...
Sunil Arora
Associate Director Security Architecture
Sunil Arora is a cybersecurity expert with over 16 years of experience in financial institutions, healthcare, telecom, and technology services industries. He is a passionate cybersecurity advocate and an expert on cloud security, information security advising, secure design and architecture, and risk management. In addition, Sunil is an influencer and enabler for technology and business teams to make informed, effective information security...
Iain Beveridge
Senior Product Marketing Manager
Santosh Bompally
Marina Bregkou
Senior Research Analyst, CSA EMEA
Parthasarathi Chakraborty
Associate VP, Cloud Security, Cyber Innovation and R&D
Partha has over 20 years of cyber security leadership experience in the financial services and healthcare industry. An active speaker and panelist in major cyber security conferences around the world, and frequently called in for views and interviews in electronic media like The Economist, UK. Very much passionate about learning new technologies and writing on recent groundbreaking cyber trends. He is also the founder of Cloud Security Pra...
Rajat Dubey
Cybersecurity Expert, Allianz Commercial
Rajat is an accomplished cybersecurity expert with over 13 years of experience safeguarding critical systems and data for global enterprises. His expertise spans cyber risk assessment, compliance, threat modeling, incident response, Penetration testing, Ethical hacking, Digital Forensic, Cloud Security and emerging technologies (AI, Blockchain, IoT, Quantum computing) for enhanced security.
Parth Jamodkar
Carlos Rombaldo Jr.
Michael Roza
Risk, Audit, Control and Compliance Professional
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...
Thanos Vrachnos
Cyber Security Consultant at SpearIT
Amanda Gabiam
Simon Keates
Bruno Kovacs
Smita Mahapatra
Tim Winston
Interested in helping develop research with CSA?
Related Certificates & Training
CSA's Cloud Infrastructure Security training provides a high-level introduction to the most critical cloud security topics through virtual self-paced courses. Each Cloud Infrastructure Security training focuses on a specific area of cloud computing, and is design to be succinct, taking one-hour to complete.
Learn more