Cloud 101CircleEventsBlog
Call for Presentations: Share your expertise at SECtember.ai 2024! Submit your proposals by June 28th.

Download Publication

Security Guidance for Critical Areas of Focus in Cloud Computing V3.0
Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

Release Date: 11/14/2011

Working Group: Security Guidance

The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment.
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
Security Guidance v4.0 Info Sheet
Security Guidance v4.0 Info Sheet
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Security Guidance for Critical Areas of Focus i...
FedRAMP Cloud Controls Matrix v3.0.1 Candidate Mapping
FedRAMP Cloud Controls Matrix v3.0.1 Candidate ...
Discover CCSK v5: The New Standard in Cloud Security Expertise
Discover CCSK v5: The New Standard in Cloud Security Expertise
Published: 06/12/2024
Mastering Secure DevOps with Six Key Strategies
Mastering Secure DevOps with Six Key Strategies
Published: 05/24/2024
Navigating Cloud Security Best Practices: A Strategic Guide
Navigating Cloud Security Best Practices: A Strategic Guide
Published: 05/15/2024
What is Management Plane (Metastructure) Security
What is Management Plane (Metastructure) Security
Published: 05/13/2024

Acknowledgements

Rich Mogull
Rich Mogull
CEO at Securosis

Rich Mogull

CEO at Securosis

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and fe...

Read more

Nrupak Shah Headshot Missing
Nrupak Shah

Nrupak Shah

Jim Peterson Headshot Missing
Jim Peterson

Jim Peterson

Xavier Guerin Headshot Missing
Xavier Guerin

Xavier Guerin

Tatsuya Kamimura Headshot Missing
Tatsuya Kamimura

Tatsuya Kamimura

Becky Swain Headshot Missing
Becky Swain

Becky Swain

Michael Machado Headshot Missing
Michael Machado

Michael Machado

Kathleen Moriarty Headshot Missing
Kathleen Moriarty

Kathleen Moriarty

Jens Laundrup
Jens Laundrup
Chief Security Engineer and Executive Consultant, Emagined Security Inc.

Jens Laundrup

Chief Security Engineer and Executive Consultant, Emagined Security Inc.

Jens Laundrup, Chief Security Engineer and Executive Consultant, Emagined Security Inc., has spent over 30 years in the Information Security space to include numerous security engineering disciplines including Military, Government and Corporate Information Security, Compliance Program Design, Architecture Design, and Network & Physical Security. Mr. Laundrup has led the development and design of cutting-edge risk-based security programs and...

Read more

Abhik Chaudhuri
Abhik Chaudhuri
Security GRC Team of TCS Global Technology Practice for the IoT and Smart Cities

Abhik Chaudhuri

Security GRC Team of TCS Global Technology Practice for the IoT and Smart Cities

Abhik Chaudhuri (PMP, ITIL Expert, Certified in Cobit Foundation, IBM accredited Senior IT Specialist, certified ISO 27001:2013 ISMS Lead Auditor, Member of IEEE SIG on IoT and Corporate Member of CSA’s International Standardization Council) isin the 14th year of IT Consulting profession and leading the Security GRC Team of TCS Global Technology Practice for the IoT and Smart Cities. Abhik has w...

Read more

JP Morgenthal Headshot Missing
JP Morgenthal

JP Morgenthal

Liam Lynch Headshot Missing
Liam Lynch

Liam Lynch

Lee Newcombe Headshot Missing
Lee Newcombe

Lee Newcombe

Dave Asprey Headshot Missing
Dave Asprey

Dave Asprey

Laura Posey
Laura Posey

Laura Posey

Melvin M. Rodriguez Headshot Missing
Melvin M. Rodriguez

Melvin M. Rodriguez

Kevin Fielder
Kevin Fielder
Senior Manager Cyber Security at Worldpay

Kevin Fielder

Senior Manager Cyber Security at Worldpay

Kevin Fielder has over 15 years IT and security experience across multiple industries encompassing online trading, online supermarkets, banking/finance/insurance. His various roles have included pen testing and security assessments through technical and security architecture to security consulting and innovations.

Current focus includes security strategy, secure design and development, security innovations, software based mobile secur...

Read more

Dominik Birk
Dominik Birk
Vice President of the CSA Swiss Chapter

Dominik Birk

Vice President of the CSA Swiss Chapter

Dominik Birk is working as a Information Security Manager for the Zurich Insurance Group in Zurich, Switzerland. Besides that, Birk is leading the the CSA WG “Incident Management and Forensics”, helped establish the German and Swiss local CSA Chapters, and contributed to the CSA Cloud Security Guidance V3.0.

Read more

Danielito Vizcayno Headshot Missing
Danielito Vizcayno

Danielito Vizcayno

Archie Reed Headshot Missing
Archie Reed

Archie Reed

James Beadel Headshot Missing
James Beadel

James Beadel

Stefan Pettersson Headshot Missing
Stefan Pettersson

Stefan Pettersson

George Ferguson Headshot Missing
George Ferguson

George Ferguson

Dennis F. Poindexter Headshot Missing
Dennis F. Poindexter

Dennis F. Poindexter

John Arnold Headshot Missing
John Arnold

John Arnold

Bhavesh Bhagat Headshot Missing
Bhavesh Bhagat

Bhavesh Bhagat

Ram Kumar Headshot Missing
Ram Kumar

Ram Kumar

Bernd Grobauer Headshot Missing
Bernd Grobauer

Bernd Grobauer

Ian Dobson Headshot Missing
Ian Dobson

Ian Dobson

Chris Rezek
Chris Rezek
Product Manager for Security and Privacy at Google

Chris Rezek

Product Manager for Security and Privacy at Google

Luciano (J.R.) Santos
Luciano (J.R.) Santos
Chief Customer Officer, CSA

Luciano (J.R.) Santos

Chief Customer Officer, CSA

J.R. Santos serves as the Chief Customer Officer for the Cloud Security Alliance. In this role, J.R. serves as a CSA Member advocate, partnering with leaders across all business units to transform the member experience and ensure that members are the center of every business decision. J.R. leads the Experience Services organization that includes the CSA Membership and Sales team, who work collaboratively to promote a consistent experience f...

Read more

Bernd Jaeger
Bernd Jaeger
Colt (Germany)

Bernd Jaeger

Colt (Germany)

Working for more than 20 years within the ICT industry, focussing on information security, Bernd’s scope ranges from security management related activities down to a deep, “hands-on” level of understanding of today’s threats and countermeasures.

Working for Telecommunication-, Internet-, Cloud and Technology Service provider, Bernd designed and implemented highly customized security solutions, developed technical blueprints and produc...

Read more

M S Prasad Headshot Missing
M S Prasad

M S Prasad

Andrea Bilobrk Headshot Missing
Andrea Bilobrk

Andrea Bilobrk

Andrew Hay Headshot Missing
Andrew Hay

Andrew Hay

David Kessler Headshot Missing
David Kessler

David Kessler

Thomas Trappler Headshot Missing
Thomas Trappler

Thomas Trappler

Tushar Jain Headshot Missing
Tushar Jain

Tushar Jain

Damu Kuttikrishnan Headshot Missing
Damu Kuttikrishnan

Damu Kuttikrishnan

Kanchanna Ramasamy Balraj Headshot Missing
Kanchanna Ramasamy Balraj

Kanchanna Ramasamy Balraj

Josey V. George Headshot Missing
Josey V. George

Josey V. George

Shane Tully Headshot Missing
Shane Tully

Shane Tully

Valmiki Mukherjee Headshot Missing
Valmiki Mukherjee

Valmiki Mukherjee

Anton Chuvakin Headshot Missing
Anton Chuvakin

Anton Chuvakin

Richard Zhao
Richard Zhao
Chief Strategy Officer of NSFOCUS

Richard Zhao

Chief Strategy Officer of NSFOCUS

Dr. Liang ZHAO (Richard) manages the research team, strategic planning, and fosters innovations at NSFOCUS. He obtained his B.Sc, M.Sc. and Ph.D degrees from Peking University at 1991, 1994, 1997 respectively. Liang majored physics and fiber-optic communications and has over 15 years of professional experience in telecom and network security areas. He owns certifications of CISSP, ITIL, BS7799.

Prior to his current position, he was th...

Read more

Hassan Takabi Headshot Missing
Hassan Takabi

Hassan Takabi

Dr. Amol Khedgikar
Dr. Amol Khedgikar
Senior Vice-President – IT audit, M&T Bank

Dr. Amol Khedgikar

Senior Vice-President – IT audit, M&T Bank

Marlin Pohlman Headshot Missing
Marlin Pohlman

Marlin Pohlman

Pamela Jones Harbour Headshot Missing
Pamela Jones Harbour

Pamela Jones Harbour

Pw Carey Headshot Missing
Pw Carey

Pw Carey

Michael Marks Headshot Missing
Michael Marks

Michael Marks

Joe Wallace Headshot Missing
Joe Wallace

Joe Wallace

Yvonne Wilson Headshot Missing
Yvonne Wilson

Yvonne Wilson

Peter Johnson Headshot Missing
Peter Johnson

Peter Johnson

Kimberley Laris Headshot Missing
Kimberley Laris

Kimberley Laris

John Kinsella Headshot Missing
John Kinsella

John Kinsella

Ulrich Lang Headshot Missing
Ulrich Lang

Ulrich Lang

Balaji Ramamoorthy Headshot Missing
Balaji Ramamoorthy

Balaji Ramamoorthy

Rajiv Mishra Headshot Missing
Rajiv Mishra

Rajiv Mishra

Troy D. Casey Headshot Missing
Troy D. Casey

Troy D. Casey

Carlo Espiritu Headshot Missing
Carlo Espiritu

Carlo Espiritu

Chris Hoff Headshot Missing
Chris Hoff

Chris Hoff

Paul Simmonds
Paul Simmonds
CEO at Global Identity Foundation & Board Member of CSA UK Chapter

Paul Simmonds

CEO at Global Identity Foundation & Board Member of CSA UK Chapter

Paul is the CEO of the Global Identity Foundation and formerly the global CISO of AstraZeneca, ICI and prior to that Motorola Cellular Infrastructure. He is twice listed as one of Network World’s “most powerful people in networking”. He is a director of the Cloud Security Alliance (Europe), co-founded the Jericho Forum, and sits on the advisory boards of a number of global tech companies.

Read more

Francoise Gilbert Headshot Missing
Francoise Gilbert

Francoise Gilbert

Said Tabet Headshot Missing
Said Tabet

Said Tabet

Jesus Luna Headshot Missing
Jesus Luna

Jesus Luna

Rich Mogull
Rich Mogull
CEO at Securosis

Rich Mogull

CEO at Securosis

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and fe...

Read more

Neil Fryer Headshot Missing
Neil Fryer

Neil Fryer

Randolph Barr Headshot Missing
Randolph Barr

Randolph Barr

Jeff Reed Headshot Missing
Jeff Reed

Jeff Reed

Devesh Bhatt Headshot Missing
Devesh Bhatt

Devesh Bhatt

Kendall Scoboria Headshot Missing
Kendall Scoboria

Kendall Scoboria

Damir Savanovic
Damir Savanovic

Damir Savanovic

Damir Savanovic (M) is an Associate Director - Cloud Controls Lead at Willis Towers Watson, leading a team of subject matter experts to address compliance and control requirements for multiple compliance frameworks within information and cybersecurity for a global financial institution.

As a security evangelist and subject matter expert in the areas of security governance, risk and compliance, data protection with over...

Read more

Henry St. Andre
Henry St. Andre
Director of Trust Services for inContact

Henry St. Andre

Director of Trust Services for inContact

Henry St. Andre began his career in telecommunication 32 years ago, in 1984 during the break-up and divestiture of AT&T. He served as Director of Operations for over 25 years working for several different regional telecommunications providers and ultimately because the Director of Operations for inContact before being asked to be the Director of Trust Services at inContact, with the mission to create a security team and operations that coul...

Read more

Eiji Sasahara
Eiji Sasahara
Board of Director at CSA Japan Chapter

Eiji Sasahara

Board of Director at CSA Japan Chapter

Michael Panico Headshot Missing
Michael Panico

Michael Panico

Sue Ross Headshot Missing
Sue Ross

Sue Ross

Chad Woolf Headshot Missing
Chad Woolf

Chad Woolf

Ariel Litvin Headshot Missing
Ariel Litvin

Ariel Litvin

Amy Van Antwerp Headshot Missing
Amy Van Antwerp

Amy Van Antwerp

Adrian Secombe Headshot Missing
Adrian Secombe

Adrian Secombe

Tushar Bhavsar Headshot Missing
Tushar Bhavsar

Tushar Bhavsar

Sundararajan N Headshot Missing
Sundararajan N

Sundararajan N

Andrew Yeomans Headshot Missing
Andrew Yeomans

Andrew Yeomans

Michele Drgon Headshot Missing
Michele Drgon

Michele Drgon

Subra Kumaraswamy Headshot Missing
Subra Kumaraswamy

Subra Kumaraswamy

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training