CSA Community Spotlight: Advancing Thought Leadership with Cybersecurity Architect Shruti Kulkarni

For the last 15 years, CSA has been disseminating expert-led thought leadership to the cybersecurity community at large. Our offerings have included research publications, trainings, blogs, in-person and virtual webinars and events, and many other initiatives based on top-of-mind security concerns. This thought leadership is produced by our vast network of dedicated members, volunteers, subject matter experts, chapter leaders, and trainers. So to celebrate CSA’s 15th anniversary this year, we’re interviewing 15 longtime partners that have been integral to the success and growth of the CSA ecosystem.

Today we’re speaking with Cyber Security Architect Shruti Kulkarni. Shruti has worked extensively across various domains of security, including ISO 27001, PCI-DSS, policies and standards, security tools, threat modeling, and risk assessments. Shruti spends her time collaborating with cross-functional groups to implement security controls within the software development lifecycle. Learn all about Shruti’s thought leadership with CSA below.

What are the various ways you’ve been involved with CSA over the years?

I have been involved with CSA in a fair number of ways over the years. To name a few, I have worked on white papers, blogs, Zero Trust training materials, and Zero Trust exam questions; and I have also led two Zero Trust workstreams and presented at SECtember.

What’s your favorite memory of the CSA community?

What I continue to cherish from the CSA community is the collaborative way of working with CSA staff members and volunteers, who are all knowledgeable and experts in their field. My favourite memory is about the blogs that I wrote with a fellow volunteer. The collaborative effort and the speed at which the blogs were created was amazing.

Why do you continue to be a part of the CSA ecosystem?

I love the energy and the synergy within the CSA ecosystem. As more organisations adopt cloud, the requirements around security and resilience for cloud will increase. It becomes all the more imperative to continue to be a part of CSA, to learn from and to contribute to the huge body of knowledge that CSA develops.

Also, evolving threats are a constant in the world we live in. CSA's guidance and frameworks address current and evolving threats and that is something to look forward to.

What do you see as one of CSA’s most significant contributions to the cybersecurity industry?

The thought leadership that CSA provides in the space of cloud security is amazing, as is CSA's STAR program, the CCM, and certificates related to cloud security and Zero Trust. One example of thought leadership is the Zero Trust Working Group and the artifacts produced by the group.

What are your predictions for CSA in the next 15 years?

CSA will continue to grow and keep providing guidance in not only the cloud security space, but also in the spaces of DevOps, Identity and Access Management, Quantum Computing, and so on.

Question from interviewee Rick Doten: What is the one thing you tell people is different about cloud security as opposed to traditional on-premise security?

I would like to answer that question in two words: shared responsibility!

Do you have a question for the next interviewee to answer?

As a volunteer, what is the differentiating factor that you see in CSA compared to other organizations?

Make sure to check out more insights from the CSA community here.