CSA Community Spotlight: Guiding Industry Research with CEO Jason Garbis
Published 10/09/2024
As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we reflect on the pivotal role CSA volunteers and contributors have played in shaping the future of cloud security. Founded in 2009, CSA quickly established itself as the world’s leading organization dedicated to defining and promoting best practices for a secure cloud computing environment. A cornerstone of these efforts has been the development of cutting-edge research that empowers organizations to navigate the rapidly evolving landscape of cloud security.
CSA’s research initiatives are driven by a collaborative network of cybersecurity professionals, industry experts, and global volunteers who contribute their time and expertise to produce comprehensive frameworks and security guidance. This is why, throughout 2024, we’re highlighting 15 key contributors whose support has been instrumental in the success of CSA’s thought leadership.
Today we’re speaking with Jason Garbis, Founder and CEO of Numberline Security and an experienced contributor and influencer within the information security industry. At Numberline, Jason helps organizations prepare for, define, and execute effective Zero Trust strategies. He has over 20 years of experience in Identity Management, Enterprise Security Architectures, Network Security, and Security Strategy. Below, learn about Jason’s work with CSA Research Working Groups and why he continues to be involved in the CSA ecosystem.
What are the various ways you’ve been involved with CSA over the years?
I initially got involved with CSA in 2015, when I joined what was then the Software-Defined Perimeter (SDP) Working Group. I’d been involved with working groups at technical and standards organizations previously, and was excited to find an organization with a focus on cloud security, and which was directly related to the product management work I was doing with a vendor.
I began contributing to that working group, and then leading various research activities, documents, and publications. Over time, I worked my way into a leadership role in the working group, taking a co-chair position. Around the same time we expanded the scope of this working group to better reflect the activity going on in the industry, re-scoping it to cover Zero Trust.
I’ve also been involved in various CSA events, including the annual CSA Summit at the RSA Conference and SECtember.
About 2 years ago I left my role at a software vendor and launched my own consulting company with a focus on Zero Trust. In that time I became a Trusted Cloud Consultant for CSA, and have begun delivering training and consulting for CSA Members.
What’s your favorite memory of the CSA community?
I think it’s the now-legendary snack boxes they give away each year at the CSA Summit at RSA!
Why do you continue to be a part of the CSA ecosystem?
CSA has a unique role in the industry – as a volunteer and enterprise-led organization, it's able to capture and leverage the expertise and experience of security practitioners. This gives a very practical, real world focus. Also, because it's not a standards organization, it's able to move quickly, publish, get feedback, and iterate.
I feel very fortunate to be involved in a leadership role with CSA, because it gives me the opportunity to interact with many dedicated, smart, experienced security practitioners, with many different perspectives. CSA’s work nicely bridges the practical and theoretical.
What do you see as one of CSA’s most significant contributions to the cybersecurity industry?
I think it’s the sense of community that it brings, as an open and welcoming organization of peer cybersecurity professionals.
What are your predictions for CSA in the next 15 years?
Hopefully, CEO Jim Reavis will be allowed to retire at some point! Joking aside, I think that CSA’s scope and community will only continue to grow in size and impact. As long as it maintains its welcoming atmosphere and its track record of publishing quality research, CSA’s future will remain bright.
Question from interviewee Shruti Kulkarni: As a volunteer, what is the differentiating factor that you see in CSA compared to other organizations?
One appealing aspect of CSA is that the working groups are open to suggestions for research topics from the volunteers. Because CSA isn’t a standards body, it has much more flexibility around the format of research publications.
Do you have a question for the next interviewee to answer?
What do you see as CSA’s biggest opportunity for growth and impact?
Make sure to check out more insights from the CSA community here.
Related Articles:
CSA Community Spotlight: Nerding Out About Security with CISO Alexander Getsin
Published: 11/21/2024
Zero Standing Privileges (ZSP): Vendor Myths vs. Reality
Published: 11/15/2024
Modernization Strategies for Identity and Access Management
Published: 11/04/2024