Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Join us for Cybersecurity Awareness Month! Strengthen your cyber resilience with essential security tips and resources for everyone.

CSA Community Spotlight: Guiding Industry Research with CEO Jason Garbis

Published 10/09/2024

Home
Industry Insights
CSA Community Spotlight: Guiding Industry Research with CEO Jason Garbis
Written by Megan Theimer, Content Program Specialist, CSA.

As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we reflect on the pivotal role CSA volunteers and contributors have played in shaping the future of cloud security. Founded in 2009, CSA quickly established itself as the world’s leading organization dedicated to defining and promoting best practices for a secure cloud computing environment. A cornerstone of these efforts has been the development of cutting-edge research that empowers organizations to navigate the rapidly evolving landscape of cloud security.

CSA’s research initiatives are driven by a collaborative network of cybersecurity professionals, industry experts, and global volunteers who contribute their time and expertise to produce comprehensive frameworks and security guidance. This is why, throughout 2024, we’re highlighting 15 key contributors whose support has been instrumental in the success of CSA’s thought leadership.

Jason Garbis headshot

Today we’re speaking with Jason Garbis, Founder and CEO of Numberline Security and an experienced contributor and influencer within the information security industry. At Numberline, Jason helps organizations prepare for, define, and execute effective Zero Trust strategies. He has over 20 years of experience in Identity Management, Enterprise Security Architectures, Network Security, and Security Strategy. Below, learn about Jason’s work with CSA Research Working Groups and why he continues to be involved in the CSA ecosystem.


What are the various ways you’ve been involved with CSA over the years?

I initially got involved with CSA in 2015, when I joined what was then the Software-Defined Perimeter (SDP) Working Group. I’d been involved with working groups at technical and standards organizations previously, and was excited to find an organization with a focus on cloud security, and which was directly related to the product management work I was doing with a vendor.

I began contributing to that working group, and then leading various research activities, documents, and publications. Over time, I worked my way into a leadership role in the working group, taking a co-chair position. Around the same time we expanded the scope of this working group to better reflect the activity going on in the industry, re-scoping it to cover Zero Trust.

I’ve also been involved in various CSA events, including the annual CSA Summit at the RSA Conference and SECtember.

About 2 years ago I left my role at a software vendor and launched my own consulting company with a focus on Zero Trust. In that time I became a Trusted Cloud Consultant for CSA, and have begun delivering training and consulting for CSA Members.


What’s your favorite memory of the CSA community?

I think it’s the now-legendary snack boxes they give away each year at the CSA Summit at RSA!


Why do you continue to be a part of the CSA ecosystem?

CSA has a unique role in the industry – as a volunteer and enterprise-led organization, it's able to capture and leverage the expertise and experience of security practitioners. This gives a very practical, real world focus. Also, because it's not a standards organization, it's able to move quickly, publish, get feedback, and iterate.

I feel very fortunate to be involved in a leadership role with CSA, because it gives me the opportunity to interact with many dedicated, smart, experienced security practitioners, with many different perspectives. CSA’s work nicely bridges the practical and theoretical.


What do you see as one of CSA’s most significant contributions to the cybersecurity industry?

I think it’s the sense of community that it brings, as an open and welcoming organization of peer cybersecurity professionals.


What are your predictions for CSA in the next 15 years?

Hopefully, CEO Jim Reavis will be allowed to retire at some point! Joking aside, I think that CSA’s scope and community will only continue to grow in size and impact. As long as it maintains its welcoming atmosphere and its track record of publishing quality research, CSA’s future will remain bright.


Question from interviewee Shruti Kulkarni: As a volunteer, what is the differentiating factor that you see in CSA compared to other organizations?

One appealing aspect of CSA is that the working groups are open to suggestions for research topics from the volunteers. Because CSA isn’t a standards body, it has much more flexibility around the format of research publications.


Do you have a question for the next interviewee to answer?

What do you see as CSA’s biggest opportunity for growth and impact?


Make sure to check out more insights from the CSA community here.

EventsSecurity GuidanceSoftware Defined PerimeterWorking GroupZero Trust

Share this content on your favorite social network today!

Core Cloud
Related Resources
Top Threats to Cloud Computing
The eleven salient threats, risks, and vulnerabilities in the cloud.
Certificate of Cloud Security Knowledge (CCSK)
The industry's standard cloud security credential.
Corporate Membership
Gain knowledge and connections in the cloud industry.
Latest from CSA
Access the Cybersecurity Awareness Month Bundle
Register for the Zero Trust Summit 2024
Download: AI in Medical Research
Trending This Week
#1 Top 10 Linux Server Hardening and Security Best Practices
#2 SOC 2 and ISO Certifications vs CSA STAR
#3 What is the Shared Responsibility Model in the Cloud?
#4 Cloud Security in 2024: Addressing the Shifting Landscape
#5 Putting Zero Trust Architecture into Financial Institutions
Secure your cloud data with Zero Trust Training
Related Articles:
Reflections on NIST Symposium in September 2024, Part 1

Published: 10/04/2024

Secure by Design: Implementing Zero Trust Principles in Cloud-Native Architectures

Published: 10/03/2024

What ‘Passwordless’ Really Means for Privileged Access Management

Published: 10/03/2024

CSA Community Spotlight: Bolstering the Mission of Cybersecurity with CEO Avani Desai

Published: 10/02/2024