Cloud Data Governance Working Group

Introduction to the Cloud Data Governance Working Group

The mission of this group is to design a universal set of principles and map these to emerging technologies and techniques for ensuring the privacy, confidentiality, availability, integrity and security of data across private and public clouds.

Working Group Scope and Responsibilities

  • Propose a data governance framework to ensure the privacy, availability, integrity and overall security of data in different cloud models. These will feed into the GRC stack and can be implemented as controls across the CAIQ, CCM and STAR

  • Develop thought leadership materials to promote CSA¹s leadership across the spheres of data privacy, data protection and data governance.

  • Work on harmonizing data privacy regulations to a set of data protection principles that can help cloud consuming organizations and cloud service providers meet new data privacy requirements in a more efficient and proactive manner

Cloud Data Governance Working Group Leadership

Cloud Data Governance Co-chairs

Deepayan Chanda

Deepayan Chanda is a GIAC Certified Intrusion Analyst, Computer Hacking Forensics Investigator and Certified Ethical Hacker with 20+ years of experience in the IT and Defense sectors, 16+ years specifically in Cyber, Web, Application and Cloud Security. He holds strong experience in Skills and technologies related to Security Operations Centers, Anti-Malware Operations, Penetration Testing, Vulnerability Assessment, Web Application Security, Network Traffic Analysis, Security Incident response, Security Event Analysis and Log Analysis. He has successfully executed many design and implementation of large-scale Security Information and Event Management (“SIEM”​) solutions. Apart from all of these his passion and expertise also extends towards Threat Intelligence, Advanced Threat Analysis, Information Security, Designing Security Operations Centers, Security Event Analysis & Incident Response, Security Information and Event Management (“SIEM”).

His is currently working with Cisco Systems (India) as a Technical Leader (Cloud Security), and he has also worked with Accenture India PVT Ltd., Product and Offering Development, McAfee India Private Ltd. (INTEL), Symantec Software Solutions India Pvt. Ltd..

Chris Niggel

Chris is currently the Sr. Manager of Security and Compliance at Okta, a leading Cloud Identity and Access Management provider, where he is responsible for corporate compliance, application assessment, and responding to customer security inquiries. He also leads the Cloud Security Alliance Data Governance Working Group. Prior to Okta, Chris spent 6 years leading the adoption of Cloud Technologies at LinkedIn, helping them grow from 350 to over 6,800 employees. He started his career designing, developing, and delivering content management, system administration, and messaging solutions for customers such as Nestle, Cisco, AMD, Telus, and the US Department of Defense.

When not setting policy, Chris is an active member of the Northern California ski community, where he volunteers with the Tahoe Backcountry Ski Patrol performing search & rescue, and teaching ski mountaineering & outdoor survival.

Cloud Data Governance Working Group Initiatives

Working Drafts

Initiative Details Date Opened

Cloud Data Governance Working Group Charter

October 06, 2015 Contribute now

There are no documents currently in peer review.

Want to contribute to the Cloud Data Governance Working Group?

Fill out the form below to join today!


Other:

If you experience trouble using this form, please submit the information here.

Other ways to Connect

Cloud Data Governance Working Group News

June 04, 2015

CSA Establishes Cloud Data Governance Working Group and Releases Governance Framework

The Cloud Data Governance working group has been created to design a universal set of principles and map to emerging technologies and techniques for ensuring the privacy, confidentiality, availability, integrity and security of data across private and public clouds. Read blog post

May 16, 2013

Cloud Security Alliance APAC Defines 2013-2014 Research Roadmap

The APAC region leadership team has published its research roadmap for 2013-2014.

July 18, 2012

CSA Research Sponsorship Opportunities Available

CSA announces the availability of several new opportunities to sponsor key research initiatives. Your support helps us maintain our aggressive research schedule and accelerate responsible adoption of cloud computing.

November 16, 2011

Cloud Security Alliance Releases Results of Cloud Consumer Advocacy Questionnaire and Information Survey

Cloud Data Governance (CDG) working group today introduced the results of its Cloud Consumer Advocacy Questionnaire and Information Survey. The survey is the first deliverable for the CDG working group, which will now turn its focus to delivering best practices recommendations, prioritizing and answering the key problems and questions identified by cloud stakeholders in the survey.

October 19, 2011

An Invitation for SME’s to contribute to CSA’s Cloud Data Governance Working Group by Tuesday, October 25th

The Cloud Data Governance (CDG) Working Group is seeking Subject Matter Experts to help identify the current state of public cloud solution provider maturity in addressing the issues related to Information Lifecycle Management (ILM). Subject Matter Experts are needed to help us complete the initial phase of our research.

October 06, 2011

The Cloud Consumer Advocacy Questionnaire and Information Survey (CCAQIS) – Survey submission has been extended through October 11, 2011

CCAQIS was designed to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry.
The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.

August 11, 2011

CSA Announces a New Research Initiative Called Cloud Data Governance

The initial phase of the initiative will be a survey of cloud providers to determine the current industry practices around data governance as articulated by the Information Security Lifecycle Management domain in our V2.1 of the Security Guidance for Critical Areas of Focus in Cloud Computing.

Cloud Data Governance Working Group Downloads

CCAQIS Survey v1.2

CCAQIS Survey v1.2

The purpose of this survey is to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry. The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.

Release Date: August 01, 2011