Working Group
Security Guidance
The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders.
View Current ProjectsSecurity Guidance for Critical Areas of Focus in Cloud Computing v5
Working Group Leadership

Rich Mogull
Chief Analyst at CSA
With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s v4 Guidance and the associated CCSK training curriculum. He is a prolific writer and featured speaker at the security industry’s largest events, including RSA and Black Hat. Rich was previously a Research Vice President a...
Publications in Review | Open Until |
---|---|
Cloud Threat Modeling 2025 | Sep 19, 2025 |
Key Management in Cloud Services 2025 Update | Sep 26, 2025 |
Applying Zero Trust Principles with Network-Infrastructure Hiding Protocol - Stealth Mode Software Defined Perimeter for Network Infrastructure | Oct 16, 2025 |
Enabling Zero Trust for Cellular Networks - Guidance for Securing Mobile Networks | Oct 16, 2025 |
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.