Press Releases Arrow to Content

April 24, 2014

Featured Research: CIRRUS

The CIRRUS project aims to provide high-level, high-impact support and coordination for European ICT security research projects. Project activities include standardization and certification schemes, integrating research projects with EU policy and strategy, internationalization, and supporting industry best practices and public private cooperation initiatives.

April 24, 2014

CSA Seeks Input on Cloud Data Protection Cert

The Cloud Security Alliance invites you to review the Cloud Data Protection Cert, a new candidate project proposed for inclusion in the CSA Research Portfolio.

April 24, 2014

Volunteer Spotlight: David Lingenfelter

David Lingenfelter is a seasoned security professional with nearly 20 years of experience in risk management, information security, compliance and policy development.

April 24, 2014

CSA Responds to President Obama’s “Big Data” Initiative Request for Information

On January 17, 2014, President Obama called for senior government officials to lead a comprehensive review of the ways in which “big data” will affect how Americans live and work.

April 09, 2014

CSA Seeks Input on Open Peer Review: CAIQ v3.0.1

CSA has kicked off the Consensus Assessment Initiative Questionnaire (CAIQ) v3.0.1 open peer review period, to be held now through May 8, 2014.

April 09, 2014

CSA Seeks Input on Open Peer Review: CCM v3.0.1

Cloud Security Alliance announces an open peer review period for the Cloud Controls Matrix (CCM) v3.0.1, now through May 8, 2014.

April 03, 2014

Cloud Security Alliance Announces Launch Of Privacy Level Agreement (PLA) V.2 Working Group

PLA v2 seeks to provide a clear and effective way to communicate to customers the level of data protection offered by a CSP.

April 02, 2014

Cloud Security Alliance (CSA) Announces SAP Has Joined CSA as an Executive Corporate Member

SAP will participate in key research with the CSA on Horizon 2020 – the EU framework programme for research and innovation.

April 01, 2014

SIT Partners The Cloud Security Alliance In Landmark Agreement

SIT students will have the opportunity to participate in CSA events in Asia Pacific, and will be given priority placements to work with CSA during the course of their studies.

March 31, 2014

On behalf of the CDPC Leadership Team: Open Review Period – Cloud Data Protection Cert Candidate Project

We are proposing that the Cloud Data Protection Cert be included as part of the CSA’s GRC Stack as organizations will also have more granular controls for leveraging the Cloud Controls Matrix (CCM).

March 20, 2014

First Research Newsletter Now Available

The CSA Research team is excited to announce that the first monthly Research Update is available here.

March 19, 2014

Featured Research: CUMULUS

The CUMULUS framework will bring together consumers, service providers, and cloud suppliers to work with certification authorities to ensure security certificate validity in the ever-changing cloud environment.

March 19, 2014

Volunteer Spotlight: Evelyn de Souza

Evelyn de Souza is a Data Privacy and Compliance Leader at Cisco Systems, where she focuses on developing blueprints and holistic solutions to help organizations embrace the cloud securely and ensure data privacy in an agile manner.

March 19, 2014

Featured Research: Software Defined Perimeter Initiative

The SDP Initiative defines an architecture to create highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks.

March 19, 2014

CSA Announces the Newly Created Research Lifecycle

The Research Lifecycle is a comprehensive, step-by-step guide that sets up a series of standard procedures for the generation of a CSA research product.

March 19, 2014

Phillip Redman to speak at the next Cloud Security Alliance Mobile Working Group meeting on March, 27 @ 9am PT

Join us to learn Phillip’s views on the enterprise mobility space and to get a chance to interact with one of the most respected thought leaders in this space.

March 19, 2014

CSA Seeks Input For Open Peer Review: Big Data Taxonomy

The Cloud Security Alliance (CSA) Big Data Working Group (BDWG) would like to invite you to review and comment on a preliminary draft of the “Big Data Taxonomy” document.

March 17, 2014

Cloud Security Alliance Opens Call for Presentations for EMEA Congress 2014

The Cloud Security Alliance and MIS Training Institute have opened the call for papers for the 2014 EMEA Congress, to be held November 19-20th at the Parco dei Principi in Rome.

March 17, 2014

SecureCloud 2014 Late-Breaking Keynote Addition Richard A. Clarke, former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism

Clarke is the former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism and has served several US presidents as a top cyber security advisor.

February 26, 2014

Software Defined Perimeter (SDP) Yet To Be Hacked; CSA Ups the Ante on Virtual Hackathon

Winner now to receive full pass to BlackHat, in addition to DEF CON.

February 24, 2014

Cloud Security Alliance Presents Industry Leadership Award To Professor Udo Helmbrecht Of Enisa

Leader of European Union’s cyber security agency honored.

February 13, 2014

CSA Board of Directors Member Alan Boehme to Deliver Closing Keynote at CSA Summit at RSA, on the Software Defined Perimeter

SDP workshop and Open Hackathon on an SDP designed network to follow.

February 12, 2014

Invitation to CSA CloudBytes: CSA STAR Certification

Don’t miss your chance to join experts and learn more about the CSA STAR Certification on Thursday, February 20th at 11:00am (Pacific Time).

February 11, 2014

CSA Announces SecureCloud 2014 Conference Opening Keynote, Neelie Kroes, Vice President of the European Commission

CSA today announced that the esteemed Neelie Kroes, Vice President of the European Commission, will give the opening keynote at the SecureCloud 2014 in Amsterdam, Netherlands.

January 27, 2014

Mobile Working Group 2014 Kick-Off Call

Join us as we brief the audience on each of the current initiatives and generate conversation on what’s new for mobile in 2014.

January 27, 2014

Cloud Security Alliance Opens Call for Speakers for CSA Congress 2014

The organization also seeks volunteers for conference track committees.

January 22, 2014

Cloud Security Alliance SecureCloud 2014 Conference Keynote Speakers to Address Cryptography, Confidentiality and Large Enterprise User Security

Five powerful keynote speakers will lead this year’s event: Prof. Dr. Udo Helmbrecht, Prof. Dr. Reinhard Posch, Alan Boehme, Jim Reavis, Richard Mogull.

January 16, 2014

New Conference for Privacy and Security Professionals to Share, Connect and Learn

IAPP and CSA announce new strategic alliance.

December 09, 2013

Announcing the Consensus Assessments Initiative Questionnaire (CAIQ) V.3 Open Review Period

The Cloud Security Alliance Consensus Assessments Initiative (CAI) was launched to perform research, create tools and create industry partnerships to enable cloud computing assessments.

December 05, 2013

Cloud Security Alliance Releases Software Defined Perimeter (SDP) Framework Details

New white paper outlines best practices to deploy an SDP to protect application infrastructure from network-based attacks.

December 05, 2013

SAFECode and the Cloud Security Alliance Release Guidance for the Secure Development of Cloud Applications

New paper outlines practical software security recommendations to address threats specific to cloud computing.

December 04, 2013

Cloud Security Alliance Announces Annual Ron Knode Service Award Winners

CSA today announced the recipients of its second annual Ron Knode Service Award, an annual award sponsored by the CSA recognizing six members from the Americas, Asia-Pacific and EMEA regions for excellence in volunteerism.

November 22, 2013

Cloud Security Alliance Announces Bonus Workshop Series At 2013 US Congress

The five workshops will provide participants with the opportunity to explore key topics in cloud security in an intensive daylong session led by some of the world’s most prominent cloud security practitioners.

November 19, 2013

Cloud Security Alliance Adds New Board Member

Adrienne Hall, general manager, Microsoft Trustworthy Computing, works with customers, partners and industry associations to help deliver safer, more trusted computing experiences for everyone.

November 14, 2013

Cloud Security Alliance Establishes Second Official Chapter In India

A new chapter in Bangalore India to promote the secure adoption of cloud computing across India.

November 13, 2013

Bob Flores, Former CTO Of The CIA, To Keynote CSA Congress 2013

Mr. Flores, will discuss the importance of highly resilient public clouds for the most demanding and security-sensitive organizations.

November 13, 2013

Cloud Security Alliance Announces Software Defined Perimeter (SDP) Initiative

A project to develop an architecture for creating highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks.

November 11, 2013

Cloud Security Alliance Annual Congress to Draw Industry Attention to Most Debated Issues in Cloud Computing

Announcing notable and heavily debated presentations featuring some of the industry’s most progressive thought leaders.

November 07, 2013

Cloud Security Alliance Annual Congress to Serve as Launchpad for New Research, Guidance Reports and Working Groups

CSA today released its planned research agenda and a preview of new working groups to be launched at the upcoming CSA Congress 2013, taking place December 4-5 in Orlando.

November 05, 2013

Invitation to CSA CloudBytes: Cloud Controls Matrix v3.0

Don’t miss your chance to join experts and learn more about the Cloud Controls Matrix and the latest release of version 3.0.

October 31, 2013

Announcing CSA Congress 2013 Working Group Events

Here is your chance to learn more about the current working group activities, recently published documents, roadmap for 2014, and how to get involved.

October 23, 2013

Survey for SaaS companies: State of Identity Management

CSA survey to better understand the maturity of SaaS providers in their implementation of identity management solutions.

October 07, 2013

CSA Releases CCM v3.0 Info Sheet for Updates on New Controls, Domains

The CCM v3.0 Info Sheet is designed to update users on domain changes, control additions, and alignment to other CSA and industry standards documents.

September 26, 2013

Cloud Security Alliance Releases Cloud Controls Matrix, Version 3.0

The industry standard for cloud security now includes expanded controls to assess cloud service provider information security risks.

September 25, 2013

The Cloud Security Alliance and BSI Launch STAR Certification Program

The technology-neutral certification leverages the requirements of the ISO/IEC 27001:2005 management system standard together with the CSA Cloud Controls Matrix.

September 24, 2013

Cloud Security Alliance Mobile Working Group Opens Annual Mobile Market Maturity Survey

Group seeks global input to understand current market maturity and needed processes to manage enterprise mobile technology.

September 24, 2013

Cloud Security Alliance Big Data Working Group Releases Report On Big Data Analytics For Security Intelligence

New report provides insight on how new big data tools and opportunities are changing the security analytics landscape.

September 03, 2013

Take the Helix Nebula Open Survey

Helix Nebula is conducting a survey to understand the general perception of the Helix Nebula initiative and to help us improve the way we inform people about its work.

August 28, 2013

Cloud Security Alliance Announces Additional Keynotes and Sessions for EMEA Congress 2013

MIS Training Institute and the Cloud Security Alliance are pleased to announce additional speakers and sessions for this year’s EMEA Congress, to be held in Edinburgh, Scotland, on 25th – 26th September 2013.

August 08, 2013

Watch New CloudBytes Webinar Online: Measuring and Mitigating Risk for Cloud Services

Hosted by Grant Shirk and Kamal Shah, this unique video conference explores how employees and departments adopt, use and spread cloud services.

August 07, 2013

CSA CloudBytes: Cloud Compliance for Financial Services (Tuesday 8/13, 8am Pacific)

In today’s world, financial service businesses rely on communication technology that enable rapid and secure sharing of information.

August 06, 2013

CSA CloudBytes Town Hall: NSA/PRISM Lessons Learned (Monday 8/12, 8am Pacific)

You are invited to attend a CSA CloudBytes Town Hall on “NSA/PRISM Lessons Learned: The Repercussions for Cloud Services Adoption.”

July 31, 2013

CSA and ISACA Cloud Market Maturity Survey 2013

The Cloud Security Alliance (CSA) and ISACA is announcing the availability of a new survey on cloud market maturity as part of the second collaborative project between the two organizations.

July 23, 2013

Cloud Security Alliance Furthers Global Transparency Efforts To Serve Association’s Rapid Growth

CSA Security, Trust and Assurance Registry (STAR) Now Hosts Over 30 Entries from Major Cloud Providers; CSA Unveils Results of Survey on Government Access to Information

July 22, 2013

CSA Seeks Input For Open Peer Review: Big Data Analytics for Security Intelligence Document

The Big Data Working Group would like to invite you to review and comment on a preliminary draft of the “Big Data Analytics for Security Intelligence” document.

July 03, 2013

CSA CloudBytes: Measuring and Mitigating Risk for Cloud Services (Thursday, July 18th at 10:00am Pacific)

The classic adage, “you can’t manage what you can’t measure” is just as relevant to cloud security as it is to operational excellence.

June 27, 2013

Cloud Security Alliance Silicon Valley Chapter to Hold 2nd Annual Innovation Conference

The annual conference is designed to deliberately create provocative and disruptive debates on cloud technology among industry experts, solution providers and end-users.

June 27, 2013

Cloud Security Alliance Establishes Incident Management and Forensics Working Group

CSA’s newest working group releases first white paper on conducting forensic investigation in cloud environments.

June 27, 2013

Tech Trailblazers Awards Announces New Mentoring Partnership With Cloud Security Alliance

Global enterprise technology awards strengthens ties with leading cloud security industry association.

June 26, 2013

Official CSA Snowden/NSA/Patriot Act Survey

We are hoping to generate a rational and valuable global dialogue, and will make this survey public.

June 26, 2013

Cloud Security Alliance Announces Keynote Presentations and Sessions for 4th Annual CSA Congress

Enterprise Leaders and Recognized Cloud Experts to Lead to Industry’s Premier Gathering for IT Security Professionals

June 25, 2013

Cloud Security Alliance APAC Issues Call for Papers for CISO Forum 2013

CSA APAC seeks proposals from practitioners, researchers, and academics on a broad range of cloud security topics.

June 22, 2013

2nd Cloud Security Alliance Asia Pacific Chief Information Security Officer Summit 2013 Call for Presentations

CSA is pleased to announce this call for speakers to present at the prestigious 2nd Cloud Security Alliance Asia Pacific Chief Information Security Officer Summit 2013.

June 17, 2013

CSA Releases the Expanded Top Ten Big Data Security & Privacy Challenges

Big Data remains one of the most talked about technology trends in 2013. But lost among all the excitement about the potential of Big Data are the very real security and privacy challenges that threaten to slow this momentum.

June 12, 2013

CSA Seeks Input For Open Peer Review: Cloud Trust Protocol Work Group Charter

The Cloud Security Alliance Cloud Trust Protocol (CTP) Working Group would like to invite you to review and comment on their updated work group charter.

June 12, 2013

Cloud Security Alliance Seeking Co-chairs for the Cloud Trust Protocol Working Group

The CSA Cloud Trust Protocol (CTP) Working Group is seeking new co-chairs to lead research in the areas of continuous monitoring/auditing for cloud assurance and transparency certification.

June 10, 2013

Cloud Security Alliance Announces Keynotes For EMEA Congress 2013

MIS Training Institute CSA are pleased to announce the initial lineup of speakers, including esteemed keynotes, for this year’s EMEA Congress.

June 06, 2013

CSA CloudBytes: HIPAA Omnibus Rule (Thursday 6/13, 12pm Pacific)

Don’t miss this free event! On June 13th at 12:00pm (PDT), the CSA Health Information Working Group will be hosting a webinar the HIPAA Omnibus Rule.

May 31, 2013

White Paper Analysing Cloud Vulnerability Incidents from 2008-2012 released by the CSA Cloud Vulnerabilities Working Group

A white paper studying cloud computing outages reported by the media over a four year period has been released by the newly-established CSA Cloud Vulnerabilities Working Group.

May 16, 2013

Cloud Security Alliance APAC Defines 2013-2014 Research Roadmap

The APAC region leadership team has published its research roadmap for 2013-2014.

May 15, 2013

Cloud Security Alliance Develops Third-Party Certification Scheme with Infocomm Development Authority of Singapore

A new partnership with the Infocomm Development Authority of Singapore (IDA) to define a scheme under the CSA Open Certification Framework (OCF) and Singapore Multi-Tier Cloud Security standard.

May 15, 2013

Cloud Security Alliance Successfully Completes Open Certification Framework (OCF) Pilot Implementations with Alibaba and New Taipei City Government

Representatives to discuss cloud computing pilot results and key learnings at CSA Congress APAC.

May 14, 2013

CSA CEE Summit 2013 Call for Speakers

Papers are welcomed from both the research community and from industry. Full session proposal submission closes: 10 June 2013.

May 10, 2013

Cloud Security Alliance Expands APAC Region Leadership Team

Leaders from Microsoft, University of Waikato, Phitech Corporation and ASEAN to guide organization’s rapid growth of CSA in APAC market.

May 03, 2013

CSA Cloud Bytes: Big Data Analytics (Tues 5/7, 10am PDT)

As part of our mission to educate the industry on all matters related to the cloud, CSA Cloud Bytes would like to present a webinar on Big Data Analytics.

April 26, 2013

Cloud Security Alliance to Moderate Panel Discussion at CIO Summit Europe

CSA will moderate an Executive Visions panel at the upcoming CIO Summit Europe, May 12-14, 2013, in London.

April 25, 2013

(ISC)2® and the Cloud Security Alliance Collaborate to Create New Professional Certification for Cloud Security

The combined initiative will address a significant concern over the security of modern business systems by establishing a common global understanding of professional knowledge and best practices in the design, implementation and management of cloud computing systems.

April 24, 2013

CSA Establishes Small and Medium Business Working Group and Membership Program

Offerings to help SMB community understand and benefit from cloud computing.

April 01, 2013

Cloud Security Alliance Seeking Speakers For US Congress 2013 In Orlando

MIS Training Institute and the Cloud Security Alliance are looking for seasoned speakers to present at the 4th Annual Cloud Security Alliance Congress US.

March 22, 2013

Upcoming Cloud Security Training in EMEA

Securosis has recently updated the CCSK training curriculum to be in alignment with the Cloud Security Alliance Guidance V3.0, and the training class is much improved.

March 19, 2013

CCSK Training to Be Held By HP Education at CSA Congress APAC

HP Education will organize a series of CCSK training sessions during the inaugural CSA Congress APAC held in conjunction with Cloud Asia 2013.

March 19, 2013

Open Survey: CIRRUS: Towards an EU Framework for Cloud Service Provider Security

The objective of this survey is to gather information on security activities as well as future priorities in cloud computing.

March 14, 2013

CSA Cloud Bytes on March 19th Will Focus on Financial Services

As part of our mission to educate the industry on all matters related to the cloud, CSA has launched a new free educational webinar series called CSA Cloud Bytes.

March 14, 2013

“CUMULUS” Research Project Investigates Certification Infrastructure for Multi-Layer Cloud Services

Eight partners from European science and industry have joined forces in the CUMULUS research project to investigate how in future cloud services can be made more secure and trustworthy for end users.

March 13, 2013

Jim Reavis Discusses CSA Initiatives, Enterprise Adoption of Cloud Services at RSA

Recorded at RSA Conference 2013, Jim Reavis, Co-Founder and Executive Director of Cloud Security Alliance discusses the current state of cloud computing security and adoption of cloud services by enterprise users.

March 12, 2013

CSA and New Taipei City Government Partner to Drive Cloud Computing Adoption

New Taipei city’s government cloud to participate in Open Certification Framework scheme’s pilot implementation.

March 05, 2013

John Howie Discusses CSA Initiatives, Cloud Adoption Issues at RSA

Recorded at RSA Conference 2013, John Howie, COO of the Cloud Security Alliance (CSA), detailed the findings of that report and the steps the CSA is taking to address those cloud adoption issues.

February 25, 2013

Cloud Security Alliance Presents Industry Leadership Award To Microsoft’s Scott Charney

Microsoft executive honored by CSA for his achievements in advancing secure cloud computing.

February 25, 2013

Cloud Security Alliance Selects HP For New Master Training Partner Program

Program to accelerate worldwide access and adoption of Certificate of Cloud Security Knowledge (CCSK) certification.

February 25, 2013

Cloud Security Alliance To Establish New Legal Information Center

The CLIC will be an open resource for cloud computing practitioners, regulators, and legal experts.

February 25, 2013

Cloud Security Alliance Warns Providers of ‘The Notorious Nine’ Cloud Computing Top Threats in 2013

A revised report aimed to provide organizations with up-to-date, expert-informed understanding of cloud security threats in order to make educated risk-management decisions regarding cloud adoption strategies.

February 25, 2013

Cloud Security Alliance Releases First Guidelines for Cloud Service Providers Delivering Services in the European Union

CSA Privacy Level Working Group encourages adoption worldwide as a powerful self-regulatory tool for data protection transparency and accountability in the cloud.

February 25, 2013

CSA Continues Campaign To Improve Transparency And Assurance In The Cloud Market With Position Paper On AICPA Reporting Framework

CSA today released a position paper on the American Institute of CPAs’ reporting framework, as a means of educating its members and providing guidance on selecting the most appropriate reporting option.

February 25, 2013

CSA Seeks Input For Open Peer Review: Expanded Top Ten Big Data Security and Privacy Challenges Report

The report outlines the unique challenges presented by Big Data through narrative use cases and identifies the dimension of difficulty for each challenge.

February 25, 2013

CSA Seeks Input For Open Peer Review: CCM v3.0

The Cloud Security Alliance has released a draft of the latest version of the Cloud Control Matrix, CCM v3.0 for public peer review.

February 22, 2013

CCSK Version 3 English Examination is Now Available

The examination has been updated to include version 3 of our security guidance. According to our beta testers, version 3 offers a much improved test-taking experience.

February 12, 2013

CSA Announces Working Group Sessions at RSA in San Francisco

CSA is hosting sessions during the week for some of our active working groups. These are free events that will be held outside of the regular conference on Thursday, February 28th.

February 08, 2013

Cloud Security Alliance and Electronic Government Agency (EGA) of Thailand Partner to Drive Cloud Computing Adoption in the Association of Southeast Asian Nations

CSA today announced that it has signed a formal partnership with the Electronic Government Agency (EGA) of Thailand.

February 06, 2013

CSA Seeks Input For Open Peer Review: Trusted Cloud Initiative Reference Architecture v2.0

Trusted Cloud Initiative (TCI) would like to invite you to review and comment on the latest version of the reference architecture (v2.0).

February 05, 2013

CSA Cloud Bytes: HIPAA & The Cloud – A Vendor’s Perspective, Feb. 7 – 12:00pm PST

CSA Health Information Management Working Group is proud to host a CSA Cloud Bytes headlined by Hemant Pathak, Assistant General Counsel at Microsoft.

January 29, 2013

James D. Robinson, Former American Express Chairman and CEO, Added to CSA Summit Keynote Lineup

CSA today announced the addition of James D. Robinson III as the closing keynote speaker at the annual CSA Summit 2013.

January 28, 2013

CSA Launches Updated TCI Reference Architecture Research Website

TCI has updated its research website to include simplified architecture definition results, as well as an interactive application that allows users to learn about the applicability of the TCI reference architecture to their business scenario.

January 24, 2013

Call For Speakers for Cloud Security Alliance Congress Asia Pacific

The Cloud Security Alliance (CSA) is pleased to announce this call for speakers to present at the inaugural Cloud Security Alliance Congress Asia Pacific 2013, held in Singapore from 14th to 17th May 2013.

January 23, 2013

CSA Seeks Input for Open Peer Review: Provider Forensic Support Whitepaper

CSA’s Telecom Working Group and Incident Management & Forensics Working Group would like to invite you to review and comment on the Provider Forensic Support in Public Multi-Tenant Cloud Environments whitepaper.

January 17, 2013

Cloud Security Alliance Recommends the Cloud Security Readiness Tool

A free tool from Microsoft designed to help organizations review and understand their IT maturity level and their readiness to consider adopting or growing cloud services.

January 16, 2013

Cloud Security Alliance Summit 2013 at RSA Conference to Emphasize National Security, Mobile and Hybrid Clouds

Mark Weatherford from the Department of Homeland Security featured as opening keynote.

January 14, 2013

CSA Seeks Input For Open Peer Review: Privacy Level Agreement Document

The Cloud Security Alliance (CSA) Privacy Level Agreement (PLA) Working Group would like to invite you to review and comment on the Privacy Level Agreement document.

November 08, 2012

Cloud Security Alliance Releases Security Guidance for Critical Areas of Mobile Computing

CSA Mobile Working Group report aims to provide industry with mobile security best practices.

November 07, 2012

CSA Big Data Working Group Releases Top 10 Big Data Security and Privacy Challenges Report

Group’s first research provides eye opening insight into a wide diversity of big data challenges facing enterprises.

November 07, 2012

Cloud Security Alliance Announces First Annual Ron Knode Service Award Winners

Six individual CSA volunteers selected to honor the legacy of late CSA member and volunteer contributor Ron Knode.

November 02, 2012

Department of Homeland Security to Keynote at Upcoming CSA Annual Congress Program

Experts from DHS, Huawei Technologies, U.S. Cyber Consequences Unit, Verizon and others join together for a powerful keynote roundtable to address critical infrastructure, national security and the cloud.

October 31, 2012

EMEA Congress Recap

The inaugural EMEA Congress in Amsterdam was an unqualified success, with hundreds of security visionaries in attendance and featuring presentations from some of the leading voices from across the cloud security landscape.

October 29, 2012

CSA Releases Security Information and Event Management (SIEM) Guidance

New Security-as-a-Service Implementation Report provides guidance for deployment of cloud-based SIEM

October 25, 2012

CSA Seeks Input on a Mobile App Store Security Initiative Policy Guideline Document

The CSA Mobile Working Group would like to invite you to review and comment on their Mobile App Store Security Initiative Policy Guideline document that was created by their Initiative 5 sub-group.

October 19, 2012

CSA Seeks Input on a Mobile Authentication Document

Review and comment on the Mobile Authentication Document that was created by their Initiative 4 Authentication Sub-group.

October 19, 2012

CSA Seeks Input on a Mobile BYOD Document

Review and comment on the Bring Your Own Device (BYOD) Document that was created by their Initiative 3 BYOD Sub-group.

October 17, 2012

Late-Breaking Speakers and Sessions Complete the CSA Annual Congress Program

CSA today announced the addition of late-breaking keynotes, sessions and research to the upcoming annual CSA Congress 2012 scheduled for November 7-8 in Orlando, FL.

October 16, 2012

Take The CSA Mobile Maturity Questionnaire

This brief 5-10 minute survey is designed to help the Cloud Security Alliance, as well as, enterprises and individual consumers understand the current maturity level of the mobile marketplace.

October 09, 2012

Cloud Security Alliance Releases (SecaaS) Implementation Guidance

CSA today announced that its Security as a Service (SecaaS) Working Group has completed its peer review process and has published implementation guidance documents expanding upon their “Defined Categories of Service” document that was first made available in August of 2011.

October 04, 2012

Data Loss from Missing Mobile Devices Ranks as Top Mobile Device Threat by Enterprises

CSA Mobile Working Group today released findings from a new survey that calls out the specific security concerns enterprise executives say are the real and looming threats as it relates to mobile device security in the enterprise environment.

September 27, 2012

Cloud Maturity Study Reveals the Top 10 Issues Eroding Cloud Confidence

New research by Cloud Security Alliance and ISACA identifies government regulations, exit strategies, and international data privacy as top concerns.

September 26, 2012

CSA Security as a Service (SecaaS) Working Group Completes Implementation Guidance

New Identity and Access Management research provides business and technical considerations for implementation of SecaaS as part of the cloud.

September 21, 2012

Cloud Security Alliance Releases Cloud Controls Matrix Version 1.3

Version 1.3 integrates revised mapping of FedRAMP security controls.

September 21, 2012

Call For Speakers for Cloud Security Alliance Innovation 2013 Conference

Innovators New Cloud-related Security Technologies Invited to Submit Proposal by October 14.

September 20, 2012

CSA Identifies 17 Key Components for Effective Mobile Device Management of BYOD and Company-Owned Devices

The whitepaper is one of six parts to the upcoming, “Security Guidance for Critical Areas of Mobile Computing” report, one of a number of important research items to be presented and discussed at the upcoming annual CSA Congress being held November 7-8 in Orlando.

September 19, 2012

CSA EMEA Congress: Cloud Providers Invited to Attend First Guidelines on CSA STAR Certification Presentation

The plans to release a CSA Open Certification Framework that was announced at the opening of the SecureCloud 2012 conference in Frankfurt, Germany has become a reality.

September 19, 2012

Cloud Security Alliance Annual Congress to Feature Release of 20 Research and Guidance Reports

This year will feature the release of more than 20 research and guidance reports from various CSA working groups in some of the most critical areas of cloud computing.

September 17, 2012

Cloud Security Alliance to Host Summit at RSA Europe on October 8

The CSA Summit will offer speakers and participants an opportunity to learn the latest industry trends and get involved with a number of educational and awareness initiatives promoting cloud security.

September 12, 2012

CSA Seeks Volunteers for Consensus Assessments Initiative Questionnaire (CAIQ) v.2

CSA warmly invites interested individuals to step forward to contribute to an initiative which promotes cloud security for customers and providers.

September 05, 2012

CSA Partners with ASTRI to Further APAC Cloud Security Initiatives

CSA today signed a Memorandum of Understanding with ASTRI to advance cloud computing security and build capabilities that will accelerate the development of the cloud ecosystem in Hong Kong.

September 05, 2012

CSA Presents Privacy Level Agreement Initiative at European Parliament

A Working Group to Support EU Data Protection Regulators’ Recommendation on Cloud Computing

August 29, 2012

Fujitsu, Ebay and Verizon to Spearhead New CSA Big Data Working Group

Group to Provide Industry with Leadership, Research and Guidance in Identifying Scalable Techniques for Data Centric Security and Privacy Problems.

August 27, 2012

CSA Seeks Input on SecaaS Category 10 Implementation Guidance

Implementation Guidance documents, for each category of service previously defined, are being developed and we have another category ready for peer review now.

August 27, 2012

CSA EMEA Congress 2012 Announces Agenda For Industry’s First EMEA-Wide Conference Devoted to Cloud Security

Industry visionaries from Salesforce.com, Google and HP in speaker line-up at premiere event in Amsterdam on September 25-26th.

August 22, 2012

PhD Studentship in Cloud Security

Cloud Security Alliance (CSA) and Edinburgh Napier are inviting applications for a CSA funded PhD studentship to work on European Research projects. The studentship starts November 2012.

August 20, 2012

CSA Announces Open Security Framework for Cloud Providers

The Cloud Security Alliance (CSA) today announces additional details of its Open Certification Framework, and its partnership with BSI (British Standards Institution).

August 14, 2012

CSA, EBD and IDA to Ratify Singapore APAC Headquarters at CloudSec 2012 Conference

Cloud Security Alliance (CSA) announced it will host a signing ceremony today with representatives from the Infocomm Development Authority of Singapore (IDA) and the Economic Development Board of Singapore (EDB) to officially mark the opening of its new corporate headquarters in Singapore.

August 08, 2012

Tempest in Cloud Computing Market: Will EU Article 29 Working Party’s Opinion Force a Rethink of the Safe Harbor Principles?

The most significant aspect of the Opinion is its negative evaluation of the ability of the Safe Harbor self-certification to meet the requirements of the national laws implementing the 1995 European Union Data Protection Directive.

August 07, 2012

Helix Nebula Science Cloud Passes First Major Test

“Helix Nebula – the science cloud,” set up earlier this year to support the massive IT requirements of European scientists has successfully deployed its first flagship applications in high-energy physics, molecular biology and natural-disaster risk management.

August 07, 2012

PhD studentship in Cloud Service Security (Software Engineering Group)

The Software Engineering Group within the School of Informatics of the City University London invites applications for a PhD studentship funded by the Cloud Security Alliance (CSA EMEA).

August 07, 2012

CSA Seeks Input on SecaaS Categories of Service Implementation Guidance Documents

Implementation Guidance documents, for each category of service previously defined, are being developed and we have another category ready for peer review now.

August 06, 2012

CSA Seeks Input on CCM v1.3 FedRAMP Mapping Document

The CCM Working Group would like to invite you to review and comment on a preliminary draft of CCM v1.3 with a revised mapping of the Federal Risk and Authorization Management Program (FedRAMP) security controls published January 2012.

July 24, 2012

Take the Top Threats to Cloud Computing Survey

This survey’s purpose is to identify whether the Top Threats first identified by the CSA are still relevant today.

July 20, 2012

Cloud Security Alliance Selects Singapore as Site for Corporate Headquarters, Continues APAC Expansion Initiative

CSA today announced the establishment of the new CSA corporate headquarters in Singapore, under an effort led by the Infocomm Development Authority of Singapore (IDA), Singapore Economic Development Board (EDB), and founding APAC sponsor Trend Micro.

July 18, 2012

CSA Research Sponsorship Opportunities Available

CSA announces the availability of several new opportunities to sponsor key research initiatives. Your support helps us maintain our aggressive research schedule and accelerate responsible adoption of cloud computing.

July 16, 2012

Article 29 Working Party cloud computing opinion: Blow to Safe Harbor?

The opinion, published July 2 as Document WP 196, analyzes the applicable data protection laws and obligations for companies providing, or using cloud computing services in the European Economic Area (EEA).

July 11, 2012

Take the CSA Top Threats to Mobile Computing Survey

Due to the rapid adoption of mobile computing, and immediate connection to cloud computing, the CSA is creating a “Top Threats to Mobile Computing” report.

July 07, 2012

CSA Seeks Input on “Mobile Device Management: Key Components” whitepaper

The peer review site and survey will be open until Friday, July 20th, 2012.

July 02, 2012

Cloud Security Alliance, Esther Dyson and Amrita University Co-Chair ‘Startup Pitchfest’ at SecureIT

CSA along with Esther Dyson and Amrita University will co-chair a new Startup Pitchfest at the inaugural SecureIT Conference on the Security of Internet of Things.

June 29, 2012

CNIL (French Data Protection Authority) Recommendations on the use of Cloud Computing Services

On June 25, CNIL – the French Data Protection Authority – published its recommendation on the use of cloud computing services.

June 28, 2012

CSA Launches PhD Studentship Programme in Europe CSA Calls for University Participation in PhD and Postgraduate Studentship Programme for Security and Privacy in Cloud Computing

CSA today announced a PhD studentship programme in the context of its Education and Training activities.

June 27, 2012

CSA Seeks Input on Top Threats to Mobile Computing Document

The Cloud Security Alliance’s Mobile Working Group requests your review and survey participation for the first “Top Threats to Mobile Computing”.

June 20, 2012

Outline of BCR for Processors Published by Article 29 Working Party

On June 19th, the Article 29 Working Party released an important opinion on the use of a legal means to move personal data outside of the border of the EU, called Binding Corporate Rules (BCRs).

June 20, 2012

Brochure Now Available for the Cloud Security Alliance EMEA Congress in Amsterdam

The agenda is packed full of keynotes and case studies from the leading experts in cloud security, including Salesforce, Novartis, Investec, DSM and ENISA.

June 06, 2012

CSA Remembers Ron Knode 1946-2012

Ron Knode, noted information security expert and member of the Cloud Security Alliance family, passed away on May 31, 2012. Ron was an innovative thinker and the author of the CloudTrust Protocol.

May 22, 2012

Participate in the CSA Website Usability Survey

CSA invites you to participate in its website usability survey, a short questionnaire about your experience with the CSA site.

May 21, 2012

Cloud Security Alliance Expands Leadership Team With its First Chief Operating Officer

CSA announced today the appointment of information and communications technology veteran John Howie to the position of Chief Operating Officer (COO).

May 17, 2012

CSA Launches Hong Kong and Macau Chapter at “Building Trust in Cloud Computing” Summit 2012

Summit Highlighted by Opening Address from Mr. Daniel Lai, BBS, JP, Government CIO, and Keynotes by Jim Reavis, Co-founder and Executive Director of CSA, and Tim Grance, Senior Computer Scientist at NIST

May 15, 2012

Infocomm Development Authority of Singapore and Cloud Security Alliance Launch Joint Initiative to Create Trusted Cloud Ecosystem in Singapore

IDA and CSA will launch a joint initiative to create a trusted cloud eco-system in Singapore.

May 14, 2012

CSA and ISACA Issue Joint Survey on Cloud Maturity – Now Open for Responses

Today, CSA and ISACA announced the availability of a new survey on cloud market maturity, part of the first collaborative project between the two organizations.

May 14, 2012

Cloud Security Alliance to Launch Australia Chapter at AusCERT2012

CSA will officially launch its Australia Chapter at the AusCERT2012 conference, furthering the CSA’s presence and focus in Asia-Pacific.

May 09, 2012

SecureCloud 2012 in Frankfurt: Global Leaders Address Top Emerging Issues on Cloud Security and Privacy

How will changes in European data protection regulation affect cloud providers and users? How will forensics look like in the Cloud?

May 09, 2012

CSA Announces Open Certification Framework for Cloud Providers

At the opening of the SecureCloud 2012 conference, CSA announced the CSA Open Certification Framework, an industry initiative to allow global, trusted certification of cloud providers.

May 04, 2012

Big Data Working Group Kick-Off Call

CSA is launching a kick-off call for the Big Data Working Group on May 23rd, 14:00pm PST (GMT-7), open to all individuals interested in addressing scalable techniques for data-centric security and privacy problems.

May 02, 2012

Mobile Track and Federal/International Track Submissions Sought for Congress 2012

We are extending the deadline to May 11th for the Mobile and Federal/International Tracks only.

April 30, 2012

Inaugural CSA EMEA Congress in Amsterdam

The Cloud Security Alliance and MIS Training are delighted to announce they have partnered to host the inaugural Cloud Security Alliance EMEA Congress in Amsterdam September 2012.

April 21, 2012

CSA Seeks Input on the CTP Reference Architecture Model

The CSA CloudTrust Protocol (CTP) would like to invite you to review and comment on the CTP Reference Architecture Model.

April 16, 2012

Cyber Security & Privacy EU Forum 2012, April 24th & 25th, Berlin

This event is a European conference on Cyber Security and Privacy, to be held at the Science & Conference Center “The Dahlem Cube”, Seminaris Campus Hotel, Berlin on the 24th and 25th April 2012.

April 16, 2012

CSA Extends Deadline for Congress 12′ Abstract Submissions

We have received some great submissions so far, but would like to see more. The new deadline for submission is April 27,2012.

April 13, 2012

Top Threats to Cloud Computing Kick-Off Call

Join us on our Kick-Off Call as we look for volunteers to participate in updating the CSA Top Threats to Cloud Computing document.

April 12, 2012

CSA Seeks Input on the Big Data Working Group Charter

The Cloud Security Alliance (CSA) Big Data Working Group (BDWG) would like to invite you to review and comment on the work group Charter.

April 10, 2012

Inaugural CSA Summit Hong Kong & Macau

The Hong Kong & Macau chapter is having their inaugural CSA Summit on 17 May 2012.

April 09, 2012

Cloud Security Alliance Appoints Cyber Security Industry Veteran from Trend Micro as First Asia Pacific Executive Council Chairman

CSA and Trend Micro today announced the appointment of Ken Low as the first Chairman of the Asia Pacific Executive Council for CSA.

April 04, 2012

CSA Seeking Speakers for Congress 2012 in Orlando

Cloud Security Alliance and the MIS Training Institute are looking for seasoned speakers to present at the Cloud Security Alliance Congress 2012, being held in Orlando, November 7 & 8, 2012.

April 04, 2012

Jim Reavis to Speak at CloudAsia 2012

This event continues to be the only unique forum focusing on enterprise and telecom cloudbusiness opportunities, cloud computing marketing strategies, implementation and solutions for the Asia Pacific region.

March 20, 2012

Mobile Working Group Kick-Off (Call 2)

To accommodate all time zones, CSA will now be launching a Mobile Working Group kick-off (call 2) after our call 1 was held on March 15th.

March 20, 2012

Health Information Management Working Group Kick-off Call

Cloud Security Alliance is launching a kick-off call for the Health Information Management Working Group on March 22nd, 12:00pm PST (GMT-7).

March 19, 2012

New Speakers Announced for SecureCloud 2012 – managing security and privacy in the cloud

CSA co-hosts the only European cloud security conference in Frankfurt am Main, Germany from May 9-10, 2012.

March 07, 2012

Big Science Teams up with Big Business to Kick-Start European Cloud Computing

consortium of leading IT providers and three of Europe’s biggest research centres (CERN, EMBL and ESA) announced a partnership to launch a European cloud computing platform.

February 27, 2012

CSA Announces Asia Pacific Expansion Initiative; Announces Partnership with Trend Micro as Founding Sponsor

CSA and Trend Micro Incorporated, a global cloud security leader, today announced the establishment of the CSA Asia Pacific headquarters.

February 27, 2012

CSA Launches Mobile and Innovation Initiatives at RSA

Cloud Security Alliance (CSA) today announced two significant new initiatives for 2012, addressing growing areas of need in cloud security – mobile computing and innovation.

February 17, 2012

Cloud Security Alliance Announces First European Instructor Training Course

CSA is pleased to announce that it will host its first Instructor training course in Europe, this April 2nd-4th at the CA Technologies facility in Milan, along with a CCSK Basic and Plus class.

February 14, 2012

Becky Swain of CSA Honored with the 2012 CloudNOW Top Ten Women in Cloud Award

The Cloud Security Alliance is pleased to congratulate Becky Swain, a founding member of the CSA and Board member of the Silicon Valley Chapter, who has been honored with the CloudNOW Top Ten Women in Cloud Award for her contributions, accomplishments and thought leadership.

January 24, 2012

Cloud Fundamentals Video Series: The Benefits of Industry Collaboration to Cloud Computing Security

Video from CSA Congress with Jim Reavis, Executive Director of CSA, and Tim Rains, Microsoft’s Director of Trustworthy Computing.

January 11, 2012

Last Chance to Register for the Cloud Security Alliance Innovation Conference

Don’t miss your chance to register for the Cloud Security Alliance Innovation Conference Jan 26th in Santa Clara, CA. Standard registration ends Monday, January 16th! This inaugural Cloud Security Innovation Conference is shaping up to include a stellar line up of experts and topics that you will not want to miss.

January 05, 2012

VOLUNTEER OPPORTUNITY: Telecom Working Group 2012

The Cloud Security Alliance’s (CSA) Telecom Working Group is having it’s 2012 Kickoff call on January 12th. We are inviting all motivated individuals who want to contribute to any of the six new research initiatives being introduced for the coming year.

December 02, 2011

Cloud Security Alliance Announces an Expanded Educational Program

The Cloud Security Alliance is pleased to announce the expansion of their educational program. Three new sections have been added, each specifically designed to address a need within the cloud security community.

December 02, 2011

Cloud Security Alliance contributes to the European Commission Strategy on Cloud Computing

While cloud computing represents the advent of a global computing utility that transcends national boundaries, we believe a number of positive actions can promote EU interests and protect its citizens, while leveraging cloud computing’s benefits to its fullest.

November 16, 2011

Major Cloud Providers to Participate In CSA STAR – CSA Security, Trust and Assurance Registry

CSA today announced that Google, Verizon, Intel, McAfee, and Microsoft plan to submit reports to the CSA Security, Trust and Assurance Registry (STAR), a newly announced, free and publicly accessible registry that documents the security controls provided by various cloud computing offerings.

November 16, 2011

Cloud Security Alliance Releases Results of Cloud Consumer Advocacy Questionnaire and Information Survey

Cloud Data Governance (CDG) working group today introduced the results of its Cloud Consumer Advocacy Questionnaire and Information Survey. The survey is the first deliverable for the CDG working group, which will now turn its focus to delivering best practices recommendations, prioritizing and answering the key problems and questions identified by cloud stakeholders in the survey.

November 16, 2011

Cloud Security Alliance Releases Guidance Version 3

The Cloud Security Alliance (CSA) today unveiled the third version of its Security Guidance for Critical Areas of Focus in Cloud Computing. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely.

October 19, 2011

An Invitation for SME’s to contribute to CSA’s Cloud Data Governance Working Group by Tuesday, October 25th

The Cloud Data Governance (CDG) Working Group is seeking Subject Matter Experts to help identify the current state of public cloud solution provider maturity in addressing the issues related to Information Lifecycle Management (ILM). Subject Matter Experts are needed to help us complete the initial phase of our research.

October 18, 2011

Cloud Security Alliance Announces Trusted Cloud Initiative White Paper

CSA today announces that the Trusted Cloud Initiative has published its first white paper, “Trusted Cloud Initiative Quick Guide to the Reference Architecture”. The purpose of the quick guide is to take a user through the Trusted Cloud architecture much like an owner’s manual walks a consumer through a product.

October 12, 2011

(ISC)² and The Cloud Security Alliance Expand Cloud Security Offerings to their Memberships

CSA and (ISC)², today announced they have signed a Memorandum of Understanding (“MOU”) to benefit members of both organizations who are looking to expand their knowledge and expertise in the cloud and broader security areas.

October 09, 2011

Cloud Security Alliance Appoints Daniele Catteddu as EMEA Managing Director

London, UK, #CSASummit at RSA – October 10, 2011 – The Cloud Security Alliance (CSA) today announced that it has appointed Daniele Catteddu as its Managing Director, EMEA, responsible for executing the CSA’s strategy across Europe. Catteddu will be presenting the CSA EU strategy at the CSA Summit, being held today in conjunction with RSA…

October 06, 2011

The Cloud Consumer Advocacy Questionnaire and Information Survey (CCAQIS) – Survey submission has been extended through October 11, 2011

CCAQIS was designed to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry.
The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.

October 03, 2011

(ISC)² Names 2011 Inaugural Americas Information Security Leadership Award Finalists and Winners

ISC²®, the world’s largest information security professional body and administrators of the CISSP®, today recognized the finalists of its Inaugural Americas Information Security Leadership (Americas ISLA) Awards. Becky Swain of the Cloud Security Alliance received recognition as an Americas ISLA finalist for demonstrating excellence and innovation in the category of Information Security Practitioner.

September 29, 2011

Open Review Period for Guidance V.3: Domains 7, and 14 (Has Begun)

The Cloud Security Alliance would like to invite you to review and comment on the following Guidance V.3 Domains: Domain 7: Traditional Security, Business Continuity and Disaster Recovery, Domain 14: Security as a Service

September 26, 2011

Cloud Security Alliance Issues First Security as a Service White Paper

CSA today announced that the Security as a Service working group has published its first white paper, “Defined Categories of Service 2011”. The purpose of this group’s research is to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to organizations on reasonable implementation practices.

September 22, 2011

Open Review Period for Guidance V.3: Domains 4, 8, 9 and 11(Has Begun)

The Cloud Security Alliance would like to invite you to review and comment on the following Guidance V.3 Domains: Domain 4: Compliance and Audit, Domain 8: Data Center Operations, Domain 9: Incident Response, Notification, and Remediation, Domain 11: Encryption and Key Management.

September 20, 2011

Open Review Period for Guidance V.3: Domains 2, 3, 5 and 12 (Has Begun)

The Cloud Security Alliance would like to invite you to review and comment on the following Guidance V.3 Domains: Domain 2: Governance and Enterprise Risk Management, Domain 3: Legal and Electronic Discovery, Domain 5: Information Lifecycle Management, Domain 12: Identity and Access Management.

September 15, 2011

Open Review Period for Guidance V.3: Domains 1,6, 10 and 13 (Has Begun)

The Cloud Security Alliance would like to invite you to review and comment on the following Guidance V.3 Domains: Domain 1: Cloud Computing Architectural Framework, Domain 6: Portability and Interoperability, Domain 10: Application Security Domain 13: Virtualization.

September 10, 2011

New Date for CSA Innovation Conference

The Cloud Security Alliance (CSA) Silicon Valley Chapter has decided to postpone the inaugural Cloud Security Alliance Innovation Conference until January, 2012. This will allow more time to refine the event, allow for a longer paper submissions window, and minimize conflicts in a busy fall conference schedule. The call for papers (CFP) deadline has been extended to September 30, 2011.

August 26, 2011

Cloud Security Alliance Releases Cloud Controls Matrix v1.2

The Cloud Security Alliance (CSA) today published Version 1.2 of the Cloud Controls Matrix (CCM), which is designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.

August 24, 2011

TechAmerica and the Cloud Security Alliance Join Forces to Expand Cloud Offerings to Members

As the leader in cloud computing policy, TechAmerica is proud to announce that a formal relationship has been formed with the Cloud Security Alliance (CSA), the thought-leader in cloud security. This agreement leverages the strengths of both organizations to expand member benefits.

August 18, 2011

Open Review Period for the Draft of SecaaS Defined Categories of Service Whitepaper Starts Today

The Security as a Service (SecaaS) working group would like to invite you to review and comment on the Security as a Service “Defined Categories of Service” whitepaper. Your expertise will ensure that the white paper has accurate content.

August 16, 2011

Learn About the CSA STAR Registry

The Cloud Security Alliance announces two upcoming opportunities to learn more about its CSA STAR Registry. These public webcast briefings will be held August 18th and 23rd and will cover general information about the STAR Registry and the proper use of linked documents from the GRC Stack.

August 12, 2011

Call For Speakers Now Open for Cloud Security Alliance Innovation Conference 2011

The Cloud Security Alliance (CSA) Silicon Valley chapter today published the call for speakers for the inaugural Cloud Security Alliance Innovation Conference 2011, being held October 6th in Silicon Valley.

August 11, 2011

CSA Announces a New Research Initiative Called Cloud Data Governance

The initial phase of the initiative will be a survey of cloud providers to determine the current industry practices around data governance as articulated by the Information Security Lifecycle Management domain in our V2.1 of the Security Guidance for Critical Areas of Focus in Cloud Computing.

August 04, 2011

Media Advisory: CSA Announces STAR – CSA Security, Trust and Assurance Registry – To Help Users Assess Security of Cloud Providers

The Cloud Security Alliance (CSA) today announced the launch of a new initiative to encourage transparency of security practices within cloud providers.

July 26, 2011

Call for Volunteers for V.3 Guidance Group 2: GRC, Audit, Physical, BCM, DR

The Cloud Security Alliance and Group 2 GRC, Audit, Physical, BCM, DR Leadership team are looking for volunteers to assist with drafting Domain 2, 4 and 7 of version 3 of CSA’s Security Guidance for Critical Areas of Focus in Cloud Computing.

July 21, 2011

Call for volunteers for V.3 Guidance Group 8: Virtualization and Technology Compartmentalization

The Cloud Security Alliance and Group 8 Virtualization and Technology Compartmentalization Leadership are looking for volunteers to assist with drafting Domain 13 of version 3 of CSA’s Security Guidance for Critical Areas of Focus in Cloud Computing.

July 18, 2011

HISPI Offers Membership Discounts to CSA Members

The Cloud Security Alliance (CSA) and the Holistic Information Security Practitioner Institute (HISPI) are now offering a 50% discount on HISPI membership to all CSA LinkedIn group members. Interested members can visit http://cloudsa.eventbrite.com/ for more details.

July 12, 2011

Cloud Security Alliance Issues First Cloud Compliance Report For Spain

The Cloud Security Alliance (CSA) today announced that the Spanish Chapter, CSA-ES, has published the first Cloud Compliance Report. This Report has been the main line of work of the chapter since its inception, just over a year ago, during the VII International Conference of ISMS Forum Spain, in Madrid.

July 06, 2011

CSA Announces Licensing Agreement With CSC For Cloudtrust Protocol

CSA announced that it has received a nocost license for the CloudTrust Protocol (CTP) from CSC. The CTP is being integrated as the fourth pillar of the CSA’s cloud Governance, Risk and Compliance (GRC) stack. The CSA’s GRC stack provides a toolkit for enterprises, cloud providers, security solution providers, IT auditors and other key stakeholders to instrument and assess both private and public clouds against industry established best practices, standards and critical compliance requirements.

June 30, 2011

Security as a Service Initial Group Call set for July 5th

The CSA Security as a Service (SecaaS) Working Group will have their first group call on July 5th. The purpose of their research will be to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to organizations on reasonable implementation practices.

June 22, 2011

Call for Volunteers to Upgrade the CSA Cloud Controls Matrix to v1.2

We need smart, motivated volunteers and team leaders who are committed to an early August 2011 completion date. You can prepare yourself by checking out the current CSA Cloud Controls Matrix (v1.1).

June 21, 2011

SecaaS Seeks Additional Input on Working Group Proposal

Thank you to those who have contributed to the “Categories of Service” section of our working group proposal. We are still seeking input to all categories. For those who have recently expressed interest in getting involved, send me an email at [email protected] (Subject line: SecaaS Categories).

June 21, 2011

Telecom Working Group Charter Finalized

The Cloud Security Alliance would like to announce that a finalized Telecom Working Group (TWG) Charter is available to download on the Telecom Working Group page. The working group’s web page has also been updated to include current leadership and contributing members.

June 07, 2011

SecaaS Seeks Input on Working Group Proposal

The Cloud Security Alliance is now soliciting input for the Security as a Service (SecaaS) Working Group’s “Categories of Service” section of their working group proposal.

May 26, 2011

Updated Telecom Working Group Charter Available for Review

The Cloud Security Alliance would like to announce that a draft of the updated Telecom Working Group (TWG) Charter is now available for review. The new charter re-defines the scope of the TWG to allow more differentiation and synergy with the Security as a Service (SecaaS – Work Group 9) Working Group.

May 23, 2011

Call for volunteers to upgrade the CSA Cloud Controls Matrix to v1.2

Goals are to (1) include more granular controls for IaaS, and (2) create more mappings between the matrix and other compliance frameworks, such as NERC CIP.

May 20, 2011

Cloud Security Alliance Launches New Greater China Regional Coordinating Body

Today at the China Cloud Computing General Conference, the Cloud Security Alliance (CSA) announced the formation of a new Greater China Regional Coordinating Body, to facilitate the growing interest in best practices for cloud security within the region.

May 16, 2011

Pamela Jones Harbour Joins Cloud Security Alliance as Co-Chair of Legal Working Group

Former Federal Trade Commissioner Brings Significant Experience to Mission of Bridging the Gap Between Cloud Technology and the Law

April 21, 2011

Cloud Security Alliance Announces Key Initiative in Development of Cloud Security Standards in Partnership with ISO/IEC

The Cloud Security Alliance (CSA) announced that it will have a key role in the development of cloud security and privacy standards under ISO/IEC (International Organization for Standardization/International Electrotechnical Commission).

February 15, 2011

Cloud Security Alliance unveils 2011 initiatives at CSA Summit at RSA

At the CSA Summit at RSA on February 14, 2011, the Cloud Security Alliance (CSA) unveiled its 2011 roadmap, which builds on an already extensive body of work put together by the alliance in its first two years of existence.

February 07, 2011

Cloud Security Alliance welcomes White House CIO Vivek Kundra as special guest keynote for CSA Summit at RSA

The Cloud Security Alliance (CSA) today announced the addition of Vivek Kundra, US Chief Information Officer (CIO) at the White House, as a keynote speaker at the CSA Summit at RSA.

December 17, 2010

Cloud Security Alliance launches Cloud Controls Matrix (CCM) 1.1

The Cloud Security Alliance (CSA) today announced the launch of revision 1.1 of the CCM Security Controls Matrix. The matrix is now available for free download at: https://cloudsecurityalliance.org/research/projects/cloud-controls-matrix-ccm/

November 17, 2010

Cloud Security Alliance Unveils Governance, Risk Management and Compliance (GRC) Stack

The Cloud Security Alliance (CSA) today announced the availability of the CSA Governance, Risk Management and Compliance (GRC) Stack, a suite of enabling tools for GRC in the cloud, now available for free download at https://cloudsecurityalliance.org/research/projects/grc-stack/.

October 27, 2010

Cloud Security Alliance announces that CloudAudit has become an official project of the CSA

The Cloud Security Alliance (CSA) today announced that CloudAudit has become an official project of the CSA, with the joint mission of promoting the use of best practices for providing security assurance within Cloud Computing.

October 12, 2010

Cloud Security Alliance announces availability of Consensus Assessments Initiative Questionnaire

The Cloud Security Alliance today has announced the release of version 1.0 of the Consensus Assessments Initiative Questionnaire.

September 21, 2010

Cloud Security Alliance announces strategic partnership with HISPI

The Holistic Information Security Practitioner Institute (HISPI), the worldwide visionary in Governance, Risk, and Compliance (GRC) thought leadership, today announced today a strategic partnership with the Cloud Security Alliance (CSA) that will provide members of both organizations an educational roadmap and credentials to enhance their educational background.

September 09, 2010

Cloud Security Alliance Seeks Community Input for Top Threats Report

Version 2.0 slated for release in late 2010 San Francisco, CA – September 9, 2010 – The Cloud Security Alliance is now soliciting input for Version 2.0 of its “Top Threats to Cloud Computing Report.” This pending revision is the first to Version 1.0, which was published and announced earlier this year RSA Conference 2010….

September 01, 2010

Cloud Security Alliance announces availability of Certificate of Cloud Security Knowledge (CCSK)

The Cloud Security Alliance’s Certificate of Cloud Security Knowledge (CCSK) is now open for testing.

July 28, 2010

Cloud Security Alliance announces the world’s first user certification for cloud security

The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.

May 24, 2010

Cloud Security Alliance announces appointment of general counsel Francoise Gilbert

The Cloud Security Alliance today has announced that Francoise Gilbert, founder and managing director of the IT Law Group, has accepted the appointment as General Counsel (pro bono) for the Cloud Security Alliance.

April 27, 2010

Cloud Controls Matrix is Released

The Cloud Security Alliance today has announced the availability of version 1.0 of the CSA Cloud Controls Matrix, a catalog of cloud security controls aligned with key information security regulations, standards and frameworks.

April 27, 2010

Trusted Cloud Research Advisory and New Whitepaper

The Cloud Security Alliance today has announced the completion of important milestones in its Trusted Cloud Initiative, previously announced by CSA and Novell at the RSA Conference 2010 in San Francisco.

April 27, 2010

Cloud Security Alliance announces collaboration with HITRUST

The Health Information Trust Alliance (HITRUST) and Cloud Security Alliance (CSA) today announced a joint collaboration focused on addressing cloud security initiatives related to improving the state of security and compliance in the healthcare industry.

March 01, 2010

Cloud Security Alliance Takes Major Steps to Secure the Cloud at RSA Conference 2010

The Cloud Security Alliance today is making several significant announcements at its CSA Summit to provide both cloud customers and cloud providers with research, tools and calls to action to further build trust and mitigate risks within cloud computing.

March 01, 2010

Cloud Security Alliance and HP Identify Top Cloud Security Threats in New Research Report

The Cloud Security Alliance (CSA) and HP (NYSE: HPQ) today announced new research findings that detail the potential threats surrounding the use of cloud services.

March 01, 2010

Cloud Security Alliance and Novell deliver first vendor-neutral Trusted Security Certification program to spur mainstream cloud adoption

Novell and the Cloud Security Alliance (CSA), today announced a vendor-neutral initiative to deliver the industry’s first cloud security certification, education and outreach program for cloud providers.

March 01, 2010

Survey by IEEE and Cloud Security Alliance Details Importance and Urgency of Cloud Computing Security Standards

IEEE, the world’s leading professional association for the advancement of technology, and the Cloud Security Alliance (CSA), a not-for-profit organization formed to promote the use of best practices for providing security assurance within cloud computing, today announced results of a survey of IT professionals that reveals overwhelming agreement on the importance and urgency of cloud computing security standards.

December 17, 2009

Cloud Security Alliance Issues Version Two of Guidance Identifying Key Practices for Secure Adoption of Cloud Computing

The Cloud Security Alliance (CSA) today issued the second version of its “Guidance for Critical Areas of Focus in Cloud Computing”, now available on the Cloud Security Alliance website.

December 01, 2009

DMTF Announces Partnership with Cloud Security Alliance

Distributed Management Task Force (DMTF), the organization bringing the IT industry together to collaborate on systems management standards development, validation, promotion and adoption, today announced that it will partner with the Cloud Security Alliance (CSA) to promote standards for cloud security as part of the ongoing work within the DMTF Open Cloud Standards Incubator.

August 25, 2009

Cloud Security Alliance Continues Rapid Growth; Now Broadest Industry-wide Initiative Focused on Cloud Security

The Cloud Security Alliance (CSA) today made several announcements underscoring its rapid growth and broad industry support as the largest cloud security initiative on a global basis, including the news that numerous leading corporations in the fields of cloud computing and security have joined the Alliance.

May 27, 2009

Jericho Forum and Cloud Security Alliance join forces to address Cloud Computing Security

Jericho Forum, the high level independent security expert group, and the Cloud Security Alliance, a not-for-profit group of information security and cloud computing security leaders, announced today that they are working together to promote best practices for secure collaboration in the cloud.

May 22, 2009

Cloud Security Alliance Corporate Membership Program released

Corporate Membership Program Prospectus available as a PDF download.

April 22, 2009

Cloud Security Alliance issues Guidance for Critical Areas of Focus in Cloud Computing

The information security industry is taking on the task of providing guidance to enable secure Cloud Computing with today’s formal launch of the Cloud Security Alliance.

March 31, 2009

Industry Leaders Form Cloud Security Alliance

Key leaders within both the information security and cloud computing industries today announced the formation of the Cloud Security Alliance, to be formally launched at the RSA Conference 2009, in San Francisco on April 21, 2009.

Page Dividing Line