Having trouble seeing this email?  view it online or unsubscribe

Cloud Security Alliance

May, 18 2015

CSA Research Update

Welcome to the
CSA Research Update!

Last month, the Cloud Security Alliance (CSA) hosted CSA Summit at RSA in San Francisco as well as conducting a number of events throughout the conference week. From CSA Summit that kicked off the week to working group sessions to member engagement meetings, CSA enjoyed a successful week at RSA. The team is looking forward to RSA 2016.

Research at Cloud Security Alliance

CSA boasts a rapidly expanding suite of research initiatives, including 25 active work groups.


The Cloud Security Alliance published in February 2013 the “Privacy Level Agreement Outline for CSPs Providing Services in the European Union” (PLA4EU V.1). The PLA4EU V.1 should be considered as a powerful transparency and voluntary disclosure mechanism for those Cloud Service Providers (CSPs) offering services in the European Economic Area (EEA). The CSA has completed the PLA4EU V.2, with the objective to define a Privacy compliance mechanism for the European Union based on PLA4EU V.1. The open review and comments period ends on May 22, 2015.

Read More

Mobile Application Security Testing (MAST) initiative kicks off

The Mobile Application Security Testing (MAST) initiative held its kickoff meeting at RSA last month. The MAST initiative aims to create a safer cloud eco-system for mobile applications by creating systematic approaches to application testing and vetting that helps integrate and introduce quality control and compliance to mobile application development and management.

Join the Working Group

(ISC)²® and Cloud Security Alliance Introduce New Cloud Security Certification

(ISC)²® (“ISC-squared”) and the Cloud Security Alliance® (CSA) today announced the new Certified Cloud Security Professional (CCSP) certification. The CCSP represents the advanced skills required to secure the cloud, while establishing an international standard for professional-level knowledge in the design, implementation and management of cloud environments.

Read More

New CSA STAR Watch Tool now in Open Beta

During the RSA Conference, the CSA announced an open beta for CSA STAR Watch, a SaaS tool in a database structure that allows organizations to manage both public and private cloud security assessments, based upon CCM and CAIQ. CSA STAR is based upon the research of the GRC Stack and provides a toolkit for enterprises, cloud providers, security solution providers, IT auditors and other key stakeholders. The GRC Stack allows users to instrument and assess both private and public clouds against industry established best practices, standards and critical compliance requirements.

Join the Beta

CSA Launches New Security Guidance for Early Adopters of the IoT

The Cloud Security Alliance Internet of Things (IoT) Working Group unveiled a new guidance report titled, New Security Guidance for Early Adopters of the IoT, aimed at helping early adopters understand the security challenges surrounding IoT, and providing recommended security controls and sample use-cases for organizations implementing IoT capabilities.

Read More