Having trouble seeing this email?  view it online or unsubscribe

Cloud Security Alliance

November 18, 2015

CSA Monthly Newsletter

Welcome to the CSA Monthly Newsletter

As the weather turns colder and the days shorter, the CSA Research Team is working on various projects, initiatives, and events. We look forward to seeing you at the various Summit and Congress events across the globe and your contribution to CSA Guidance V.4.

Research News

Stay up to date with our latest research projects.

CSA Guidance V.4: Domain 1 Available for Review and Comments

The Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations. It acts as a practical, actionable roadmap to individuals looking to safely and securely adopt the cloud paradigm. A draft of Domain 1 is now available for review.

Learn More

Survey for the CSA Top Threats to Cloud Computing 2015 Report is Open

The Cloud Security Alliance Top Threats Working Group is conducting a survey of global security concerns in cloud computing. This short survey asks you to rate the relevance of 13 shortlisted security concerns in cloud computing. In addition, you will be given an opportunity to comment on and provide anecdotes for these security concerns.

Learn More

Keeping your Data and Applications Safe from the CSA Top Threats

The cloud presents all kinds of opportunities for today’s enterprise, from anywhere access to anything-as-a-service. Cloud computing imposes significant security risks on the corporation, network, IT and the day to day activities of the business. How do they maintain compliance, control and ownership of sensitive data as they move from the physical environment to a cloud world? The distribution of data onto devices may not be completely controlled by the data owner, and there is liability confusion as cloud service providers take on a larger role.

Watch the Webinar

Learn about our research at https://cloudsecurityalliance.org/research/.

Upcoming Events

Join us in our efforts of solving critical security problems by attending the events below.

CSA Summit Los Angeles 2015

December 3, 2015 - Los Angeles, CA

This summit is hosted by the CSA LA/SoCal chapter. The focus is on Enterprise Lessons Learned in Cloud Security, and will feature subject matter experts from entertainment and other key industries.

Register now

CSA Congress APAC

December 1 – 3, 2015 - Guangzhou, China

With the rise of cloud computing and innovation from the Asia Pacific (APAC) region, we are witnessing a boom in technology businesses in APAC. With this growth, the Cloud Security Alliance Asia Pacific (CSA APAC) is delighted to announce the 2015 CSA APAC Congress held in Guangzhou, China

Register now

CSA Summit at RSA 2016

February 29, 2016 - San Francisco, CA

Join us at our largest event of the year; CSA Summit at RSA 2016. More details to come, sign up to stay informed.

For more info

All of our upcoming event information can also be viewed online at https://csacongress.org/events/.

Education Opportunities

Cloud Security Alliance seeks to educate and inform users and providers of cloud services.

Can I Still Use the Cloud? Now that Safe Harbor is Dead

The EU-US Safe Harbor agreement for data transfers has been declared invalid. Hear what this means for you, your organization and your data on EU citizens. Can you save data in US cloud services, and if so, what do you need to know to ensure you don’t break privacy laws.


Cloud Access Security Brokers: Critical Capabilities

Cloud Access Security Brokers (CASBs) are the hottest security technologies on the market. They provide organizations with much needed visibility and control over corporate data as it moves beyond the firewall via the public cloud.


Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Cargill has been at the forefront of this movement, and in this webinar we will share the findings of his research into Microsoft Office 365 controls and how they’re leveraging a Cloud Access Security Broker (CASB) to achieve comprehensive data protection.

Watch Online

Get more information about cloud security training — including the CCSK Training Schedule at https://cloudsecurityalliance.org/education/.


Recent publications from our ongoing research initiatives.

CSA Releases the Cloud Trust Protocol Data Model and API

Thanks to the support of our peer reviewers and contributors (including the EU projects SPECS, A4Cloud and CUMULUS), we are pleased to announce the release of the CSA Cloud Trust Protocol (CTP) data model and API specification. The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, promoting transparency and trust.

Download now

Cloud Forensics Capability Maturity Model available for Download

The Incident Management and Forensics Working Group released its “Cloud Forensics Capability Maturity Model”, a new research report that describes a Capability Maturity Model (CMM) that can be used by both cloud consumers and Cloud Service Providers (CSPs) in assessing their process maturity for conducting digital forensic investigations in the cloud environment.

Download now

Cloud Security Alliance Releases New Guidance for Identity and Access Management for the Internet of Things

The Internet of Things (IoT) has been experiencing massive growth in both consumer and business environments. In response to this emerging market and the particular security requirements of these connected devices, The CSA established the IoT Working Group to focus on providing relevant guidance to its stakeholders who are implementing IoT solutions.

Download now

Find more publications at https://cloudsecurityalliance.org/download/.