Research

Working Groups

The CSA maintains Working Groups across 28 domains of Cloud Security.

Anti-BotBig DataCloud Controls Matrix
Cloud Data GovernanceCloud VulnerabilitiesCloudAudit
CloudCISCCloudTrustConsensus Assessments
Enterprise ArchitectureFinancial ServicesHealth Information Management
Incident Management and ForensicsInnovationInternet of Things
LegalMobileOpen API
Open CertificationPrivacy Level AgreementQuantum-safe Security
Security as a ServiceSecurity GuidanceSmall Business
Software Defined PerimeterTelecomTop Threats
Virtualization

Anti-Bot Working Group

Mission Statement: To develop and maintain a research portfolio providing capabilities to assist the cloud provider industry in taking a lifecycle approach to botnet prevention. Botnets have long been a favored attack mechanism of malicious actors. A recent evolution in botnet innovation has been the introduction of server-based Bots as an alternative to single user…

ConnectLearn more

Big Data Working Group

The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. BDWG’s investigation is expected to lead to crystallization of best practices for security and privacy in big data, help industry and government on adoption of best practices, establish liaisons with other organizations in order to coordinate the development…

ConnectLearn more

Cloud Controls Matrix Working Group

The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. The CSA CCM provides a controls framework that gives detailed understanding of security concepts and principles that are aligned…

ConnectLearn more

Cloud Data Governance Working Group

The mission of this group is to design a universal set of principles and map these to emerging technologies and techniques for ensuring the privacy, confidentiality, availability, integrity and security of data across private and public clouds. Working Group Scope and Responsibilities Propose a data governance framework to ensure the privacy, availability, integrity and overall…

ConnectLearn more

Cloud Vulnerabilities Working Group

Founded by the CSA APAC region in May 2013, the CSA Cloud Vulnerabilities Working Group is global working group chartered to conduct research in the area of cloud computing vulnerabilities, with the goals of understanding and educating the classification and exact causes of cloud computing vulnerabilities, recommendations and best practices for the reduction of top…

ConnectLearn more

CloudAudit Working Group

The goal of CloudAudit is to provide a common interface and namespace that allows enterprises who are interested in streamlining their audit processes (cloud or otherwise) as well as cloud computing providers to automate the Audit, Assertion, Assessment, and Assurance of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments and allow authorized consumers of…

ConnectLearn more

CloudCISC Working Group

The Mandate Organizations are increasingly overwhelmed by information security attacks with huge consequences in financial, legal and reputational damage. Malicious actors collaborate with skill and agility, effectively moving from target to target at a breakneck pace. A major impediment to protecting information assets in an enterprise is the unwillingness and/or inability to share cybersecurity incident…

ConnectLearn more

CloudTrust Working Group

We want to improve Cloud Trust through transparency and assurance. A trusted cloud is defined as a cloud service or Cloud Service Provider (CSP) that implements standards of governance, management, and security that meet a minimum set of requirements aimed at increasing the confidence of Cloud Service Customers (CSCs). Tactical implementation of the CSA Cloud…

ConnectLearn more

Consensus Assessments Working Group

Lack of security control transparency is a leading inhibitor to the adoption of cloud services. The Cloud Security Alliance Consensus Assessments Initiative (CAI) was launched to perform research, create tools and create industry partnerships to enable cloud computing assessments. We are focused on providing industry-accepted ways to document what security controls exist in IaaS, PaaS,…

ConnectLearn more

Enterprise Architecture Working Group

The Enterprise Architecture helps cloud providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations, and practices. The Enterprise Architecture Working Group will develop reference models and education in a vendor-neutral manner, inclusive of all CSA members and affiliates who wish to participate. The Enterprise Architecture is both a methodology and a set…

ConnectLearn more

Financial Services Working Group

The Financial Services working group (FSWG) main objective is to identify and share the challenges, risks and Best Practices for the development, deployment and management of secure cloud services in the financial and banking industry. FSWG results are expected to accelerate the adoption of Secure Cloud services in the Financial Industry by helping the Industry…

ConnectLearn more

Health Information Management Working Group

The Health Information Management Working Group (HIWG) within the Cloud Security Alliance (CSA) has been designated to provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients, and foster cloud awareness within all aspects of healthcare and related industries. The efforts are jointly executed…

ConnectLearn more

Incident Management and Forensics Working Group

The Incident Management and Forensics Working Group serves as a focal point for the examination of incident handling and forensics in cloud environments. We seek to develop best practices that consider the legal, technical, and procedural elements involved in responding in a forensically sound way to security incidents in the cloud.

ConnectLearn more

Innovation Working Group

The CSA Innovation Working Group was created to foster secure innovation in information technology. Our mission is to: Identify key structural issues related to trust and security that will inhibit the adoption of next generation information technology. Articulate the guiding principles and objectives that IT innovators must address. Help innovators incubate technology solutions that align…

ConnectLearn more

Legal Working Group

Confusion about legal issues is one of the biggest issues facing both cloud providers and cloud customers. Laws regarding government access to data vary in respective countries. Laws governing privacy protections for citizens and cross-border export of data also differ according to jurisdiction. There is also a great deal of hype and misinformation around specific…

ConnectLearn more

Mobile Working Group

Mobile computing is experiencing tremendous growth and adoption, while the devices are gaining significant power and dynamic capabilities. Personally owned mobile devices are increasingly being used to access employers’ systems and cloud-hosted data - both via browser-based and native mobile applications. Clouds of mobile devices are likely to be common. The CSA Mobile working group…

ConnectLearn more

Open API Working Group

Enterprises are moving towards an IT model in which most business applications are delivered as Software as a Service (SaaS) from Cloud Service Providers (CSPs). The emerging tools and products used to secure these (use cases) business applications are categorized as Cloud Access Security Brokers (CASB) by leading analysts. The goal of the Cloud Security…

ConnectLearn more

Open Certification Working Group

The CSA Open Certification Working Group is an industry initiative to allow global, accredited, trusted certification of cloud providers. The CSA Open Certification Working Group is a program for flexible, incremental and multi-layered cloud provider certification according to the Cloud Security Alliance’s industry leading security guidance and control objectives. The program will integrate with popular…

ConnectLearn more

Privacy Level Agreement Working Group

Privacy is one of the top concerns for potential cloud customers. Both Cloud Service Providers (CSPs) and potential users struggle with different data protection legislation across the globe, where the inconsistencies between National legislations represent a significant barrier to a broad adoption of cloud computing. Moreover, privacy compliance has become a fundamental evaluation criterion when…

ConnectLearn more

Quantum-safe Security Working Group

Modern encryption methods are composed of two parts: an algorithm that encrypts or decrypts our data with a random, secret key, and a method of sharing the secret key between the parties. The encryption algorithm (AES‐256) appears safe, at least for the next 20 to 30 years, based on our current knowledge of cryptographic attacks.…

ConnectLearn more

Security as a Service Working Group

The mission statement of the Cloud Security Alliance is ". . . to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing." In order to provide greater focus on the second part of our…

ConnectLearn more

Security Guidance Working Group

The CSA guidance, currently in its third edition, seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment. CSA…

ConnectLearn more

Small Business Working Group

Small businesses (1-49 employees as defined by EU#) are the bloodline of world economy. In the EU the small businesses represent 97% of all registered companies. Cloud Security Alliance produced Guidance for Cloud Computing Security, now in the version 3.0. This document, although very useful and detailed, is at 177 pages a rather lengthy reading.…

ConnectLearn more

Software Defined Perimeter Working Group

The Software Defined Perimeter (SDP) is a research initiative launched in December 2013 with the goal to develop a solution to stop network attacks against application infrastructure. With the adoption of cloud services the threat of network attacks against application infrastructure increases since servers can not be protected with traditional perimeter defense techniques. Cloud Security…

ConnectLearn more

Telecom Working Group

The Telecom Working Group within the Cloud Security Alliance (CSA) has been designated to provide direct influence on how to deliver secure cloud solutions and foster cloud awareness within all aspects of Telecommunications. The efforts are jointly executed by CSA Global, Telecom cloud communities (i.e. focus groups, associations, research institutes, forums, academia), Solution Providers and…

ConnectLearn more

Top Threats Working Group

The purpose of this group is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies.

ConnectLearn more

Virtualization Working Group

Virtualization is a critical part of cloud computing. Virtualization provides an important layer of abstraction from physical hardware, enabling the elasticity and resource pooling commonly associated with cloud. Virtualized operating systems are the backbone of Infrastructure as a Service (IaaS). The CSA Security Guidance for Critical Areas of Focus in Cloud Computing focused exclusively on…

ConnectLearn more

Initiative Details Date Opened

Identity and Access Management for the Internet of Things – Summary Guidance

This document is the first in a series of summary guidance aimed at providing easily understandable recommendations to information technology staff charged with implementing the IoT. This document focuses on considerations for Identity and Access Management (IAM).

August 03, 2015 Contribute now

CloudTrust Working Group Charter

July 10, 2015 Contribute now

Quantum‐safe Security Working Group Charter

July 08, 2015 Contribute now

Application Security

Understanding the limited opportunities to secure apps from secure coding practices, third party security add ons, and testing procedures in app stores.

June 26, 2015 Contribute now

Security Guidance for Early Adopters of IoT

Understanding the fundamental concepts of authentication in layered mobile computing environments to ensure proper implementation, maintenance, and monitoring of secure mobile devices.

June 26, 2015 Contribute now

Mobile Authentication

Understanding the fundamental concepts of authentication in layered mobile computing environments to ensure proper implementation, maintenance, and monitoring of secure mobile devices.

June 26, 2015 Contribute now

NFV/SDN Position Paper Project Charter

June 18, 2015 Contribute now

Open API Charter

June 08, 2015 Contribute now

Security Guidance for Critical Areas of Focus in Cloud Computing v3.0

May 26, 2015 Contribute now

Mobile Application Security Testing

Mobile applications are becoming an integral part of not just modern enterprises but also of human existence and a huge part of this shift is due to the emergence of cloud computing. The Mobile Application Security Testing initiative will aim to create a safer cloud ecosystem for mobile applications by creating systematic approaches to application testing and vetting that helps integrate and introduce quality control and compliance to mobile application development and management.

May 23, 2015 Contribute now

BYOD – Legal Analysis & Practical TIPs

March 30, 2015 Contribute now

Privacy Level Agreement Version 2

November 18, 2014 Contribute now

Anti-Bot Working Group Whitepaper

CSA as the industry leader has an obligation to articulate solutions to prevent, respond and mitigate against botnets occurring on cloud infrastructure. The CSA Anti-Bot Working Group is the primary stakeholder for coordinating these activities.

July 29, 2014 Contribute now

Cloud Broker Working Group Proposed Charter

The CSA Cloud Broker Working Group will address the above challenges through intelligent market outreach, aligning brokers with cloud governance best practices, documenting use cases, identifying standards requirements, and creating other innovative research artifacts.

July 21, 2014 Contribute now

Security as a Service Working Group Proposed Charter

The Security as a Service (SecaaS) working group within the Cloud Security Alliance (CSA) has been created to provide leadership and direction on how the cloud can be used to deliver security services to cloud, on premises and hybrid environments.

June 09, 2014 Contribute now

Mobile BYOD Policy Guidance

It is becoming common for employees to request (demand) the ability to use their personal mobile devices(*) in the course of their work related activities. Allowing them to do so may improve employee productivity, talent retention and business agility but probably runs contrary to existing Corporate/IT policy. A strategy should be chosen to provide the desired level of control, such as a containerization of company data and applications or a full-device, MDM centric approach.

April 28, 2014 Contribute now

SLA Guidance

Service Level Agreements (SLA) represents a key component of any cloud service agreement and the concept, upon first glance, appears to be easy to understand: a commitment to performance on the part of the Cloud Service Provider (CSP) to the Cloud Service User (CSU). The reality is that while the concept is simple, the application, enforcement and the monitoring is not.

February 28, 2014 Contribute now

Best Practices in Big Data Security and Privacy

This document lists out in detail the best practices that should be followed by big data service providers to fortify their infrastructures. We present ten best practices for each of the top ten challenges in big data security and privacy providing us a roster of one hundred best practices.

July 23, 2013 Contribute now

Next Generation SIEM

The capabilities of today’s modern SIEM infrastructures have already changed compared with traditional SIEMs that enterprises used to deploy 5 years ago (extended functions like compliance monitoring, broader input from additional event sources, different ways to store and access data, less complex to set-up and operate). But the evolution is ongoing and there is a broad discussion about what the next generation SIEM technology should be able to deliver and how. While Cloud environments might introduces more complexity (virtualization layer, distributed infrastructure, federated applications, …) and thus are more complex to monitor by a SIEM, at the same time the cloud “technology” and SecaaS based SIEM services create new opportunities for enterprises and the Cloud can help in storing and processing the increasing amount of data captured by SIEMs.

July 03, 2013 Contribute now

Mobile App Security

The security of smart phones and the software being used on them will become increasingly important. The CSA Mobile Working Group is trying to identify and document recommendations to establish guidelines for the mobile device environment.

April 01, 2013 Contribute now

NIST Cyber Security Framework – Candidate Mapping

January 01, 2013 Contribute now