CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
 | CSA Congress 2012 Big Data Overview Crystallization of best practices for security and privacy in big data. Request to download |
 | SecaaS Category 7 // Security Information and Event Management Implementation Guidance This document provides guidance on how to evaluate, architect, and deploy cloud-based SIEM services to both enterprise and cloud-based networks, infrastructu... Request to download |
 | SecaaS Category 9 // BCDR Implementation Guidance When using the cloud for operational processes and/or production systems, an organization’s BC/DR requirements must be included in their procurement, plannin... Request to download |
 | SecaaS Category 8 // Encryption Implementation Guidance Encryption is a primary data (and application) protection technique. For encryption to be useful, encryption keys must be properly managed and protected. Thi... Request to download |
 | SecaaS Category 6 // Intrusion Management Implementation Guidance Because of the limited market maturity and lack of widely accepted best practices, this document provides implementation guidelines for cloud-based intrusion... Request to download |
 | SecaaS Category 5 // Security Assessments Implementation Guidance There are many choices for an assessment framework standard and there is no "one size fits all" solution for security assessments. One could reasonably expec... Request to download |
 | SecaaS Category 4 // Email Security Implementation Guidance Due to its ubiquitous use, electronic mail is both the prime target of, and primary vehicle for, attacks, and must be protected on both ends: sending and rec... Request to download |
 | SecaaS Category 2 // Data Loss Prevention Implementation Guidance DLP must be considered an essential element for achieving an effective information security strategy for protecting data as it moves to, resides in and depar... Request to download |
 | SecaaS Category 3 // Web Security Implementation Guidance The vendor and academic community have come together to form a set of solutions called Security as a Service. This document specifically addresses one elemen... Request to download |
 | SecaaS Category 10 // Network Security Implementation Guidance In a cloud environment, a major part of network security is likely to be provided by virtual security devices and services, alongside traditional physical ne... Request to download |
 | Mobile Top Threats |
 | CSA/ISACA Cloud Market Maturity Study Results A collaborative project by ISACA and CSA, the Cloud Market Maturity study provides business and IT leaders with insight into the maturity of cloud computing ... Request to download |
 | SecaaS Category 1 // Identity and Access Management Implementation Guidance This document addresses personnel involved in the identification and implementation of the IAM solution in the cloud. It will be of particular interest to th... Request to download |
 | Mobile Device Management: Key Components With the growth in the number of applications, content, and data being accessed through a variety of devices, Mobile Device Management (MDM) is vital to mana... Request to download |
 | Cloud Controls Matrix v1.3 This is an old version of the Cloud Controls Matrix (CCM). You learn more and download the latest version of the CCM here: https://cloudsecurityalliance.org/... Request to download |
 | PLA Initiative Research Sponsorship Outline |
 | OCF Vision Statement The CSA Open Certification Framework is a program for flexible, incremental and multi-layered cloud provider certification according to the Cloud Security Al... Request to download |
 | Innovation Initiative Overview Powerpoint |
 | Innovation Initiative Charter |
 | Cloud Consumer Advocacy Questionnaire The purpose of this survey was to capture the current state of data governance and data security capabilities offered by leading cloud service providers in t... Request to download |