CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
The Notorious Nine: Cloud Computing Top Threats in 2013 Providing organizations with up-to-date, expert-informed understanding of cloud security threats in order to make educated risk-management decisions regardin... Request to download | |
What the Proposed EU Data Protection Regulation Means for Cloud Users | |
Article 29 Working Party Cloud Computing Opinion: A Blow to Safe Harbor The Article 29 Data Protection Working Party—which includes representatives of the data protection authorities of each of the European Union member states—re... Request to download | |
International Standardization Council Roles and Responsibilities for Liaison Officer | |
International Standardization Council Operating Procedures | |
What Rules Apply to Government Access to Data Held by US Cloud Service Providers What rules regulate government access to data held by US cloud service providers. ... Request to download | |
Security Guidance for Critical Areas of Mobile Computing Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners,... Request to download | |
Top Ten Big Data Security and Privacy Challenges In this paper, we highlight the top ten big data specific security and privacy challenges. We interviewed Cloud Security Alliance members and surveyed securi... Request to download | |
CSA Congress 2012 Big Data Overview Crystallization of best practices for security and privacy in big data. Request to download | |
SecaaS Category 7 // Security Information and Event Management Implementation Guidance This document provides guidance on how to evaluate, architect, and deploy cloud-based SIEM services to both enterprise and cloud-based networks, infrastructu... Request to download | |
SecaaS Category 9 // BCDR Implementation Guidance When using the cloud for operational processes and/or production systems, an organization’s BC/DR requirements must be included in their procurement, plannin... Request to download | |
SecaaS Category 8 // Encryption Implementation Guidance Encryption is a primary data (and application) protection technique. For encryption to be useful, encryption keys must be properly managed and protected. Thi... Request to download | |
SecaaS Category 6 // Intrusion Management Implementation Guidance Because of the limited market maturity and lack of widely accepted best practices, this document provides implementation guidelines for cloud-based intrusion... Request to download | |
SecaaS Category 5 // Security Assessments Implementation Guidance There are many choices for an assessment framework standard and there is no "one size fits all" solution for security assessments. One could reasonably expec... Request to download | |
SecaaS Category 4 // Email Security Implementation Guidance Due to its ubiquitous use, electronic mail is both the prime target of, and primary vehicle for, attacks, and must be protected on both ends: sending and rec... Request to download | |
SecaaS Category 2 // Data Loss Prevention Implementation Guidance DLP must be considered an essential element for achieving an effective information security strategy for protecting data as it moves to, resides in and depar... Request to download | |
SecaaS Category 3 // Web Security Implementation Guidance The vendor and academic community have come together to form a set of solutions called Security as a Service. This document specifically addresses one elemen... Request to download | |
SecaaS Category 10 // Network Security Implementation Guidance In a cloud environment, a major part of network security is likely to be provided by virtual security devices and services, alongside traditional physical ne... Request to download | |
Mobile Top Threats | |
CSA/ISACA Cloud Market Maturity Study Results A collaborative project by ISACA and CSA, the Cloud Market Maturity study provides business and IT leaders with insight into the maturity of cloud computing ... Request to download |