Cloud Data Governance
Live Survey (invite only – contact leadership for more details)
Cloud Insider Threat Survey
We can safely predict that an insider threat targeting cloud will be the cause of a major data breach this year. While cloud insider threats consistently rank as a top concern, they have not been decomposed and mitigated like enterprise exploits. This proposed survey research takes a look at the actors, behavioral traits and ways to prevent, mitigate and recover cloud insider threats.
Peer Review coming soon!
Working Group Charter
The Working Group responsibilities and membership bylaws are outlined in this newly re-formed Cloud Security Alliance Data Governance Group
Peer Review coming soon!
Cloud Data Protection Cert
An industry blueprint for making data protection "business consumable". Tell us what you think? How do we expand and grow this?
Introduction to the Cloud Data Governance Working Group
The mission of this group is to design a universal set of principles and map these to emerging technologies and techniques for ensuring the privacy, confidentiality, availability, integrity and security of data across private and public clouds.
Working Group Scope and Responsibilities
The working group is chartered to research the following areas:
Propose a data governance framework to ensure the privacy, availability, integrity and overall security of data in different cloud models. These will feed into the GRC stack and can be implemented as controls across the CAIQ, CCM and STAR
Develop thought leadership materials to promote CSA¹s leadership across the spheres of data privacy, data protection and data governance.
Work on harmonizing data privacy regulations to a set of data protection principles that can help cloud consuming organizations and cloud service providers meet new data privacy requirements in a more efficient and proactive manner
Join the Cloud Data Governance Working Group
Release Date: November 16, 2011
The purpose of this survey is to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry. The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.
Release Date: August 01, 2011
Co-Chair: Evelyn de Souza
Evelyn de Souza is a Cloud Data Governance Leader at Cisco Systems, where she focuses on developing industry blueprints so that organizations can embrace cloud securely and ensure data privacy in an agile manner. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn previously co-chaired the CSA Cloud Controls Matrix working group and played an integral role in guiding its development and evolution. Evelyn was recently named to CloudNOW's Top 10 Women in Cloud Computing for 2014. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable" and is the creator of the Data Protection Heat Index (under development) a tool that attempts to streamlines the data privacy landscape. Evelyn is a regular speaker at industry events and further promotes industry best practices or data privacy and protection in her bi-weekly blog on WIRED Insights.
Cloud Data Governance News
May 16, 2013
The APAC region leadership team has published its research roadmap for 2013-2014.
July 18, 2012
CSA announces the availability of several new opportunities to sponsor key research initiatives. Your support helps us maintain our aggressive research schedule and accelerate responsible adoption of cloud computing.
November 16, 2011
Cloud Security Alliance Releases Results of Cloud Consumer Advocacy Questionnaire and Information Survey
Cloud Data Governance (CDG) working group today introduced the results of its Cloud Consumer Advocacy Questionnaire and Information Survey. The survey is the first deliverable for the CDG working group, which will now turn its focus to delivering best practices recommendations, prioritizing and answering the key problems and questions identified by cloud stakeholders in the survey.
October 19, 2011
An Invitation for SME’s to contribute to CSA’s Cloud Data Governance Working Group by Tuesday, October 25th
The Cloud Data Governance (CDG) Working Group is seeking Subject Matter Experts to help identify the current state of public cloud solution provider maturity in addressing the issues related to Information Lifecycle Management (ILM). Subject Matter Experts are needed to help us complete the initial phase of our research.
October 06, 2011
The Cloud Consumer Advocacy Questionnaire and Information Survey (CCAQIS) – Survey submission has been extended through October 11, 2011
CCAQIS was designed to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry.
The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.
August 11, 2011
The initial phase of the initiative will be a survey of cloud providers to determine the current industry practices around data governance as articulated by the Information Security Lifecycle Management domain in our V2.1 of the Security Guidance for Critical Areas of Focus in Cloud Computing.