Cloud Data Governance Arrow to Content

Current Initiatives

Live Survey (invite only – contact leadership for more details)

Cloud Insider Threat Survey

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach this year. While cloud insider threats consistently rank as a top concern, they have not been decomposed and mitigated like enterprise exploits.  This proposed survey research takes a look at the actors, behavioral traits and ways to prevent, mitigate and recover cloud insider threats.

Peer Review coming soon!

Working Group Charter

The Working Group responsibilities and membership bylaws are outlined in this newly re-formed Cloud Security Alliance Data Governance Group

Peer Review coming soon!

Cloud Data Protection Cert

An industry blueprint for making data protection "business consumable". Tell us what you think?  How do we expand and grow this?

Introduction to the Cloud Data Governance Working Group

The mission of this group is to design a universal set of principles and map these to emerging technologies and techniques for ensuring the privacy, confidentiality, availability, integrity and security of data across private and public clouds.

Working Group Scope and Responsibilities

The working group is chartered to research the following areas:

Propose a data governance framework to ensure the privacy, availability, integrity and overall security of data in different cloud models.  These will feed into the GRC stack and can be implemented as controls across the CAIQ, CCM and STAR

Develop thought leadership materials to promote CSA¹s leadership across the spheres of data privacy, data protection and data governance.

Work on harmonizing data privacy regulations to a set of data protection principles that can help cloud consuming organizations and cloud service providers meet new data privacy requirements in a more efficient and proactive manner

Join the Cloud Data Governance Working Group

Downloads

CCAQIS Survey v1.2

CCAQIS Survey v1.2

The purpose of this survey is to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry. The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.

Release Date: August 01, 2011

Leadership

Co-Chair: Evelyn de Souza

Evelyn de Souza is a Cloud Data Governance Leader at Cisco Systems, where she focuses on developing industry blueprints so that organizations can embrace cloud securely and ensure data privacy in an agile manner. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn previously co-chaired the CSA Cloud Controls Matrix working group and played an integral role in guiding its development and evolution. Evelyn was recently named to CloudNOW's Top 10 Women in Cloud Computing for 2014. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable" and is the creator of the Data Protection Heat Index (under development) a tool that attempts to streamlines the data privacy landscape.  Evelyn is a regular speaker at industry events and further promotes industry best practices or data privacy and protection in her bi-weekly blog on WIRED Insights.

Leadership Contact

[email protected]

Cloud Data Governance News

May 16, 2013

Cloud Security Alliance APAC Defines 2013-2014 Research Roadmap

The APAC region leadership team has published its research roadmap for 2013-2014.

July 18, 2012

CSA Research Sponsorship Opportunities Available

CSA announces the availability of several new opportunities to sponsor key research initiatives. Your support helps us maintain our aggressive research schedule and accelerate responsible adoption of cloud computing.

November 16, 2011

Cloud Security Alliance Releases Results of Cloud Consumer Advocacy Questionnaire and Information Survey

Cloud Data Governance (CDG) working group today introduced the results of its Cloud Consumer Advocacy Questionnaire and Information Survey. The survey is the first deliverable for the CDG working group, which will now turn its focus to delivering best practices recommendations, prioritizing and answering the key problems and questions identified by cloud stakeholders in the survey.

October 19, 2011

An Invitation for SME’s to contribute to CSA’s Cloud Data Governance Working Group by Tuesday, October 25th

The Cloud Data Governance (CDG) Working Group is seeking Subject Matter Experts to help identify the current state of public cloud solution provider maturity in addressing the issues related to Information Lifecycle Management (ILM). Subject Matter Experts are needed to help us complete the initial phase of our research.

October 06, 2011

The Cloud Consumer Advocacy Questionnaire and Information Survey (CCAQIS) – Survey submission has been extended through October 11, 2011

CCAQIS was designed to capture the current state of data governance and data security capabilities offered by leading cloud service providers in the industry.
The results of this survey will be aggregated and used for guidance and research conducted by CSA and its affiliates.

August 11, 2011

CSA Announces a New Research Initiative Called Cloud Data Governance

The initial phase of the initiative will be a survey of cloud providers to determine the current industry practices around data governance as articulated by the Information Security Lifecycle Management domain in our V2.1 of the Security Guidance for Critical Areas of Focus in Cloud Computing.