CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
![]() | Zero Trust Privacy Assessment and Guidance - Japanese Translation Release Date: 04/02/2025 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
![]() | Requirements for Bodies Providing STAR Certification Release Date: 03/31/2025 This document outlines how to conduct STAR certification assessments to the Cloud Controls Matrix (CCM) as part of an ISO 27001 assessment. The STAR certi... Request to download |
![]() | CSA Code of Conduct to EU Cloud Code of Conduct Mapping Release Date: 03/24/2025 Navigating General Data Protection Regulation (GDPR) compliance requirements can be challenging. Fortunately, Codes of Conduct (CoCs) provide a straightfo... Request to download |
![]() | Cloud Key Management Working Group Charter 2025 Release Date: 03/18/2025 Cloud services are becoming ubiquitous in all sizes, and customers encounter many obligations and opportunities for using key management systems with thos... Request to download |
![]() | Context-Based Access Control for Zero Trust - Japanese Translation Release Date: 03/11/2025 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
![]() | Release Date: 03/11/2025 Shadow Access is undesired or unauthorized access to resources, such as applications, networks, and data. Shadow Access is increasingly a cloud issue, res... Request to download |
![]() | The Six Pillars of DevSecOps Bundle Release Date: 03/10/2025 DevOps enhances the management of information security, but its execution must be secured to avoid vulnerabilities like lax firewall rules or default cred... Request to download |
![]() | Enterprise Authority To Operate (EATO) Auditing Guidelines Release Date: 03/05/2025 Now includes Auditing Guidelines!Many small and mid-sized cloud-based Anything-as-a-Service (XaaS) vendors struggle to implement robust information securi... Request to download |
![]() | Understanding Data Security Risk Survey Report 2025 Release Date: 02/26/2025 Organizations face a rapidly changing threat landscape. The complexities of hybrid and multi-cloud environments are exposing new vulnerabilities and chall... Request to download |
![]() | Zero Trust Privacy Assessment and Guidance Release Date: 02/18/2025 When people discuss Zero Trust, they often focus on how it can help protect data across an organization. However, they tend to forget how it can also help... Request to download |
![]() | Release Date: 02/13/2025 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
![]() | Zero Trust Guidance for Small and Medium Size Businesses (SMBs) - Japanese Translation Release Date: 02/11/2025 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
![]() | Cloud Security for Startups 2024 - Japanese Translation Release Date: 02/11/2025 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
![]() | Cybersecurity and the Data Lifecycle Release Date: 02/10/2025 The data lifecycle refers to the comprehensive process that data undergoes, from its creation to its eventual disposal. Understanding and securing each ph... Request to download |
![]() | Top Threats Working Group Charter 2025 Release Date: 02/04/2025 The Top Threats Working Group aims to provide up-to-date, industry-informed expert insights on cloud security risks, threats, and vulnerabilities to help ... Request to download |
![]() | Fully Homomorphic Encryption: A Comprehensive Guide for Cybersecurity Professionals Release Date: 02/03/2025 As organizations increasingly rely on cloud computing, protecting data during processing has become a critical challenge. Traditional encryption methods p... Request to download |
![]() | AI Organizational Responsibilities: AI Tools and Applications Release Date: 01/28/2025 This publication is the third installment in a series that explores organizational responsibilities related to Artificial Intelligence (AI). The first pap... Request to download |
![]() | SaaS AI-Risk for Mid-Market Organizations Survey Report Release Date: 01/27/2025 Mid-market organizations are struggling to manage expanding Software as a Service (SaaS) environments. To better understand this challenge, Wing Security ... Request to download |
![]() | DLT Cybersecurity Governance Package Release Date: 01/22/2025 Distributed Ledger Technology (DLT) brings traceability and transparency to external business workflows, while also instilling trust and efficiency in an ... Request to download |
![]() | Zero Trust Guidance for Critical Infrastructure - Japanese Translation Release Date: 01/16/2025 In most nations, the health of public services relies on secure and resilient Critical Infrastructure. We call these infrastructures "critical" because th... Request to download |