CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
![]() | Release Date: 06/01/2015 This 2015 Hong Kong Small and Medium-sized Enterprises (SME) Cloud Adoption, Security and Privacy Readiness Survey was conducted by the Internet Society Hong... Request to download |
![]() | International Standardization Council Charter Release Date: 05/20/2015 Request to download |
![]() | Release Date: 05/19/2015 An overview of current cryptographic techniques being used, proactive defenses, and the threats and impact of quantum computing. Request to download |
![]() | Best Practices for Mitigating Risks in Virtualized Environments Release Date: 05/05/2015 Request to download |
![]() | FedRAMP Cloud Controls Matrix v3.0.1 Candidate Mapping Release Date: 05/05/2015 Request to download |
![]() | New Security Guidance for Early Adopters of the IoT Release Date: 04/20/2015 This document provides guidance for the secure implementation of Internet of Things (IoT)-based systems. We have provided the guidance in this document to ai... Request to download |
![]() | Release Date: 04/20/2015 The CSA STAR Program is a publicly accessible registry designed to recognize the varying assurance requirements and maturity levels of providers and consumer... Request to download |
![]() | Cloud Adoption In The Financial Services Sector Release Date: 03/05/2015 We circulated the “How Cloud is Being Used in the Financial Sector” survey to IT and security professionals in financial services institutions. The goal was ... Request to download |
![]() | Mobile Application Security Testing Initiative Charter Release Date: 02/16/2015 Mobile applications are becoming an integral part of not just modern enterprises but also of human existence and a huge part of this shift is due to the emer... Request to download |
![]() | Cloud Adoption Practices & Priorities Release Date: 01/09/2015 The benefits for enterprises moving to the cloud are clear: greater business agility, data availability, collaboration, and cost savings. The cloud is also c... Request to download |
![]() | Release Date: 12/18/2014 Cloud computing is the future, and in many cases, the present of information technology. Always On SSL (AOSSL) is rapidly becoming an essential practice to h... Request to download |
![]() | Release Date: 09/18/2014 A research document outlining the six dimensions of big data to help decision makers navigate the myriad choices in compute and storage infrastructures as we... Request to download |
![]() | Cloud Usage: Risks and Opportunities Release Date: 09/15/2014 This survey was circulated to over 165 IT and security professionals in the U.S. and around the globe representing a variety of industry verticals and enterp... Request to download |
![]() | Release Date: 09/12/2014 The Cloud Security Alliance surveyed a select group of global data privacy experts with the intention to measure attitudes towards data protection areas that... Request to download |
![]() | Consensus Assessments Initiative Questionnaire v3.0.1 Info Sheet Release Date: 07/29/2014 Request to download |
![]() | Cloud Controls Matrix v3.0.1 Info Sheet Release Date: 07/29/2014 Find out how many controls are in the Cloud Controls Matrix v3-0-1 in this info sheet. Request to download |
![]() | Cloud Controls Matrix v3.0.1 (July 2014) Release Date: 07/11/2014 New and updated mappings, consolidation of redundant controls, rewritten controls for clarity of intent, STAR enablement, and SDO alignment. Request to download |
![]() | Big Data, Big Concerns, and What the White House Wants to Do about It Release Date: 05/29/2014 Big data tools offer astonishing and powerful opportunities to unlock previously inaccessible insights from new and existing data sets. Large amounts of data... Request to download |
![]() | Release Date: 04/30/2014 This document outlines a Cloud Security Alliance (CSA) initiated protocol for the Software Defined Perimeter specification, and requests discussion and sugge... Request to download |
![]() | Release Date: 04/17/2014 The CSA SDP Hackathon challenged hackers to attack a server defended by a software defined perimeter. Of the billions of packets fired at the server, not one... Request to download |