Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

CSA Research Publications

Whitepapers, Reports and Other Resources

Research Home
Publications
Working Groups
Peer Reviews
Upcoming Meetings
Home
Research
Publications

Browse Publications

GRC Stack

GRC Stack

Release Date: 03/08/2013

Request to download
Enterprise Architecture v2.0

Enterprise Architecture v2.0

Release Date: 02/25/2013

The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals...

Request to download
CSA Position Paper on AICPA Service Organization Control Reports

CSA Position Paper on AICPA Service Organization Control Reports

Release Date: 02/25/2013

The Cloud Security Alliance (CSA) has drafted the CSA Position Paper on AICPA Service Organization Control Reports as a means to educate its members and prov...

Request to download
Privacy Level Agreement (PLA) Outline Annex

Privacy Level Agreement (PLA) Outline Annex

Release Date: 02/24/2013

Request to download
Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

Release Date: 02/24/2013

The Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, information about the privacy and data protection pol...

Request to download
The Notorious Nine: Cloud Computing Top Threats in 2013

The Notorious Nine: Cloud Computing Top Threats in 2013

Release Date: 02/24/2013

Providing organizations with up-to-date, expert-informed understanding of cloud security threats in order to make educated risk-management decisions regardin...

Request to download
What the Proposed EU Data Protection Regulation Means for Cloud Users

What the Proposed EU Data Protection Regulation Means for Cloud Users

Release Date: 02/22/2013

Request to download
Article 29 Working Party Cloud Computing Opinion: A Blow to Safe Harbor

Article 29 Working Party Cloud Computing Opinion: A Blow to Safe Harbor

Release Date: 02/22/2013

The Article 29 Data Protection Working Party—which includes representatives of the data protection authorities of each of the European Union member states—re...

Request to download
International Standardization Council Roles and Responsibilities for Liaison Officer

International Standardization Council Roles and Responsibilities for Liaison Officer

Release Date: 02/22/2013

Request to download
International Standardization Council Operating Procedures

International Standardization Council Operating Procedures

Release Date: 02/22/2013

Request to download
What Rules Apply to Government Access to Data Held by US Cloud Service Providers

What Rules Apply to Government Access to Data Held by US Cloud Service Providers

Release Date: 02/22/2013

What rules regulate government access to data held by US cloud service providers. ...

Request to download
Security Guidance for Critical Areas of Mobile Computing

Security Guidance for Critical Areas of Mobile Computing

Release Date: 11/08/2012

Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners,...

Request to download
Top Ten Big Data Security and Privacy Challenges

Top Ten Big Data Security and Privacy Challenges

Release Date: 11/07/2012

In this paper, we highlight the top ten big data specific security and privacy challenges. We interviewed Cloud Security Alliance members and surveyed securi...

Request to download
CSA Congress 2012 Big Data Overview

CSA Congress 2012 Big Data Overview

Release Date: 11/06/2012

Crystallization of best practices for security and privacy in big data.

Request to download
SecaaS Category 7 // Security Information and Event Management Implementation Guidance

SecaaS Category 7 // Security Information and Event Management Implementation Guidance

Release Date: 10/29/2012

This document provides guidance on how to evaluate, architect, and deploy cloud-based SIEM services to both enterprise and cloud-based networks, infrastructu...

Request to download
SecaaS Category 9 // BCDR Implementation Guidance

SecaaS Category 9 // BCDR Implementation Guidance

Release Date: 10/08/2012

When using the cloud for operational processes and/or production systems, an organization’s BC/DR requirements must be included in their procurement, plannin...

Request to download
SecaaS Category 8 // Encryption Implementation Guidance

SecaaS Category 8 // Encryption Implementation Guidance

Release Date: 10/08/2012

Encryption is a primary data (and application) protection technique. For encryption to be useful, encryption keys must be properly managed and protected. Thi...

Request to download
SecaaS Category 6 // Intrusion Management Implementation Guidance

SecaaS Category 6 // Intrusion Management Implementation Guidance

Release Date: 10/08/2012

Because of the limited market maturity and lack of widely accepted best practices, this document provides implementation guidelines for cloud-based intrusion...

Request to download
SecaaS Category 5 // Security Assessments Implementation Guidance

SecaaS Category 5 // Security Assessments Implementation Guidance

Release Date: 10/08/2012

There are many choices for an assessment framework standard and there is no "one size fits all" solution for security assessments. One could reasonably expec...

Request to download
SecaaS Category 4 // Email Security Implementation Guidance

SecaaS Category 4 // Email Security Implementation Guidance

Release Date: 10/08/2012

Due to its ubiquitous use, electronic mail is both the prime target of, and primary vehicle for, attacks, and must be protected on both ends: sending and rec...

Request to download
« First
25
26
27
29
31
Last »