Cloud Adoption Practices & Priorities Survey Report
The benefits for enterprises moving to the cloud are clear: greater business agility, data availability, collaboration, and cost savings. The cloud is also changing how companies consume technology. Employees are more empowered than ever before to find and use cloud applications, often with limited or no involvement from the IT department, creating what’s called “shadow IT.” Despite the benefits of cloud computing, companies face numerous challenges including the security and compliance of corporate data, managing employee-led cloud usage, and even the development of necessary skills needed in the cloud era. By understanding the cloud adoption practices and potential risks, companies can better position themselves to be successful in their transition to the cloud.
In the 2014 Cloud Adoption Practices and Priorities (CAPP) survey, the Cloud Security Alliance sought to understand how IT organizations approach procurement and security for cloud services and how they perceive and manage employee-led cloud adoption. We asked IT and security professionals for their views on “shadow IT,” obstacles preventing cloud adoption, types of cloud services requested and blocked, security priorities, and governance practices. We uncovered stark differences between how companies in North America and Europe approach the cloud, and even how large enterprises differ from their smaller counterparts. As more IT departments look to play a greater role in enabling the safe adoption of cloud services, we hope these findings can provide some guidance.
Cloud Adoption Practices & Priorities Survey Report
Release Date: January 09, 2015
Cloud Usage: Risks and Opportunities
This survey was circulated to over 165 IT and security professionals in the U.S. and around the globe representing a variety of industry verticals and enterprise sizes. The goal was to understand their perception of how their enterprises are using cloud apps, what kind of data are moving to and through those apps, and what that means in terms of risks.
Beyond raising awareness around cloud service risk, the findings of this survey are intended to provide usage intelligence that helps IT, security, and business decision-makers take action in their organizations – from consolidating and standardizing on the most secure and enterprise-ready cloud services, to knowing what policies will have the most impact, to understanding where to focus when educating users.
Cloud Usage: Risks and Opportunities Survey
Release Date: September 15, 2014
NSA/PRISM Survey Downloads
During June and July of 2013, news of a whistleblower, US government contractor Edward Snowden, dominated global headlines. Snowden provided evidence of US government access to information from telecommunications and Internet providers via secret court orders as specified by the Patriot Act. The subsequent news leaks indicated that allied governments of the US may have also received some of this information and acted upon it in unknown ways. As this news became widespread, it led to a great deal of debate and soul searching about appropriate access to an individual's digital information, both within the United States of America and any other country.
CSA initiated this survey to collect a broad spectrum of member opinions about this news, and to understand how this impacts attitudes about using public cloud providers as well as any other broadly available Internet service. This survey was conducted online via SurveyMonkey from June 25, 2013 to July 9, 2013.
The survey received almost 500 responses from CSA members around the world. It found that 56% of non-US residents were now less likely to use US-based cloud providers, in light of recent revelations about government access to customer information.
Release Date: July 23, 2013
Cloud Security Alliance Survey Results
The Cloud Security Alliance is uniquely positioned within the cloud security community. Thousands of active members are able to respond to cloud security-related surveys. This website is a repository of the results from these surveys.
Please choose from the tabs to the left to review the results.
& Assurance Registry
STAR is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.
Welcome New Members
The CSA is a member-driven organization, chartered with promoting the use of best practices for providing security assurance within Cloud Computing. We would like to welcome our newest members:
Learn how you can participate in Cloud Security Alliance's goals to promote the use of best practices for providing security assurance within Cloud Computing.
CSA ASEAN Summit 2015
June 11–12, 2015, Bangkok, Thailand The ASEAN CSA Summit 2015 is an ASEAN industry event for IT security professionals and executives. The event aims to bring awareness to and further educate conference attendees about the rapidly evolving subject of cloud security. In addition, it offers best practices and practical solutions for the security in clouds....
CSA Norway Summer Conference
June 15, 2015, Oslo, Norway Annual Conference Focus on strategy and business use of security and cloud Targets: Norway and the Nordics Largest CISO/Security Strategy focused conference Community driven The One Conference to attend 4 Parallel tracks Take me to the Conference Site
CSA APAC Summit 2015 at RSA Conference APJ
July 21, 2015, Singapore Enterprise Cloud Adoption and Security Lessons Learned Cloud computing is now a mission critical part of the enterprise. Join us for CSA Summit at RSA Conference APJ to discover lessons learned from enterprise experts in securing their clouds and achieving compliance objectives. A global list of industry experts will share their...
CSA Taiwan Congress 2015
August 18-20, 2015, Taipei, Taiwan In the era of cloud computing, information security issues have become global in nature and are no longer confined to geographical boundaries. The CSA Taiwan Congress 2015 will be held in conjunction with the The Honeynet Project Taiwan Conference 2015. The event will aim to keep attendees up-to-date with the...
CSA NY Summit 2015
September 16, 2015 Manhattan, NY The full day Cloud Security Alliance NYC Summit is a standalone event in Manhattan on September 16, 2015. This summit is co-hosted by the CSA NY Metro and CSA Delaware Valley chapters. We expect to draw about 200 well qualified attendees with an interest in cloud security from the local...
CSA Congress US
CSA Congress at the Privacy. Security. Risk. Conference September 29 – October 1, 2015, Las Vegas, NV Now accepting speaker proposals! The deadline for submissions is March 13th. Click here for Speaker Guidelines & Submissions Pre-register between now and April 30th and save $200 off Early Bird rates—that’s $400 off of the regular main conference...
CSA Congress EMEA 2015
November 17 – 20, 2015, Berlin, Germany Building on the success of achievements in the areas of research, education, policy support and certification, CSA will host the 4th annual CSA Congress EMEA. Once again CSA Congress EMEA will attract a unique mix of thoughts leaders, policy and decision makers representing the key industry players, cloud...
CSA LA Summit 2015
December 7, 2015, Los Angeles The full day Cloud Security Alliance LA Summit is a standalone event in the greater Los Angeles area on December 7, 2015. This summit is hosted by the CSA LA/SoCal chapter. We expect to draw about 200 well qualified attendees with an interest in cloud security from the local region....