Working Group

Cloud Incident Response

Join Group
Cloud Incident Response


With today’s fast-evolving threat landscape, a holistic cloud incident response framework that considers an expansive scope of factors for cloud outages is necessary. The working group aims to develop a holistic Cloud Incident Response (CIR) framework that comprehensively covers key causes of cloud incidents (both security and non-security related), and their handling and mitigation strategies. The aim is to serve as a go-to guide for cloud users to effectively prepare for and manage the aftermath of cloud incidents, and also a transparent and common framework for Cloud Service Providers to share with cloud customers their cloud incident response practices. Imperative factors of cloud incidents including, but not limited to, operational mistakes, infrastructure or system failure, environmental issues, cyber security incidents and malicious acts will be included in development of the framework.


Cloud Incident Response Framework – A Quick Guide

Release Date: 04/21/2020

With the abundance of Cloud Incident Response (CIR) standards, frameworks and guidelines available in the industry, CSA’s

Cloud Incident Response Framework – A Quick Guide

Open Peer Reviews

Artifact reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Next Meeting

No Meetings Currently Scheduled


Alex Siow Headshot
Alex Siow
Soon Tein Lim Headshot
Soon Tein Lim