Cloud 101
Something went wrong fetching the event listings.

Working Group

Cloud Key Management

The Cloud Key Management working group aims to facilitate the standards for seamless integration between CSPs and key broker services.
View Current Projects
Recommendations for Adopting a Cloud-Native Key Management Service
Recommendations for Adopting a Cloud-Native Key Management Service


Cloud Key Management
Working Group Overview

The working group will author guidelines and best practices, and promote standards that enhance the lives of technology professionals tasked with adopting and optimizing key management systems for use with cloud services.

What do we discuss during our meetings? 

During these meetings we typically discuss changes in the industry that relate to cloud key management, and collaborate on projects the group is working on.

Drafts & Important Docs

Working Group Leadership

Parthasarathi Chakraborty
Parthasarathi Chakraborty

Parthasarathi Chakraborty

Associate VP, Cloud Security, Cyber Innovation and R&D

Partha has over 20 years of cyber security leadership experience in the financial services and healthcare industry. An active speaker and panelist in major cyber security conferences around the world, and frequently called in for views and interviews in electronic media like The Economist, UK. Very much passionate about learning new technologies and writing on recent groundbreaking cyber trends. He is also the founder of Cloud Security Pra...

Read more

Paul Rich
Paul Rich

Paul Rich

Executive Director, Data Management & Protection

Paul Rich is the executive director, data management and protection for JPMorgan Chase & Co., where he leads the strategy and implementation within the company for unstructured data protection both in the cloud and on-premises. He is the co-chair of the CSA Cloud Key Management Working Group, which he envisions as a means of hearing diverse perspectives on the use of cloud services and expectations for both data privacy and secu...

Read more

Publications in ReviewOpen Until
CCPA - CSA Code of Conduct Gap ResolutionApr 10, 2023
Understanding Cloud Attack VectorsApr 28, 2023
CCMV4-LiteMay 15, 2023
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - OutlineJun 01, 2023
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

No scheduled meetings for this working group in the next 60 days.

See Full Calendar for this Working Group

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

CCPA - CSA Code of Conduct Gap Resolution

Open Until: 04/10/2023

This spreadsheet from the Priv...

Understanding Cloud Attack Vectors

Open Until: 04/28/2023

The goal of the document is to map the various attack vectors that are actually being used during cloud-based attacks in Ia...


Open Until: 05/15/2023

Purpose and Scope of CCMv4-LiteCloud Security Alliance and the CCM WG have been developing a li...

Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline

Open Until: 06/01/2023

The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...