Circle
Events
Blog

Working Group

Financial Services Stakeholder Platform

The main objective of this working group is to identify and share the challenges, risks and best practices for the development, deployment and management of secure cloud services in the financial services industry.
Sign-Up View Current Projects
Cloud Usage in the Financial Services Sector
Cloud Usage in the Financial Services Sector

Download

Financial Services Stakeholder Platform
Working Group Overview

This working group meets on the fourth Wednesday of the month at 8am PT. The main objective of this working group is to identify and share the challenges, risks and best practices for the development, deployment and management of secure cloud services in the financial services industry.


What do we discuss? 

During our working group meetings we typically discuss and collaborate on projects the group is currently working on. We also sometimes invite a speaker to share a presentation on industry trends. 


Drafts & Important Docs



Working Group Leadership

Craig Balding Headshot
Craig Balding

Craig Balding

I help enable organisations to safely operate and transact online in the face of dynamic and adaptive threats. After 20 years of attacking and defending top tier firms I founded Resilient Security to provide cyber risk and security advisory, consulting and services.

Read more

Jim De Haas Headshot
Jim De Haas

Jim De Haas

Cloud Security Expert

Seasoned security professional with a demonstrated history of working on critical, complex and highly available banking applications. A technology enthusiast, who enjoys collaborating with cross-functional teams. A strong communicator who can evangelize security across the organisation. Specialised in Cloud Security (Both AWS and Azure), IT Security, training DevOps engineers in security topics and making security understandable to non-secu...

Read more

Sean Gray Headshot
Sean Gray

Sean Gray

Security Strategy, Threat Management. Senior Director, Information Security Strategy and Threat Mgmt at PayPal.

Read more

William Izzo Headshot
William Izzo

William Izzo

Innovative leader with a strong technical and business background with a track record of success across multiple technology domains and markets. Senior business management and technical leadership experience in the DOD, Private, and Government sectors. Years of experience in the management of medium to large network and systems engineering teams with significant experience in the management of large multi-million dollar data com...

Read more

Erik Johnson Headshot
Erik Johnson

Erik Johnson

Cloud Security Specialist & Senior Research Analyst

Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).

I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.

Linke...

Read more

Publications in ReviewOpen Until
The Six Pillars of DevSecOps - Pragmatic ImplementationOct 10, 2022
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - OutlineDec 07, 2022
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

No scheduled meetings for this working group in the next 60 days.

See Full Calendar for this Working Group

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

The Six Pillars of DevSecOps - Pragmatic Implementation

Open Until: 10/10/2022

This document provides a high-level overview of the various tools and processes that should be considered when building out...

Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline

Open Until: 12/07/2022

The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...