Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
CSAIChaptersEventsBlog

Working Group

Privacy

The Privacy Working Group advocates Privacy Enhancing Technologies (PETs), providing commentary and guidance about legislation, standards and frameworks. This group consolidates best practices from a variety of PETs and provides thought leadership about hybrid implementations that leverage multiple technologies.
View Current Projects
Research Topics
About Topic
Working Group
Publications
Home
Research
Working Groups
Privacy
The Privacy Working Group advances PETs and engineering practices that protect sensitive data throughout its entire lifecycle, and especially during processing, where it is most vulnerable. The group focuses on privacy-by-design technologies that enable secure analytics, collaboration, and data-driven innovation without exposing data, such as Confidential Computing, Differential Privacy Engineering (DPE), Fully Homomorphic Encryption (FHE), Secure Multi-Party Computation (SMPC), Trusted Execution Environments (TEEs), and Zero Knowledge Proofs (ZKP).

Through research and collaboration, this group promotes practical approaches for integrating strong privacy protections into modern cloud environments. Its mission is to provide a hub and central community resource for best practices, as well as guidance on incorporating multiple PETS into the cloud’s privacy lifecycles, by making specialist knowledge publically accessible.

Working Group Leadership

Josh Buker
Josh Buker

Josh Buker

Research Analyst, CSA

Ryan Gifford
Ryan Gifford

Ryan Gifford

Senior Research Analyst, CSA

Working Group Co-Chairs

Mark Bower
Mark Bower

Mark Bower

VP, Product Management at Anjuna

Mark Bower has two decades of experience at leading security companies in the U.S., Australia, U.K., and Germany. He is a noted expert in data protection, data privacy, and information risk reduction. Before joining Anjuna, where he owns product strategy for advanced confidential computing, he headed product and business strategy for Comforte AG, Voltage Security (acquired by HPE) and the Atalla HSM business at Hewlett Packard Enterprise. ...

Read more

Daniella Alpher
Daniella Alpher

Daniella Alpher

Lattica.ai

Daniella Alpher is an experienced tech marketer who specializes in strategy, branding and content marketing. Before focusing on marketing for cybersecurity and AI, she worked as a television producer at ABC News in New York, where she produced news segments for Good Morning America. Daniella has led marketing at CoolaData, Iguazio, DeepKeep, RevealSecurity and PeerSpot. She holds an MBA from INSEAD.

Read more

Joseph Wilson
Joseph Wilson

Joseph Wilson

Joseph Wilson is co-Chair for the Cloud Security Alliance's (CSA's) Fully Homomorphic Encryption (FHE) Working Group (WG), which was formed to address industrial deployment and adoption of FHE and to help the industry navigate this branch of Privacy Enhancing Technologies. He holds a PhD in Theoretical Physics from the University of Leeds, and an MPhys in Experimental Physics from the University of York. He is currently Head of Strategic In...

Read more

Steve Foster
Steve Foster

Steve Foster

Publications in ReviewOpen Until
Comparing FHE and Other PETsApr 17, 2026
MLOps Threat ModelApr 17, 2026
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

Apr

15

Wed, April 15, 9:00am - 10:00am PDT
CSA Privacy - FHE Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the Fully Homomorphic Encryption topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

Apr

21

Tue, April 21, 10:00am - 10:55am PDT
CSA Privacy - Confidential Computing Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the confidential computing topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

Apr

29

Wed, April 29, 9:00am - 10:00am PDT
CSA Privacy - FHE Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the Fully Homomorphic Encryption topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

May

5

Tue, May 5, 10:00am - 10:55am PDT
CSA Privacy - Confidential Computing Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the confidential computing topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

May

13

Wed, May 13, 9:00am - 10:00am PDT
CSA Privacy - FHE Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the Fully Homomorphic Encryption topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

May

19

Tue, May 19, 10:00am - 10:55am PDT
CSA Privacy - Confidential Computing Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the confidential computing topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

May

27

Wed, May 27, 9:00am - 10:00am PDT
CSA Privacy - FHE Workstream
See details
This is a recurring call for the CSA Privacy Working Group, focusing specifically on the Fully Homomorphic Encryption topic.

Join the call using this zoom link: https://csaurl.org/privacy-call
View Event

Current Projects

View recent publications

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Comparing FHE and Other PETs

Open Until: 04/17/2026

Privacy-enhancing technologies offer a broad spectrum of solutions for challenges related to data confidentiality. However,...

Participate in peer review

MLOps Threat Model

Open Until: 04/17/2026

This paper sets the foundation for how we can apply the threat modelling practice of DevSecOps to MLOps.Please revi...

Participate in peer review