Cloud 101CircleEventsBlog
Get 50% off the Cloud Infrastructure Security training bundle with code 'unlock50advantage'

Working Group

Security as a Service

The purpose of this working group is to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to organizations on reasonable implementation practices.
View Current Projects
Disaster Recovery as a Service
Disaster Recovery as a Service

Download

Security as a Service
Working Group Overview
The purpose of this working group is to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to organizations on reasonable implementation practices.


What do we discuss? 
During our meetings we typically discuss changes in the industry and collaborate on projects the group is currently working on. We welcome anyone who would like to join, even if you would like to just listen-in on your first call.


Drafts & Important Docs

Working Group Leadership

Amit Kandpal
Amit Kandpal

Amit Kandpal

Director of Customer Success, Netskope

Jens Laundrup
Jens Laundrup

Jens Laundrup

Chief Security Engineer and Executive Consultant, Emagined Security Inc.

Jens Laundrup, Chief Security Engineer and Executive Consultant, Emagined Security Inc., has spent over 30 years in the Information Security space to include numerous security engineering disciplines including Military, Government and Corporate Information Security, Compliance Program Design, Architecture Design, and Network & Physical Security. Mr. Laundrup has led the development and design of cutting-edge risk-based security programs and...

Read more

Michael Roza
Michael Roza

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.

Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...

Read more

Publications in ReviewOpen Until
Zero Trust Privacy Assessment and GuidanceDec 27, 2024
Cybersecurity and the Data LifecycleJan 05, 2025
AI Controls MatrixJan 19, 2025
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

No scheduled meetings for this working group in the next 60 days.

See Full Calendar for this Working Group

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Zero Trust Privacy Assessment and Guidance

Open Until: 12/27/2024

The objective of this paper is to provide guidance for using zero trust in privacy implementation. This document highlights...

Cybersecurity and the Data Lifecycle

Open Until: 01/05/2025

The data lifecycle refers to the comprehensive process that data undergoes, from its creation to eventual disposal. Underst...

AI Controls Matrix

Open Until: 01/19/2025

The CSA AI Controls Matrix is a framework of control objectives to support organizations in their secure and responsible de...