New to the cloud? Want to understand how cloud security is different from on-premise security?
If you’re interested in a brief explanation and introduction to cloud security read our blog. Otherwise you can find the full list of recommendations and best practices can in the latest version of the Cloud Security Guidance for Cloud Computing.
Interested in certificates and training?
Cloud Security Alliance offers the Certificate of Cloud Security Knowledge (CCSK) which tests individuals on the domains covered in the CSA Security Guidance. There is both a certificate and a training available through CSA. You can learn more about the CCSK here.
The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders. CSA brings together this diverse community of industry partnerships, international chapters, working groups, and individuals to create the Cloud Security Guidance. We are profoundly grateful to all who contributed to version 4 of the release.
No Meetings Currently Scheduled
Working Group Leadership
Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and featured speaker at the security industry’s largest events, including RSA...
Best Practices for Cloud Security
CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
The fourth version of the Security Guidance for Critical Areas of Focus in Cloud Computing is built on previous iterations of the security guidance, dedicated research, and public participation from the Cloud Security Alliance members, working groups, and the industry experts within our community. This version incorporates advances in cloud, security, and supporting technologies; reflects on real-world cloud security practices; integrates the latest Cloud Security Alliance research projects; and offers guidance for related technologies.
Guía de Seguridad de Áreas Críticas para la Computación en la Nube
Con este documento, nuestro objetivo es proporcionar tanto orientación como inspiración para respaldar los objetivos comerciales, mientras se gestionan y mitigan los riesgos asociados con la adopción de la tecnología de computación en la nube.
Security Guidance v4.0 - Chinese Translation
欢迎来到云安全联盟关于云计算关键领域安全指南的第四个版本。云计算的兴起是一项不 断发展的技术，它带来了许多机遇和挑战。通过这个文档，我们的目标是提供指导和灵感来支 持业务目标，同时管理和减轻采用云计算技术相关的风险。
|Developing a Cloud Security Strategy||Security Intelligence||October 15, 2020|