About the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading not-for-profit organization committed to awareness, practical implementation, and credentialing of forward-looking cybersecurity topics, including AI, cloud, and Zero Trust.

In an era where digital transformation drives business success, CSA stands as the global authority ensuring organizations can operate securely while harnessing cutting-edge technology. Through collaborative volunteer-driven research, globally-accepted standards, and award-winning vendor-neutral education programs that unite technical experts, industry practitioners, and varied associations, governments, chapters, and corporate members across six continents, CSA bridges the gap between innovation and pragmatic security execution.

CSA’s flagship Cloud Controls Matrix (CCM) stands as the only vendor-neutral framework of cloud-specific security controls, trusted by organizations worldwide and mapped to almost every leading cybersecurity standard and best practice. In 2025, CSA introduced the groundbreaking AI Controls Matrix (AICM), the first comprehensive security framework designed specifically for cloud-based AI systems.

Together, the CCM and AICM power CSA’s Security, Trust, Assurance, and Risk (STAR) program, the world’s largest and most complete cloud and AI assurance program. STAR creates a common language between providers and consumers, establishing trust and shared responsibilities on both sides. The program is comprised of a portfolio of assessments for cloud and AI providers; a publicly accessible registry of these assessments; a global network of authorized third-party assessment firms; assurance and auditing training; and customized portfolios for governments, industries, and other consortia.

CSA also hosts numerous volunteer-led research working groups spanning AI, cloud key management, confidential computing, data privacy, DevSecOps, financial services, health information management, Identity and Access Management, quantum-safe security, top cloud computing threats, Zero Trust, and beyond. CSA Research drives cybersecurity innovation through rigorous, vendor-neutral investigation. Working groups collaborate with the industry, higher education, and government to produce freely accessible publications and survey reports about this diverse range of topics.

CSA’s very first research publication, Security Guidance for Critical Areas of Focus In Cloud Computing, has been continuously updated since 2009 and remains the definitive roadmap for secure cloud adoption. Various research efforts have also been transformed into action through influential initiatives and awareness campaigns, including the AI Safety Initiative, Compliance Automation Revolution, CxO Trust, FinCloud Security Initiative, and Zero Trust Advancement Center. Each of these initiatives addresses critical industry challenges head-on.

Based on CSA Research, CSA's professional development programs and individual courses set the industry standard for cybersecurity expertise. The Certificate of Cloud Security Knowledge (CCSK) serves as the benchmark credential for cloud security professionals, while the Certificate of Competence in Zero Trust (CCZT), launched in 2023, represents the first vendor-neutral Zero Trust training and certificate program. CSA’s newest offering, the Trusted AI Safety Expert (TAISE) program, developed with Northeastern University, prepares professionals to safely lead in the age of AI.

Additionally, every year, CSA holds dozens of high-impact educational events around the world and online. These events range from cutting-edge webinars to in-depth workshops and global summits that help professionals enhance their skills, foster connections, and earn continuing educational credits.

CSA’s work is powered by a diverse membership ecosystem. Leading cloud providers, breakthrough AI innovators, pioneering startups, small-but-mighty Software-as-a-Service providers, and security-conscious enterprise customers of all kinds make up a community that includes every type of stakeholder in the digital security landscape. The distinguished Trusted Cloud Provider and Trusted Cloud Consultant designations recognize CSA Members who go above-and-beyond and exemplify security excellence.

Collectively, CSA represents a global movement committed to solving the security industry’s problems of both today and tomorrow. Together we can ensure that the cyber space remains secure, trustworthy, and accessible to all. Visit the CSA website to explore educational resources, join the community, and discover how to accelerate your own organization's secure digital transformation.

Mailing Addresses

Americas
Bellingham Office
709 Dupont Street
Bellingham, WA 98225

Seattle Office
2212 Queen Anne Ave N
Seattle, WA 98109

Asia Pacific
354 Tanglin Road
01-18/19 Tanglin International Center
Singapore 247672
https://www.csaapac.org

EMEA
Hardenbergstraße 8
10623 Berlin
Germany

Cloud Security Alliance Greater China Region (GCR) is CSA’s presence in China. We harness the subject matter expertise of local industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products in Chinese edition. The Secretariat (previously known as the Coordinating Bod) of CSA GCR is currently operated by CSA’s partner C-CSA, a not-for-profit organization registered and endorsed by China government. GCR has over 10 chapters in the region, which are essential to our mission to promote the secure adoption of cloud computing. CSA chapter members are composed primarily of individual members and getting involved with CSA chapter is a great way to further your knowledge of cloud computing security, and network with local peers facing the same challenges in securing cloud computing.

Shenzhen office
Yuehai Street, Nanshan District, Shenzhen,
Guangdong, China 518063

Shanghai Office
Lingang Yew Shan Road, Pudong New Area,
Shanghai 201306

Website: http://www.c-csa.cn
Email: [email protected]
Wechat: csagcr