Cloud 101CircleEventsBlog
Register for CSA's AI Summit at RSAC on May 6!

Working Group

Security Guidance

The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders.
View Current Projects
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

Download

Working Group Overview
The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders. CSA brings together this diverse community of industry partnerships, international chapters, working groups, and individuals to create the Cloud Security Guidance.


CSA Security Guidance v5 in development
The CSA Security Guidance v4 has become a fundamental source for best practices in the cloud. We plan on updating this core research to integrate the latest best practices in cloud and aligning with version 4 of the CCM and CAIQ. This document is a proposal to restructure the fifth version of Guidance with details around each option. 


Drafts & Important Docs

Working Group Leadership

Rich Mogull
Rich Mogull

Rich Mogull

CEO at Securosis

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and fe...

Read more

Publications in ReviewOpen Until
Relationship of Shadow Access with Zero Trust and Artificial IntelligenceApr 06, 2024
AI Organizational Responsibilities - Core Security ResponsibilitiesApr 06, 2024
AI Governance & Compliance in the IndustryApr 06, 2024
AI Legal and Regulatory LandscapeApr 06, 2024
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Relationship of Shadow Access with Zero Trust and Artificial Intelligence

Open Until: 04/06/2024

Shadow Access, a growing concern in cloud computing, refers to unintended, unauthorized access to systems and data, often i...

AI Organizational Responsibilities - Core Security Responsibilities

Open Until: 04/06/2024

This white paper focuses on what we define as an enterprise's "core security responsibilities" around Artificial Intelligen...

AI Governance & Compliance in the Industry

Open Until: 04/06/2024

Governance and compliance serve as integral components of organizational management, ensuring adherence to regulations, sta...