The Mission of CSA
The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing and provide education on the uses of Cloud Computing to help secure all other forms of computing.
The Cloud Security Alliance is comprised of many subject matter experts from a wide variety disciplines, united in our objectives:
- Promote a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance.
- Promote independent research into best practices for cloud computing security.
- Launch awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions.
- Create consensus lists of issues and guidance for cloud security assurance.
How CSA Was Born
The issues and opportunities of cloud computing gained considerable notice in 2008 within the information security community. It was at a security practitioners' conference, the ISSA CISO Forum in Las Vegas, November 20, 2008, where the concept of the Cloud Security Alliance was born. Following a presentation of emerging trends by Jim Reavis that included a call for action for securing cloud computing, Reavis and Nils Puhlmann outlined the initial mission and strategy of the Cloud Security Alliance. A series of organizational meetings in early December 2008 that included Reavis, Puhlmann, and industry leaders such as Dave Cullinane, Philippe Courtot, Alan Boehme, Izak Mutlu, Jay Chaudhry, Christofer Hoff, Paul Kurtz, and Jean Pawluk formalized the founding of the Cloud Security Alliance. Our outreach to the information security community to create our initial work product for the 2009 RSA Conference resulted in dozens of volunteers to research, author, edit, and review our first whitepaper. We are proud to recognize these individuals as founding members. CSA welcomes all interested practitioners as members of this organization going forward to continue our important work.
Zscaler - Proud to Contribute to CSA
As Zscaler is pioneering cloud-delivered web security services, it is proud to share its and its customers experience in adopting the cloud model and sharing best practices with security practitioners. CSA has several working groups. Michael Sutton, CISO at Zscaler leads the Portability & Interoperability and Application Security working group.