0
Cloud Security Alliance Research & Roadmap    RSA Conference 2013 Announcements              Copyright © 2013 Cloud Securi...
Copyright ©© 2013 Cloud Security Alliance Copyright 2012 Cloud Security Alliance             2011           2013          ...
Developed first comprehensive best practices for secure cloud computing,   Security Guidance for Critical Areas of Focus f...
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
60 chapters and growingEvery continent except AntarcticaTranslating guidanceAdapting research to local needsCreating their...
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Copyright © 2012 Cloud Security Alliance   www.cloudsecurityalliance.org
Our research includesfundamental projects neededto define and implement trustwithin the future ofinformation technologyCSA...
Global resource and researchcoverage through our corporatemembership, affiliatemembers, chapters andConnected to great min...
Security Guidance for CriticalAreas of Cloud Computing Popular best practices for securing cloud computing Flagship resear...
GRC Stack  Family of 4 research projects    Cloud Controls Matrix (CCM)    Consensus Assessments Initiative    (CAI)    Cl...
Controls derived fromguidanceMapped to familiarframeworks: ISO27001, COBIT, PCI, HIPAA,FISMA, FedRAMP, etc.Rated as applic...
Research tools and processes toperform shared assessments ofcloud providersIntegrated with Controls MatrixVersion 1 CAI Qu...
Open standard and API toautomate provider auditassertionsChange audit from datagathering to data analysisNecessary to prov...
Developed by CSC, transferred toCSAOpen standard and API to verifycontrol assertions“Question and Answer”asynchronous prot...
CSA STAR(Security, Trust and Assurance Registry) Public Registry of Cloud Provider self assessments Based on Consensus Ass...
Copyright © 2012 Cloud Security Alliance   www.cloudsecurityalliance.org
Security as a Service Research for gaining greater understanding for how to deliver security solutions via cloud models.  ...
Mobile Securing application stores and other public entities deploying software to mobile devices Analysis of mobile secur...
Big Data Identifying scalable techniques for data-centric security and privacy problems Lead to crystallization of best pr...
Cloud Data Governance Cloud Data Governance Maturity Survey of current Cloud Provider practices in the market (e.g. backup...
Telecom Working Group Industry a key stakeholder in future of cloud CSA’s liaison to ITU-T 5 Telecom Initiatives    Teleco...
CloudCERT Consensus research for emergency response in Cloud Enhance community’s ability to respond to incidents Standardi...
Health Information Management(NEW) Provide direct influence on how health information service providers deliver secure clo...
Privacy Level Agreement(PLA) PLA = SLA for privacy. In the PLA (typically an attachment to the Service Agreement) the clou...
    www.cloudsecurityalliance.org
ISACA/CSA Cloud SecurityMaturity Project The Cloud Security Alliance (CSA) and ISACA announced the availability of a new s...
Top Threats Provide needed context to assist organizations in making educated risk management decisions regarding their cl...
CSA has been awarded 4 FP7 Projects                    Helix Nebula - The HELIX NEBULA Project is a                    pre...
Most of our Research Projectsare ideas from professionals likeyouDo you have an idea for aresearch project on a cloudsecur...
Contribute to the    CSA library  The Cloud Security Alliance is a community non-profit  which is driven by its members. H...
Learn how you can participate in Cloud  Security Alliances goals to promote the  use of best practices for providing secur...
RSA Conference 2013 Announcements               Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Released a draft of the latest version of theCloud Control Matrix, CCM v3.0Realigns the CCM control domains to achievetigh...
CSA Big Data Working Group released an initial report--The Top 10 Big Data Security and Privacy Challenges at CSA Congress...
Released a position paper on the American Institute of CPAs’ reporting frameworkEducating members and providing guidance o...
The CSA PLA Working Group formed in 2012 to help transpose the Art. 29 WP and EU National Data ProtectionRegulators’ recom...
The Cloud Security Alliance (CSA) Top Threats Working Group released The Notorious Nine: Cloud Computing TopThreats in 201...
Formation of the Legal Information Center (CLIC), a new online resource.The launch of the CLIC is part of an ongoing effor...
Announced the launch of a new global training program called the CSA Master Training ProgramHP named as the initial partne...
Copyright © 2011 Cloud Security Alliance   www.cloudsecurityalliance.org
Upcoming SlideShare
Loading in...5
×

CSA Atlanta Chapter Meeting Q1'2013 and RSA Conference 2013 CSA Announcements

297

Published on

Cloud Security Alliance Atlanta Chapter Meeting Q1'2013 and RSA Conference 2013 CSA Announcements

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
297
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Research is the crown jewel of CSAThe objective of CSA research is to develop best practices, guidelines, white papers and frameworks that will be conducive in building trust into the CloudAs a result, consumers can go to the cloud securely with confidence. Cloud service provider can use our work as a baseline to address interoperability and security issues, where assurance is assessable continuously and automatically. Switching costs to consumers is reduced to a minimum and a dynamic cloud eco-system is hence created to allow for acceleration of cloud adoption
  • The CSA Guidance is our flagship research that provides a broad catalog of best practices. It contains 13 domains to address both broad governance and specific operational issues. This Guidance is used as a foundation for the other research projects in the following slides that relate to compliance.
  • Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates
  • Transcript of "CSA Atlanta Chapter Meeting Q1'2013 and RSA Conference 2013 CSA Announcements"

    1. 1. Cloud Security Alliance Research & Roadmap RSA Conference 2013 Announcements Copyright © 2013 Cloud Security Alliance www.cloudsecurityalliance.org
    2. 2. Copyright ©© 2013 Cloud Security Alliance Copyright 2012 Cloud Security Alliance 2011 2013 www.cloudsecurityalliance.org www.cloudsecurityalliance.org
    3. 3. Developed first comprehensive best practices for secure cloud computing, Security Guidance for Critical Areas of Focus for Cloud Computing (updated October 2011) First and only user certification for cloud security, the CCSK (Certificate of Cloud Security Knowledge, September 2010) Tools for managing Governance, Risk and Compliance in the Cloud Registry of cloud provider security practices, the CSA STAR (Security, Trust & Assurance Registry, Q4 2011) First and only multi-tenant security controls framework adapted for cloud (CSA CCM) Industry leading security practices, education and tools developed by 20+ working groups Selection of CSA venue by US White House to announce the US Federal Cloud Strategy in 2011 Leadership in developing new security standards addressing cloud computing Trusted advisor to governments and Global 2000 firms around the world“To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” www.cloudsecurityalliance.org
    4. 4. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    5. 5. 60 chapters and growingEvery continent except AntarcticaTranslating guidanceAdapting research to local needsCreating their own research projects Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    6. 6. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    7. 7. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    8. 8. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    9. 9. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    10. 10. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    11. 11. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    12. 12. Our research includesfundamental projects neededto define and implement trustwithin the future ofinformation technologyCSA continues to beaggressive in producingcritical research, educationand tools22 Active Work Groups and10 in the pipeline Copyright © 2011 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance
    13. 13. Global resource and researchcoverage through our corporatemembership, affiliatemembers, chapters andConnected to great minds:Research contributors representsome of the top minds ininformation security and cloudcomputing Copyright © 2011 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance
    14. 14. Security Guidance for CriticalAreas of Cloud Computing Popular best practices for securing cloud computing Flagship research project V 3.0 Released (November 2011) In alignment with international standardsImpact to the Industry Developed first comprehensive best practices for secure cloud computing, Security Guidance for Critical Areas of Focus for Cloud Computing (updated October 2011) Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    15. 15. GRC Stack Family of 4 research projects Cloud Controls Matrix (CCM) Consensus Assessments Initiative (CAI) Cloud Audit Cloud Trust Protocol (CTP) Control Provider Requirements Assertions Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    16. 16. Controls derived fromguidanceMapped to familiarframeworks: ISO27001, COBIT, PCI, HIPAA,FISMA, FedRAMP, etc.Rated as applicable to S-P-ICustomer vs. Provider roleHelp bridge the “cloud gap”for IT & IT auditors Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    17. 17. Research tools and processes toperform shared assessments ofcloud providersIntegrated with Controls MatrixVersion 1 CAI Questionnairereleased Oct 2010, approximately140 provider questions to identifypresence of security controls orpracticesUse to assess cloud providers today,procurement negotiation, contractinclusion, quantify SLAs Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    18. 18. Open standard and API toautomate provider auditassertionsChange audit from datagathering to data analysisNecessary to provide audit &assurance at the scaledemanded by cloud providersUses Cloud Controls Matrix ascontrols namespaceUse to instrument cloud forcontinuous controls monitoring Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    19. 19. Developed by CSC, transferred toCSAOpen standard and API to verifycontrol assertions“Question and Answer”asynchronous protocol, leveragesSCAP (Secure ContentAutomation Protocol)Integrates with Cloud AuditNow we have all the componentsfor continuous controls monitoring Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    20. 20. CSA STAR(Security, Trust and Assurance Registry) Public Registry of Cloud Provider self assessments Based on Consensus Assessments Initiative Questionnaire Provider may substitute documented Cloud Controls Matrix compliance Voluntary industry action promoting transparency Free market competition to provide quality assessments Provider may elect to provide assessments from third parties Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    21. 21. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    22. 22. Security as a Service Research for gaining greater understanding for how to deliver security solutions via cloud models. Information Security Industry Re-invented Identify Ten Categories within SecaaS Implementation Guidance for each SecaaS Category Align with international standards and other CSA research Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    23. 23. Mobile Securing application stores and other public entities deploying software to mobile devices Analysis of mobile security capabilities and features of key mobile operating systems Cloud-based management, provisioning, policy, and data management of mobile devices to achieve security objectives Guidelines for the mobile device security framework and mobile cloud architectures Solutions for resolving multiple usage roles related to BYOD, e.g. personal and business use of a common device Best practices for secure mobile application development Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    24. 24. Big Data Identifying scalable techniques for data-centric security and privacy problems Lead to crystallization of best practices for security and privacy in big data Help industry and government on adoption of best practices Establish liaisons with other organizations in order to coordinate the development of big data security and privacy standards Accelerate the adoption of novel research aimed to address security and privacy issues Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    25. 25. Cloud Data Governance Cloud Data Governance Maturity Survey of current Cloud Provider practices in the market (e.g. backup, encryption, secure deletion, etc.) Structure based on Domain 5: Information Lifecycle Management Re-define Data Life Cycle Model Identify Key Concerns for Stakeholders Data Governance in Emerging Technologies in the Cloud Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    26. 26. Telecom Working Group Industry a key stakeholder in future of cloud CSA’s liaison to ITU-T 5 Telecom Initiatives Telecom and the GRC Stack ISO 27017 Interviews to CSP’s SIEM Compliance Monitoring Cloud Forensics and Legal Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    27. 27. CloudCERT Consensus research for emergency response in Cloud Enhance community’s ability to respond to incidents Standardized processes Supplemental best practices for CERTs Hosted Community of Cloud CERTs Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    28. 28. Health Information Management(NEW) Provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients, and foster cloud awareness within all aspects of healthcare and related industries 2 Health Initiatives HIPAA and HiTech Best Practices Healthcare Recommendations Guidance to V.3 Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    29. 29. Privacy Level Agreement(PLA) PLA = SLA for privacy. In the PLA (typically an attachment to the Service Agreement) the cloud service provider (CSP) clearly declares the level of privacy and data protection that it undertakes to maintain with respect to the relevant data processing. Provide cloud customers with a tool to assess a CSP’s commitment to address personal data protection. Offer contractual protection against possible economical damages due to lack of compliance or commitment of the CSP privacy and data protection regulation. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    30. 30.  www.cloudsecurityalliance.org
    31. 31. ISACA/CSA Cloud SecurityMaturity Project The Cloud Security Alliance (CSA) and ISACA announced the availability of a new survey on cloud market maturity This is the first collaborative project between the two organizations A report based off of the survey results will be published Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    32. 32. Top Threats Provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies V.2 of Top Threats Report released in October 2012 Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    33. 33. CSA has been awarded 4 FP7 Projects Helix Nebula - The HELIX NEBULA Project is a preliminary step towards a European cloud‐based scientific e‐ infrastructure: HELIX NEBULA – the Science Cloud. Cumulus - The overall aim of the project is to develop a framework for hybrid, incremental and multi-layer certification for all services in cloud computing stacks, including infrastructure (IaaS), platform (PaaS) and software services (SaaS Cirrus – Cirrus pretends to bring together different stakeholders (industry, research, service providers, end- users, standardization bodies…) and perform an analysis of implications for overall E2E (end-to-end) Cloud Security with the special attention to issues of assurance and trustworthiness. A4 Cloud - This project aims to clarify regulatory expectations with regard to cloud and also provide mechanisms that enable provision of accountable services in the cloud.Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    34. 34. Most of our Research Projectsare ideas from professionals likeyouDo you have an idea for aresearch project on a cloudsecurity topic?If so, please take the time todescribe your concept by fillingout the our online form. Thisform is monitored by the CSAresearch team, who will reviewyour proposal and respond to youwith feedback. Copyright © 2011 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org www.cloudsecurityalliance.org Copyright © 2012 Cloud Security Alliance
    35. 35. Contribute to the CSA library The Cloud Security Alliance is a community non-profit which is driven by its members. Have a white paper or information on a cloud security product you want to contribute?https://cloudsecurityalliance.org/education/white-papers-and-educational-material/ Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    36. 36. Learn how you can participate in Cloud Security Alliances goals to promote the use of best practices for providing security assurance within Cloud Computinghttp://www.linkedin.com/groups?gid=1864210https://cloudsecurityalliance.org/get-involved/ Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    37. 37. RSA Conference 2013 Announcements Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    38. 38. Released a draft of the latest version of theCloud Control Matrix, CCM v3.0Realigns the CCM control domains to achievetighter integration with the CSA’s “SecurityGuidance for Critical Areas of Focus in CloudComputing version 3”Introduced three new control domains Mobile Security Supply Change Management, Transparency and Accountability Interoperability & PortabilityAvailable for peer review through the CSA https://interact.cloudsecurityalliance.org/index.php/ccm/v3_group_1Interact website with the peer review period https://interact.cloudsecurityalliance.org/index.php/ccm/v3_group_2closing March 31, 2013, and final release of https://interact.cloudsecurityalliance.org/index.php/ccm/v3_group_3CCM v3.0 on April 17, 2013 Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    39. 39. CSA Big Data Working Group released an initial report--The Top 10 Big Data Security and Privacy Challenges at CSA Congress 2012 2013 RSA announcement expanded this to Top Ten Big Data Security and Privacy Challenges report The 35-page report outlines the unique challenges presented by Big Data The Top 10 Big Data Security and Privacy Challenges have been enumerated as follows:1. Secure computations in distributed programming frameworks2. Security best practices for non-relational data stores3. Secure data storage and transactions logs4. End-point input validation/filtering5. Real-time security monitoring6. Scalable and composable privacy-preserving data mining and analytics7. Cryptographically enforced data centric security8. Granular access control9. Granular audits10. Data provenance The goal of outlining these challenges is to raise awareness among security practitioners and researchers To review the report and provide comments, please visit https://interact.cloudsecurityalliance.org/index.php/bigdata/top_ten_big_data_2013 . Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    40. 40. Released a position paper on the American Institute of CPAs’ reporting frameworkEducating members and providing guidance on selecting the most appropriate reporting optionLatest step in CSA’s previously announced Open Certification Framework and STAR Attestation initiativesAICPA’s reporting framework, known as Service Organization Control Reports, consists of three major documenttypes The first – the SOC 1 report – deals with controls over financial reporting The SOC 2 report focuses on controls that bear on a service provider’s security, processing integrity and operating availability, as well as the confidentiality and privacy of data moving through its systems. A third report, SOC 3, is a compressed version of the SOC 2 and is designed for public distribution.Highlights that for most cloud providers, a SOC 2 Type 2 attestation examination conducted in accordance withAICPA standard AT Section 101 (AT 101) utilizing the CSA Cloud Controls Matrix (CCM) as additional suitablecriteria is likely to meet the assurance and reporting needs of the majority of users of cloud services The Cloud Controls Matrix is designed to be used in conjunction with existing standards, and this is one such example where the combination provides a comprehensive view that should suit most users reporting needsPosition paper also offers guidance to members on the following: When a SOC 1 report is necessary, When a SOC 2 report is called for, and When both engagement types may be requiredThe full position paper can be found at https://cloudsecurityalliance.org/research/collaborate/#_aicpa Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    41. 41. The CSA PLA Working Group formed in 2012 to help transpose the Art. 29 WP and EU National Data ProtectionRegulators’ recommendations on Cloud Computing into an easy to use outline that CSPs can use to disclose personaldata handling practicesThe Cloud Security Alliance (CSA) Privacy Level Agreement (PLA) Working Group released the Privacy LevelAgreement (PLA) Outline for Cloud Service Providers providing services in the European UnionThe Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, informationabout the privacy and data protection policies, procedures and practices used when processing personal data thatcustomers upload or store in the CSP’s serversOnce a PLA outline is completed by a CSP, it will provide current and potential customers with a new tool to assessthat CSP’s disclosure of its practices.This knowledge, in turn, will allow companies to evaluate the extent to which the use of a particular CSP will allowthem to achieve compliance with applicable data protection laws, including, in particular, their transparency andaccountability obligations, a positive shift for both the customer and provider alike.Key elements covered in the outline include: Cloud customer internal and external due diligence Categories of personal data that may be uploaded to the service Ways which data should be processed in the cloud Data location, transfer, retention, monitoring and security measures Personal data breach notification Data portability, migration, and transfer back assistance Accountability Law enforcement access Remedies To learn more, download the PLA Initiative Research Sponsorship Outline. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    42. 42. The Cloud Security Alliance (CSA) Top Threats Working Group released The Notorious Nine: Cloud Computing TopThreats in 2013A revised report aimed to provide organizations with up-to-date, expert-informed understanding of cloud securitythreats in order to make educated risk-management decisions regarding cloud adoption strategiesReport focuses on threats specifically related to the shared, on-demand nature of cloud computingServes as an up-to-date threat identification guide that will help cloud users and providers make informed decisionsabout risk mitigation within a cloud strategyThe Top Threats Working Group used these survey results alongside their expertise to craft the final The NotoriousNine: Cloud Computing Top Threats in 2013.Identified the following nine critical threats to cloud security: 1. Data Breaches 2. Data Loss 3. Account Hijacking 4. Insecure APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse and Nefarious Use 8. Insufficient Due Diligence 9. Shared Technology IssuesIntended to be utilized in conjunction with the best practices guides “Security Guidance for Critical Areas in CloudComputing V.3” and “Security as a Service Implementation Guidance”Companies and individuals interested in learning more or joining the group can visithttps://cloudsecurityalliance.org/research/top-threats/. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    43. 43. Formation of the Legal Information Center (CLIC), a new online resource.The launch of the CLIC is part of an ongoing effort on behalf of the CSA to help individuals and organizations betterunderstand and address the various and often complicated legal issues related to cloud computingThe CLIC will be an open resource for cloud computing practitioners, regulators, and legal experts with a mission toprovide unbiased information about the applicability of existing laws and also identify laws that are being impacted bytechnology trends that may require modificationAs part of this new initiative, CSA and Box hosted a panel discussion entitled, “US and Foreign Laws RegulatingGovernment Access to Data Held in the Cloud” on Thursday, February 28th Panel participants included legal and regulatory experts from seven countries Moderated by Francoise Gilbert, Founder and General Manager of the IT Law Group as well as General Counsel for the CSA. The panel explored a wide range of issues related to the rule of laws governing access of governments to data held in the cloudMore information on the CLIC: https://cloudsecurityalliance.org/research/clic/ Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    44. 44. Announced the launch of a new global training program called the CSA Master Training ProgramHP named as the initial partner of this new programThe CSA Master Training Program is designed to accelerate worldwide access and adoption of the CSA Certificate ofCloud Security Knowledge (CCSK) CertificationWith assistance from HP, CSA will invest in the global expansion of CCSK training availability, A key focus on the Asia Pacific region.CSA and HP will also work closely to collaborate on a curriculum roadmap through the CCSK Center of Excellencebased in SingaporeHP will adapt existing CCSK lab-based training to include HP cloud solutionsHP Education Services will certify any HP CCSK training staff based on HP’s CSA-certified coursewareAt the annual CSA Congress in October 2012, the CSA published version 3 of its CCSK Included two principal updates, including an update to the CCSK Training Materials as well as a new CCSK exam The CCSK is aligned with the latest release of CSA’s Security Guidance as well as other intellectual property, which comprises the CSA Common Body of Knowledge (CBK) Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org
    45. 45. Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×