We would like to send you updates about our ongoing initiatives and opportunities to participate. Jon-Michael C. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Read more. Sean Cordero brings more than 15 years of information security and IT experience to his current role as director, information security at Optiv.
Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, She has worked for a number of enterprises like JP Morgan Chase, HSBC, Merck, Boeing Company, T-Mobile and Microsoft where she was responsible for defining cloud security strategies, cloud security architecture, digital transformation and migration of applications to the cloud.
He is the co-chair of the CSA Cloud Key Management Working Group, which he envisions as a means of hearing diverse perspectives on the use of cloud services and expectations for both data privacy and secu Sean Estrada is Head of Industry Standards Engagement for AWS, where he is responsible for driving engagement with industry standards organizations and alliances.
Building on over 15 years of experience in information security, audit and compliance, Sean is Amazon's internal subject matter expert on security standards design, strategy and implementation, and is Amazon's representative to the PCI Board of Advisors and the Vice President of t With more than 25 years of information security experience, Shawn Harris is currently the Director of Information Security at Starbucks Coffee Company.
Participate in peer reviews, surveys, or join the working group. Learn more about the current initiatives in development here. View the working group. CSA Executive and Corporate members receive a discount on 1 year, 2 year, 5 year, and 10 year licensing contracts.
Examples of products and services are:. Research Home. Working Groups. Assess cloud providers by having them fill out the CAIQ questionnaire. Certificate of Cloud Auditing Knowledge Improve the security and compliance posture of your organization by having your team trained and certified in best practices for the evaluation and auditing of cloud services. Which security domains are covered by the CCM?
Download Publication. Cloud Controls Matrix v3. There is a new version of the Cloud Controls Matrix available, you can find it here. You can learn about the transition timeline for v3. The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.
CCM is currently considered a de-facto standard for cloud security assurance and compliance.
0コメント