CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security

Posted on by Ben Rothke

Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors.


Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy.

The challenge is how to reap the benefits of the cost savings and agility of cloud computing, without throwing security and privacy out the door.


In the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security, authors Raj Samani, Jim Reavis and Brian Honan provide a good overview of the core areas around cloud security and privacy.

The books starts with an introduction of what cloud computing is. And then gets into key areas such as security considerations for the cloud, privacy imperatives, compliance and regulatory issues, and more.

Chapter 9 on Dark Clouds: What to Do in the Event of a Security Incident is of particular interest, as it is inevitability that there will be security incidents in the cloud. The problem is that many organizations don’t plan for that and when the incident occurs, are completely unprepared on how to deal with it.

At just under 200 pages, the book provides a good overview of the topic. For those looking for a solid introduction to the issue around the security and privacy of cloud computing, the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security is a solid guide in which to use.



























ISBN-10: 0124201253
ISBN-13: 978-0124201255
Ben Rothke

Ben Rothke

Senior Information Security Manager, Tapad

Business Perspectives

cloud security risk management critical infrastructure security operations

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs