Category: Research

Prepared by the SaaS Governance Working Group under Cloud Security Alliance, the SaaS Governance Best Practices for Cloud Customers report provides a baseline set of SaaS governance best practices to help organizations leverage the full potential of SaaS environments. With the global SaaS industry estimated to reach 441 billion dollars* by 2027, a critical question grows: can organizations shift how they handle cybersecurity?

Adopting SaaS applications and solutions requires updated protocols for protecting data. This new publication provides guidance and defines three components for a cohesive strategy toward SaaS governance and security.

Organizations that fail to adopt an updated security governance mindset may experience: 

• Breaches that disclose sensitive data 
• Revenue loss
• Tarnished reputation
• Damaged customer trust
• Regulatory consequences 

Learn how to implement practices that protect sensitive data throughout the entire SaaS lifecycle – evaluation, adoption, usage, and termination. 

Download the report: https://cloudsecurityalliance.org/artifacts/saas-governance-best-practices-for-cloud-customers/

In collaboration with Google Cloud, CSA released the new survey report Measuring Risk and Risk Governance to provide a deeper understanding of public cloud adoption and risk management practices within the enterprise.

The goal of this research is to assess the maturity of public cloud and risk management within enterprises. Among the survey’s key findings:

• There is no consistency of data classification across the use of cloud platforms and services — only 21% of users are utilizing cloud service data classification.
• More than half (52%) of organizations reported that they did not evaluate the risk of their cloud services being used after procurement as product features or business environments changed.

This study shines a light on the opportunity enterprises can take to manage and measure their risk, and will hopefully lead to improved risk management practices.

​​“Increasingly, cloud is becoming … more of a means to manage risks. Continuously evaluating your risk status allows enterprises to properly configure and maximize the effectiveness of [your] security solutions, which in turn, protects their assets and improves business productivity,” said Phil Venables, Chief Information Security Officer and Vice President of Google Cloud. 

This study confirms that IT modernization into the cloud is the best path toward viable risk management.

Download it here.