The cloud Shared Security Responsibility Model (SSRM) is inherent to the use of cloud services. It is critical for cloud service customers (CSCs) to be competent and up to date on how they and their cloud service providers (CSPs) share the responsibility for securing their cloud footprint. CSA’s Cloud Controls Matrix (CCM) and framework of underlying components help cloud organizations, CSPs and CSCs, delineate their controls ownership and implementation responsibility by conveying how a CSP is responsible for managing the security of public-cloud, while the CSC is responsible for securing what is in the cloud. In this presentation, we aim to demystify the most important cloud security construct, the SSRM, while leveraging the controls and toolsets provided by CCM v4.