To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. Learn more
December 10, 2016
Public Cloud Workloads Survey Time: 15-20 minutes Closing Date: Jan 9th, 2017 Prizes: 5 CCSK Tokens Go to Survey Abstract: Despite a wide range of commercial software applications, many enterprises still have unique requirements they fulfill with custom, internally developed applications. For example, an airline may develop its own scheduling application for pilots and flight…
November 30, 2016
It could take months to know what the Trump administration’s cybersecurity policy will be. Cyber-defense experts weigh in with advice and best practices for securing your company today. November 28, 2016, 10:15 AM PST From Katie Lewin – Federal Director, Cloud Security Alliance Historically when the executive and legislative branches of the federal government are…
November 23, 2016
Findings Come on the Heels of Successful CSA APAC Congress in Bengaluru Bengaluru, India – November 22, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, successfully hosted its 4th CSA APAC Congress on 22nd-23rd November…
November 15, 2016
STARWatch SaaS Application Empowers Organizations to Manage Compliance & Risks Using CSA Standards and Best Practices SAN FRANCISCO – November 15, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the launch of its…
November 03, 2016
OCTOBER 28, 2016 via RESEARCHandMARKETS, The World’s Largest Market Research Store Last week’s DDoS attack was the largest of its kind in history, and shows how easy Internet of Things devices can be compromised and used to conduct massive cyber-attacks. The attack has caused serious concern among the technology community regarding the level of security…
November 02, 2016
Beijing, CHINA – November 1, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and Ernst & Young (EY) China, today released the results of a joint survey, “Financial Services Industry Cloud Adoption Survey: China”. The…
October 07, 2016
‘Designing and Developing Secure IoT Products’ Provides Actionable and Useful Guidance to Raise the Overall Security of IoT Products San Jose, CA – CSA Congress 2016 – October 7, 2016 – The Cloud Security Alliance (CSA) today released a new detailed and hefty guidance report titled Future-proofing the Connected World: 13 Steps to Developing Secure…
October 07, 2016
Agenda and Keynote Speakers Announced for Premiere European Cloud Security Event MADRID, SPAIN – October 7, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the agenda and keynote speakers for its fifth annual…
Business Standard | November 23, 2016
IT Business Edge | November 23, 2016
Data Center Knowledge | November 23, 2016
MSP Mentor | November 23, 2016
The Hindu Business Line | November 23, 2016
Help Net Security | November 18, 2016
RCR Wireless | November 17, 2016
Network World | November 15, 2016
Executive Blog | November 15, 2016
Bob's Guide | November 09, 2016
Active Telecoms | November 03, 2016
The Whir | November 02, 2016
Research and Markets | October 28, 2016
Security Systems News | October 26, 2016
Info World | October 26, 2016
CSC Blogs | October 24, 2016
Tech News World | October 13, 2016
The Register | October 13, 2016
Government Technology Magazine | October 13, 2016
Christian Science Monitor | October 13, 2016
December 09, 2016
By Lance Logan, Manager/Global Marketing Program, Code42 For the second year in a row, IBM’s Fletcher Previn wowed the audience at the JAMF user conference with impressive statistics on how the company’s growing Mac-based workforce is delivering dramatic and measurable business value. IBM expects Macs to save $26M in IT costs...
December 05, 2016
By Jamie Tischart, CTO Cloud/SaaS, Intel Security The world is awash in DevOps, but what does that really mean? Although DevOps can mean several things to different individuals and organizations, ultimately it is about the cultural and technical changes that occur to deliver cloud services in a highly competitive environment....
December 02, 2016
By Laurie Kumerow, Consultant, Code42 When it comes to cybersecurity, the U.S. federal government recognizes the carrot is more effective than the stick. Instead of using regulations to increase data security and protect personal information within private organizations, the White House is enlisting the insurance industry to offer incentives for...
November 30, 2016
By Jon King, Security Technologist and Principal Engineer, Intel Security Securing virtual assets that appear and disappear. The average life span of a container is short and getting shorter. While some organizations use containers as replacements for virtual machines, many are using them increasingly for elastic compute resources, with life spans...
November 23, 2016
By Patty Hatter, Vice President and General Manager, Intel Security Group Professional Services How to Bring Cloud Usage into the Light On any given day – with a quick spot-check – you’ll probably find that up to half of your company’s IT usage is basically hidden in the shadows of various...
November 21, 2016
By Vijay Ramanathan, Vice President of Product Management, Code42 It’s time to flip our thinking about enterprise information security. For a long time, the starting point of our tech stacks has been the network. We employ a whole series of solutions on servers and networks—from monitoring and alerts to policies and...
November 18, 2016
By Jon King, Security Technologist and Principal Engineer, Intel Security And you thought virtualization was tough on security … Containers, the younger and smaller siblings of virtualization, are more active and growing faster than a litter of puppies. Recent stats for one vendor show containers now running on 10% of hosts,...
November 14, 2016
By Raj Samani, EMEA CTO, Intel Security “How many visitors do you expect to access the No More Ransom Portal?” This was the simple question asked prior to this law enforcement (Europol’s European Cybercrime Centre, Dutch Police) and private industry (Kaspersky Lab, Intel Security) portal going live, which I didn’t have...
The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
The Cloud Security Alliance offers training in the following three areas: CCSK training, PCI Cloud training, GRC Stack training.
All of our past newsletters are available online for your convenience.
Cloud Security Alliance Releases Candidate Mapping of ISO 27002/27017/27018 Security Controls At the Cloud Security Alliance Summit San Francisco 2016, the CSA announced the release of the Candidate Mappings of ISO 27002/27017/27018 to version 3.0.1 of the CSA Cloud Controls Matrix (CCM). The ISO 27XXX series provides an overview of information security management systems. ISO…
Release Date: June 06, 2016
Realigns the CAIQ questions to CCM v3.0.1 control domains and the Cloud Security Alliance “Security Guidance for Critical Areas of Focus in Cloud Computing V3.0”
Release Date: February 01, 2016
A research document outlining the six dimensions of big data to help decision makers navigate the myriad choices in compute and storage infrastructures as well as data analytics techniques, and security and privacy frameworks.
Release Date: September 18, 2014
The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business.
Release Date: February 25, 2013
The Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, information about the privacy and data protection policies, procedures and practices used when processing personal data that customers upload or store in the CSP’s servers.
Release Date: February 24, 2013
Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners, patients or students and each other. But they need to be supported with always current operational processes and information, whether from apps, the Internet, or documents from other people.
Release Date: November 08, 2012
The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment.
Release Date: November 14, 2011
Questionnaire is organized using CSA 13 governing & operating domains divided into “control areas” within CSA’s Control Matrix structure.
Release Date: September 01, 2011
The “State on Cloud Adoption and Security in 2016: India” survey was circulated in an effort to understand and evaluate cloud computing trends in India. We hope to understand cloud adoption plans and usage from different industries in India and how cloud adoption can have an impact on organization business strategies and plans. This report…
Release Date: November 22, 2016
We circulated the “Financial Services Industry Cloud Adoption Survey: China” survey to IT and security professionals in the Financial Services Institutions (FSIs) in China. The goal was not only to raise awareness around Cloud service adoption, but also to provide insight into how finance, government, insurance, and security decision makers take action in their organization…
Release Date: October 28, 2016
Release Date: October 27, 2016
As a follow up to the Top Threats in Cloud Computing and from the months of May to July 2016 we surveyed approximately 100 professionals on the extent of the following: Employees leaking critical information and tradecraft on illicit sites Data types and formats being exfiltrated along with exfiltration mechanisms Why so many data threats…
Release Date: October 19, 2016
With several years of cloud adoption in organizations, approaches to security have been evolving rapidly. To dig deeper into these concerns and the controls being used to mitigate both sanctioned and unsanctioned cloud security risks, the Cloud Security Alliance and Bitglass conducted a survey of 176 IT security leaders. Respondents revealed that visibility and control…
Release Date: August 17, 2016
The Mobile Application Security Testing (MAST) Initiative is a research which aims to help organizations and individuals reduce the possible risk exposures and security threat in using mobile applications. MAST aims define a framework for secure mobile application development, achieving privacy and security by design. Implementation of MAST will result in clearly articulated recommendations and…
Release Date: June 30, 2016
A random number is generated by a process whose outcome is unpredictable, and which cannot be reliably reproduced. Randomness, quantitatively measured by entropy, is the measure of uncertainty or disorder within a set of data. The higher the level of unpredictability, the more random the data is and the more valuable it becomes, particularly for…
Release Date: June 09, 2016