Framework introduces base-level security controls required to mitigate numerous risks associated with IoT systems SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019– The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practic...
CSA announced the recipients of its Decade of Vision Leadership award, given to the three founding CEOs, who provided the initial startup funding, plus consistent support, mentoring, and evangelism of the CSA mission on a global basis over the last 10 years. The awards were presented at the CSA Summit at RSA Conference.
As part of the agreement—and at the invitation of the Internet Security Conference (ISC), one of the most insightful high-profile events on network security in Asia-Pacific and worldwide—the CSA will host a CSA Summit co-located with the ISC event in Beijing on Aug. 21-22, 2019. Founded in 2013, the ISC has been successfully held for six years, during which time it has been well recognized, supported and participated by governments, think tanks, business executives, academia, industry influences and technical elites.
Cloud Security Alliance Launches STAR Continuous, a Compliance Assessment Program for Cloud Service Providers
Chance to align security validation capabilities with cloud security compliance gives enterprises a competitive edge SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best pra...
Offers individuals, enterprises high-quality flexible training to complement and enhance knowledge, schedules and budgets SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of bes...
The beta version of CAIQ-Lite released today represents every security control domain from the original questionnaire in a shorter, 73 question format. Citing the increased focus on cloud vendor security and the need for organizations worldwide to perform a significantly higher volume of assessments on a growing population of cloud vendors, Whistic and CSA worked together to develop a Lite version that focused more on accessibility and ease of use for both cloud vendors and the enterprises performing the vendor security risk assessments.
IBM, Starbucks, Turner CISOs to Give Keynote Addresses SEATTLE – RSA CONFERENCE 2019 - Jan. 24, 2019 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today a...
New Cloud Security Alliance Study Finds Cybersecurity Incidents and Misconceptions Both Increase as Critical ERP Systems Migrate to Clouds
Seattle, WA – January 11, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the findings from the first research survey on “Enterprise Re...
Cloud Security Alliance, National Technology Security Coalition Release “Streamlining Vendor IT Security and Risk Assessments” Whitepaper
Report advocates for a new approach to how organizations manage risks, achieve assurance, and enable trust in the cloudSEATTLE – Dec. 20, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure...
Volunteers recognized for dedication, efforts to furthering cloud security best practicesORLANDO – Dec. 11, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment...
Recent Blog Posts
By Will Houcheime, Product Marketing Manager, Bitglass Today, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organizations’ IT departments understand how vital cybersecurity is, but must be equipped with modern tools […]
By the CSA Education Team This is the fourth part in a blog series on cloud security training, in which we will be interviewing Satishkumar Tadapalli a certified and seasoned information security and data privacy consultant. Tadapalli has 12+ years of multi-functional IT experience in pre-sales, consulting, risk advisory and business analysis. He has rich […]
By Jacob Serpa, Product Marketing Manager, Bitglass When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be remediated. Insider threats, which involve either malicious or careless insiders, are another significant […]
CSA STAR – The Answer to Less Complexity, Higher Level of Compliance, Data Governance, Reduced Risk and More Cost-Effective Management of Your Security and Privacy System
By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance We just launched a major refresh of the CSA STAR (Security, Trust and Assurance Risk) program, and if you were at the CSA Summit at RSA, you got preview of what’s in store. So let me put things in a bit more context regarding the evolution […]
By Jacob Serpa, Product Marketing Manager, Bitglass In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details are properly secured. Each year, Bitglass conducts an analysis and uncovers how well healthcare organizations are […]
By Andrew Wright, Co-founder & Vice President of Communications, Fugue The cloud represents the most disruptive trend in enterprise IT over the past decade, and security teams have not escaped turmoil during the transition. It’s understandable for security professionals to feel like they’ve lost some control in the cloud and feel frustrated while attempting to get […]
By Nate Dyer, Product Marketing Director, Tenable Application containers like Docker have exploded in popularity among IT and development teams across the world. Since its inception in 2013, Docker software has been downloaded 80 billion times and more than 3.5 million applications have been “dockerized” to run in containers. With all the enthusiasm and near-mainstream […]
By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance As a SixSigma Black Belt I was brought up over the years with the philosophy of continual monitoring and improvement, moving from a reactive state to a preventive state. Actually, I wrote a white paper a couple of years ago on how SixSigma is applied to […]
By Istvan Lam, CEO, Tresorit By migrating data to the cloud, businesses can enjoy scalability, ease of use, enhanced collaboration and mobility, together with significant cost savings. The cloud can be especially appealing to subject-matter experts as they no longer have to invest in building and maintaining their own infrastructure. However, the cloud also brings challenges when it comes to information […]
By CSA Staff The CSA closed its 10th annual Summit at RSA on Monday, and the consensus was that the cloud has come to dominate the technology landscape and revolutionize the market, creating a tectonic shift in accepted practice. The advent of the cloud has been a huge advancement in technology. Today’s need for flexible […]
The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
Description: The CAIQ is based upon the CCM and provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix.
Description: The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing. CCM is currently considered a de-facto standard for cloud security assurance and compliance.