Guideline on Effectively Managing Security Service in the Cloud

By Dr. Kai Chen, Director of Cybersecurity Technology, Huawei Technologies Co. Ltd. The cloud computing market is growing ever so rapidly. Affordable, efficient, and scalable, cloud computing remains the best solution for most businesses, and it is heartening to see the number of customers deploying cloud services continue to grow. From the beginning of cloud’s […]

How Can the Financial Industry Innovate Faster?

By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.com How can the financial industry innovate faster? Why do non-technical people need to have a basic understanding of cloud technology? Imagine this scenario. Davinci is a company providing a SaaS solution to banks to process loans and mortgage applications. Davinci runs its own software […]

CCSK in the Wild: Survey of 2018 Certificate Holders

Even as more organizations migrate to the cloud, there’s still a concern as to how well those cloud services are being secured. According to an article by Forbes “66% of IT professionals say security is their greatest concern in adopting a cloud computing strategy.” As you embark on your quest to fill this skills gap, […]

Software-Defined Perimeter Architecture Guide Preview: Part 4

Part 4 of a four-part series By Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc. Over the past three blog posts on this topic, we’ve provided an overview of the Software-Defined Perimeter (SDP) Architecture Guide, including its outline, core SDP concepts, and a summary of SDP benefits. In this, our final preview blog on the […]

CVE and Cloud Services, Part 2: Impacts on Cloud Vulnerability and Risk Management

By Victor Chin, Research Analyst, Cloud Security Alliance, and Kurt Seifried, Director of IT, Cloud Security Alliance This is the second post in a series, where we’ll discuss cloud service vulnerability and risk management trends in relation to the Common Vulnerability and Exposures (CVE) system. In the first blog post, we wrote about the Inclusion […]

Recommendations for IoT Firmware Update Processes: Addressing complexities in a vast ecosystem of connected devices

By Sabri Khemissa, IT-OT-Cloud Cybersecurity Strategist,Thales Traditionally, updating software for IT assets involves three stages: analysis, staging, and distribution of the update—a process that usually occurs during off-hours for the business. Typically, these updates apply cryptographic controls (digital signatures) to safeguard the integrity and authenticity of the software. However, the Internet of Things (IoT), with its […]

PCI Compliance for Cloud Environments: Tackle FIM and Other Requirements with a Host-Based Approach

By Patrick Flanders, Director of Marketing, Lacework Compliance frameworks and security standards are necessary, but they can be a burden on IT and security teams. They provide structure, process, and management guidelines that enable businesses to serve customers and interoperate with other organizations, all according to accepted guidelines that facilitate a better experience for end […]

Software-Defined Perimeter Architecture Guide Preview: Part 3

Part 3 in a four-part series By Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc. Thanks for returning for our third blog posting, providing a preview of the forthcoming Software-Defined Perimeter (SDP) Architecture Guide. In this article, we’re focusing on the “Core SDP Concepts” section of the document, which introduces the underlying principles of SDP, […]

Pwned Passwords – Have Your Credentials Been Stolen?

By Paul Sullivan, Software Engineer, Bitglass Data breaches now seem to be a daily occurrence. In recent months, Have I Been Pwned (HIBP) introduced  Pwned Passwords, which allows you to securely check your password against a database of breach data. There are over 280 breaches in the database, and that’s only the tip of the iceberg. Breaches aren’t just a problem for the users who lose their data, but for […]

Join CSA’s New DC Metro Area Chapter

The Cloud Security Alliance (CSA) is pleased to announce that its DC Metro Area chapter has been chartered to serve the DC metro area CSA membership. The chapter’s region includes a diverse range of businesses, government organizations and academic institutions who all have an interest in well-engineered, secure IT systems, including many heavily regulated industries such as […]