June 05, 2017
Selected Inaugural Providers BH Consulting, KPMG, Optiv and Securosis Ready to Help Organizations Ensure Secure Cloud Implementation Best Practices SEATTLE, WA – June 5, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the…
May 25, 2017
New Report from Internet of Things (IoT) Working Group Identifies Vehicle Attack Vectors and Impacts, Provides Recommendations for Securing the Connected Vehicle Environment SEATTLE, WA – May 25, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing…
May 03, 2017
Program to Feature Experts from DHS, HHS, and GSA on the State and Future of Cloud Security in Government and Industry, IoT and More Washington, DC – May 2, 2017 – The Cloud Security Alliance (CSA) today announced the line-up of featured speakers and discussions for its third annual Cloud Security Alliance Federal Summit, a…
May 01, 2017
NEW ZEALAND – April 25, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced that it has successfully hosted the 28th ISO/IEC JTC 1/SC 27 Plenary and Working Group Meetings. The meeting in New…
April 17, 2017
Singapore – April 13, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced that it successfully hosted its 6th annual CSA APAC Summit in Singapore on April 10, 2017. The one-day event was attended by thought…
April 03, 2017
First Annual Boston Event to Focus on Cloud Revolution and Accelerating Business BOSTON, MA – April 3, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced that the CSA Boston Chapter is hosting the…
March 15, 2017
In our mission to build a more secure Cloud ecosystem, the Cloud Security Alliance (CSA) is commencing on working on 2 new research working groups together with our executive member Huawei. Cloud Component Specifications WG Looking at the current environment, there are several internationally recognized standards that guide and evaluate cloud service providers in ISMS…
March 13, 2017
The Cloud Security Alliance would like to invite you to participate in the SaaS Governance Working Group. The SaaS Governance working group aims to benefit all parties in the Software-as-a-Service (SaaS) ecosystem by supporting a common understanding of SaaS related risks from the perspectives of the cloud customer and cloud service provider. We are currently…
EcnonoTimes | April 04, 2017
SC Magazine | April 03, 2017
Data Center News Asia | March 09, 2017
Dataversity | February 24, 2017
Beta News | February 21, 2017
eWEEK | February 21, 2017
Channel Partners | February 21, 2017
eSecurityPlanet | February 21, 2017
Search CIO | February 17, 2017
SearchCloudComputing | February 17, 2017
Security Intelligence | February 16, 2017
CXO Today | February 16, 2017
FCW | February 15, 2017
Help Net Security | February 15, 2017
ReadItQuik | February 15, 2017
Dark Reading | February 14, 2017
eWEEK | February 14, 2017
Enterprise Innovation | February 14, 2017
Yahoo Finance | February 13, 2017
Yahoo Finance | February 13, 2017
June 12, 2017
By Hillary Barron, Research Analyst and CloudBytes Program Manager, Cloud Security Alliance Whether you’re trying to make the move to cloud while managing an outdated endpoint backup, attempting to figure out how to overcome the challenges pertaining to developing and deploying security automation, or determining how and why you should build...
June 09, 2017
You don’t know what you don’t know By Yael Nishry, Vice President of Business Development, Vaultive, and Arthur van der Wees, Founder and Managing Director, Arthur’s Legal Ransomware IT teams generally use encryption to enable better security and data protection. However, in the hands of malicious parties, encryption can be...
June 07, 2017
I tried explaining blockchain to my wife and here’s what happened… By Antony Ma, CTO/PowerData2Go, Founding Chairman/CSA Hong Kong and Macau Chapter, and Board Member/CSA Singapore Chapter I introduced my wife to Python around nine months ago, and now she’s tinkering and has drawn a tortoise on her MacBook. After spending more...
June 02, 2017
Survey shows what companies expected and what they found out By Atri Chatterjee, Chief Marketing Officer, Zscaler It’s been six years since Microsoft introduced Office 365, the cloud version of the most widely used productivity software suite. In those years, Office 365 has earned its place as the fastest-growing cloud-delivered application...
May 31, 2017
By Jeremy Zoss, Managing Editor, Code42 Here’s a nightmare scenario for IT professionals: Your CFO is working from the road on a high-profile, highly time sensitive business deal. Working late on documentation for the deal, a spilled glass of water threatens everything. His laptop is fried; all files are lost. What...
May 25, 2017
By John Yeoh, Research Director/Americas, Cloud Security Alliance Connected Vehicles are in the news for introducing new features and capabilities to the modern automobile. Headlines also highlight security hacks that compromise vehicle operations and usability. While sources note that the vulnerabilities identified so far have been addressed, a greater understanding is...
May 22, 2017
By Alex Hsiung, Senior Associate, Schellman & Co. Cloud computing technologies have revolutionized the way organizations manage and store their information. Where companies used to house and maintain their own data, a host of organizations have now made the switch to a cloud-based model due to the ease of use and...
May 19, 2017
By Jacob Serpa, Product Marketing Manager, Bitglass Unless you’ve been living under a rock for the last few weeks, you know that there has been a notable increase in cyberattacks around the world. Hackers have been spreading a type of ransomware called “WannaCry” via emails that trick recipients to open...
The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
The Cloud Security Alliance offers training in the following three areas: CCSK training, PCI Cloud training, GRC Stack training.
All of our past newsletters are available online for your convenience.
Cloud Security Alliance Releases Candidate Mapping of ISO 27002/27017/27018 Security Controls At the Cloud Security Alliance Summit San Francisco 2016, the CSA announced the release of the Candidate Mappings of ISO 27002/27017/27018 to version 3.0.1 of the CSA Cloud Controls Matrix (CCM). The ISO 27XXX series provides an overview of information security management systems. ISO…
Release Date: June 06, 2016
Realigns the CAIQ questions to CCM v3.0.1 control domains and the Cloud Security Alliance “Security Guidance for Critical Areas of Focus in Cloud Computing V3.0”
Release Date: February 01, 2016
A research document outlining the six dimensions of big data to help decision makers navigate the myriad choices in compute and storage infrastructures as well as data analytics techniques, and security and privacy frameworks.
Release Date: September 18, 2014
The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business.
Release Date: February 25, 2013
The Outline provides a structure for Cloud Service Providers (CSP) to disclose, in a consistent matter, information about the privacy and data protection policies, procedures and practices used when processing personal data that customers upload or store in the CSP’s servers.
Release Date: February 24, 2013
Mobile devices empower employees to do what they need to do — whenever and wherever. People can work and collaborate “in the field” with customers, partners, patients or students and each other. But they need to be supported with always current operational processes and information, whether from apps, the Internet, or documents from other people.
Release Date: November 08, 2012
The CSA guidance as it enters its third edition seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable road map to managers wanting to adopt the cloud paradigm safely and securely. Domains have been rewritten to emphasize security, stability and privacy, ensuring corporate privacy in a multi-tenant environment.
Release Date: November 14, 2011
Questionnaire is organized using CSA 13 governing & operating domains divided into “control areas” within CSA’s Control Matrix structure.
Release Date: September 01, 2011
By now the benefits of cloud computing are generally understood at high level. What is not necessarily clear are the details of the potential security, legal, financial, and compliance impacts that cloud adoption will produce. The stakeholders who are currently responsible for these areas are sometimes not sufficiently familiar with how a cloud-first strategy affects…
Release Date: June 06, 2017
The introduction of Connected Vehicles (CVs) has been discussed for many years. Pilot implementations currently underway are evaluating CV operations in realistic municipal environments. CVs are beginning to operate in complex environments composed of both legacy and modernized traffic infrastructure. Security systems, tools and guidance are needed to aid in protecting CVs and the supporting…
Release Date: May 25, 2017