Papers examining new frontiers accelerating change in information security are sought Berlin, Germany – June 26, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing...
Innovative model challenges enterprises to investigate risk from perspective other than that of the cloud service provider SEATTLE – June 24, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help en...
Cloud Security Alliance Study Identifies New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments
Holistic cloud visibility and control over increasingly complex environments are essential for successful deployments in various cloud scenarios SEATTLE – May 21, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of b...
Registration has opened for the annual CSA Congress EMEA (Berlin, Nov. 18-21, 2019). This multi-day conference will offer cloud security professionals a unique mixture of compelling presentations and topical discussions on research, technical and policy development, practice, requirements and tools related to cloud security, privacy and emerging technologies.
The first international research report to define technical requirements for cloud OS security specifications and to address their importanceSINGAPORE – May 8, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices ...
Produced by the Software-Defined Perimeter Working Group, this Software-Defined Perimeter (SDP) Architecture Guide is designed to help enterprises and practitioners learn more about SDP and the economic and technical benefits it can provide, as well as assist users in implementing SDP in their organizations successfully.
Former U.S. CIO Vivek Kundra to share his experience leading change across the U.S. government, the world’s largest consumer of information technology Seattle, WA – April 23, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising aw...
Framework introduces base-level security controls required to mitigate numerous risks associated with IoT systems SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019– The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practic...
CSA announced the recipients of its Decade of Vision Leadership award, given to the three founding CEOs, who provided the initial startup funding, plus consistent support, mentoring, and evangelism of the CSA mission on a global basis over the last 10 years. The awards were presented at the CSA Summit at RSA Conference.
As part of the agreement—and at the invitation of the Internet Security Conference (ISC), one of the most insightful high-profile events on network security in Asia-Pacific and worldwide—the CSA will host a CSA Summit co-located with the ISC event in Beijing on Aug. 21-22, 2019. Founded in 2013, the ISC has been successfully held for six years, during which time it has been well recognized, supported and participated by governments, think tanks, business executives, academia, industry influences and technical elites.
Studie der Cloud Security Alliance identifiziert neue und einzigartige Sicherheitsprobleme in nativen, hybriden und Multi-Cloud-Umgebungen
Recent Blog Posts
By Jim de Haas, cloud security expert, ABN AMRO Bank This whitepaper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it easier for organizations to identify, represent and […]
By Roberta Faux, Director of Advance Cryptography, BlackHorse Solutions Our new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybrid Cryptography,” is aimed at helping non-technical corporate executives understand how to potentially […]
By Victor Chin, Research Analyst, Cloud Security Alliance Cloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP) applications. Most organizations are migrating business-critical applications to a hybrid architecture of ERP applications. To […]
By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: G Suite User Passwords Stored in Plaintext Since 2005 Contact Data of Millions of Instagram Influencers Exposed Rogue Iframe Phishing Used to Steal Payment Card Information London Commuters to be Tracked Through the Use of Wi-Fi Hotspots Thousands of […]
By Ryan Bergsma, Training Program Director, Cloud Security Alliance In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials, to how to prepare, to the details of the exam, including a module breakdown, passing rates, format etc. If you’re considering earning your CCSK, […]
By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching using quantum computers to help optimize traffic, and researchers at Roche are investigating the use […]
By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going to comply and […]
By Hillary Baron, Research Analyst, Cloud Security Alliance CSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the survey of 700 IT and security professionals aims to analyze and better understand the state of adoption and security […]
By Will Houcheime, Product Marketing Manager, Bitglass Financial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to embrace the cloud’s myriad advantages without compromising the security […]
By Paul Sullivan, Software Engineer, Bitglass News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for enterprise security. First, let’s clear […]
The Certificate of Cloud Security Knowledge (CCSK) is designed to ensure that a broad range of professionals with a responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct for GDPR Compliance is designed to be an appendix to a Cloud Services Agreement to describe the level of privacy protection that a Cloud Service Provider will provide.
Note: The current version of of the CSA Code of Practice is 3.2 (which replaces 3.1), the updates were to be in compliance and align with the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 adopted February 12, 2019.
Description: The CAIQ is based upon the CCM and provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix.
Description: The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing. CCM is currently considered a de-facto standard for cloud security assurance and compliance.