All Articles

All Articles
Cloud Security Alliance Announces Industry’s First Credential for Cloud Auditing

Press Release Published: 12/04/2019

The Certificate of Cloud Auditing Knowledge (CCAK) allows professionals to demonstrate expertise in auditing cloud computing systemsLas Vegas — Dec. 4, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ...

The Four Pillars of CASB: Visibility

Blog Published: 12/04/2019

By Juan Lugo Product Marketing Manager at BitglassDue to the potential for data leakage in the cloud, the use of CASBs (cloud access security brokers) is needed in order to maintain visibility over data that has gone beyond the reach of on-premises tools. Activity LogsWhen it comes to sensitive d...

What’s a Pseudo Cryptocurrency?

Blog Published: 11/25/2019

By Kurt Seifried, Chief Blockchain Officer, CSAYou may not have yet seen the term “pseudo cryptocurrency,” in fact it (as of 2019-08-22) it only shows up 2030 Google search results and a quarter million without the quotes. So if nobody is using this term, why does it matter?Currently, we have a n...

Digital Transformation, Cybersecurity, Cloud Apps, and Cloud Security

Blog Published: 11/21/2019

By Ben Rice VP Business Development at BitglassWhat you see in the title is what we covered in our latest webinar, but what part of it is really important? All of it? Some? Or is it all just marketing blather that can be ignored? The truth lies in the middle – we are all adopting more cloud in ou...

CSA’s Certificate of Cloud Computing Knowledge Plus Labs Are Now Available on Microsoft Azure Cloud Platform

Press Release Published: 11/20/2019

Expansion gives Microsoft users equal access and functionality on the Azure platformSEATTLE and BERLIN – CSA EMEA CONGRESS – Nov. 20, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cl...

Cloud Security Alliance Health Information Management Working Group Co-Chair Dr. Jim Angle to Present at HIMSS

Press Release Published: 11/20/2019

Attendees will learn best practices to manage the risk inherent with operating modern-day medical devicesSEATTLE – Nov. 20, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud ...

The Four Pillars of CASB: Threat Protection

Blog Published: 11/18/2019

By Juan Lugo Product Marketing Manager at BitglassThreat protection is integral for defense against malware. Oftentimes, months go by without organizations realizing that they have been infected with malware – rather than addressing the problem after the fact, it is best to prevent the attack in ...

​Keeping Up With Changing Technology by Reducing Complexity

Blog Published: 11/15/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, CSA Research Fellow, Assurance Investigatory Fellow, Cloud Security Alliance Fox News reported that in answer to the previous Boeing 737 accidents, the Federal safety officials say, “Boeing should consider how cockpit confusion can slow the res...

4 Common Cloud Misconfigurations & What To Do About Them

Blog Published: 11/14/2019

By Kevin Tatum, IT Security Engineer at ExtraHopIn a recent report, McAfee uncovered the rise of Cloud-Native Breaches and the state of multi-cloud adoption. We'll define the top 4 cloud misconfiguration goofs from their list, how they can affect your organization, and what to do about them.When ...

The Risk of Unsecured Dev Accounts

Blog Published: 11/13/2019

This article was originally published on Fugue's blog here. By Drew Wright, Co-Founder Fugue Most organizations now recognize the importance of cloud security, likely due in large part to the sharp uptick in cloud-based data breaches resulting from cloud misconfiguration. Achieving an...

CSA Contributes to Key How-To Guidance Documents for Multi-Party Recognition and Continuous Audit-Based Certification

Press Release Published: 11/07/2019

Practical guidelines to innovative framework promoting trust in cloud servicesBERLIN –– Nov. 7, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today annou...

Google’s Potential Claim to the Throne of Quantum Supremacy: What Does it Mean for Cybersecurity?

Blog Published: 11/06/2019

By Roberta Faux, Shamik Kacker, Bruno Huttner, John Hooks, Ron F. del Rosario, Ludovic Perret and John Young A mysterious paper A research paper titled “Quantum Supremacy Using a Programmable Superconducting Processor” briefly appeared last September 21, 2019 on NASA’s Technical Report Server (...

CMMC – the New Protocol Droid for DoD Compliance

Blog Published: 11/06/2019

By Doug Barbin - Cybersecurity Practice Leader at Schellman & Company, LLCA long time ago in a galaxy exactly ours…There was 800-171. For some time, the US Department of Defense has been working to revise its funding procurement procedures referred to as the Defense Acquisition Regulation...

3 Technical Benefits of Service Mesh, and Security Best Practices

Blog Published: 11/04/2019

By Ran Ilany, co-founder and CEO for PortshiftOrganizations that implement containers often ask about using a service mesh layer. While this isn’t obligatory by any means, there are many benefits to running a service mesh that makes it the sensible choice for organizations seeking security, effic...

CSA Announces Advanced Cloud Security Practitioner Training, a Highly Technical Hands-on Course for Technical Security Professionals

Press Release Published: 11/04/2019

Program delves deep into practical cloud security, applied DevSecOps for enterprise-scale cloud deployments SEATTLE – Nov. 4, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud com...

Cloud Security Alliance Releases Anti-DDoS: Software-Defined Perimeter 
As a DDoS Prevention Mechanism

Press Release Published: 10/28/2019

Document examines the operationalization of Software-Defined Perimeter as prevention mechanism against three well-known types of Distributed Denial of Service attacksORLANDO – (ISC)2 Security Congress – Oct. 28, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated ...

Cloud Security Alliance 2019 EMEA Congress Adds Focus on Risk Governance and European Cloud Certification Enablement

Press Release Published: 10/24/2019

William Ochs, Rolf Becker will share insight from 60 years combined experience in banking and cybersecurity risks Berlin, Germany – Oct. 24, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to hel...

Corporate Contractors and the Requirement for Zero-Trust Network Access

Blog Published: 10/21/2019

By Etay Bogner, VP, Zero-Trust Products Proofpoint and former CEO of Meta NetworksIt’s not a stretch to say that most industries and organizations today have contractors in the mix who need remote access to the company’s network. Yet the traditional virtual private network (VPN) method of enablin...

Introducing Reflexive Security for integrating security, development and operations

Blog Published: 10/14/2019

By the CSA DevSecOps Working Group Organizations today are confronted with spiraling compliance governance costs, a shortage of information security professionals, and a disconnect between strategic security and operational security. Due to these challenges, more and more companies value agility ...

Cloud Penetration Testing the Capital One Breach

Blog Published: 10/10/2019

By Alexander Getsin, Lead Author for Cloud Penetration Testing PlaybookAligning the Capital One breach with the CSA Cloud Penetration Testing PlaybookIn March 2019, Capital One suffered a unique cloud breach. 140,000 Social Security numbers and 80,000 linked bank account numbers were exposed, alo...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.