All Articles

All Articles
​Prevent security misconfigurations in a multi-cloud environment

Blog Published: 01/20/2020

By the CipherCloud TeamIn November 2019, we witnessed one of the biggest data breaches to date. Personal information of 1.2 billion users got exposed, including phone numbers, email addresses and profiles of hundreds of millions of people that include home and cell phone numbers, associated socia...

2020 Predictions: Hear Me Now and Believe Me Later

Blog Published: 01/17/2020

By Jim Reavis, Co-Founder and CEO of CSAI am typing up my prediction blog using an invisible ink font, to reduce my embarrassment when 2021 rolls by. I know prediction articles can be a dime a dozen and prognosticators pick both easy and vague items to appear smarter than they are. I am all about...

Behind the Scenes of the IoT Working Group with Mark Yanalitis

Blog Published: 01/15/2020

By CSA Staff and Mark Yanalitis Here at CSA, our working groups are the core of what we do. From researching best practices, to tackling challenges on the horizon, they bring together security professionals from diverse backgrounds and experiences to collaborate on research that will benefit the ...

​Five Predictions to Impact Enterprise Network Security in 2020

Blog Published: 01/10/2020

By Etay Bogner, VP, Zero-Trust Products, ProofpointAccelerating developments in security are playing a significant role in the evolution of enterprise networking. For years, the industry has relied on a hardware-centric, trust-based model that has become increasingly inflexible and insecure. Empl...

Cloud Security Alliance Announces SECtember, a New Annual Conference for the Future of Cybersecurity

Press Release Published: 01/09/2020

Seattle now has its first global event dedicated to the intersection of cloud and cybersecuritySEATTLE – Jan. 9 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing en...

​We Need More Women Mentors For a More Complete Cybersecurity Workforce

Blog Published: 01/07/2020

By Sivan Tehila, Director of Solution Architecture at Perimeter 81It seems like everyone wants to get into the field of cybersecurity. However, this isn’t the case for women. The cybersecurity industry needs to rethink how to attract more women into the talent pool to bring more order into the ge...

Enterprise Architecture Cloud Delivery Model - CCM Mapping

Blog Published: 01/06/2020

The Enterprise Architecture working group has been developing a Cloud Service Delivery Model mapping which aims to give businesses who are building out their cloud program an inside look into roles and responsibilities when it comes to IaaS, PaaS, and SaaS and specific areas within each.This phas...

Cloud Security Alliance Releases First in a Series of Critical Controls Implementation for SAP Guidelines

Press Release Published: 01/06/2020

Document to help organizations securely migrate to operate ERP applications in the cloudSeattle – Jan. 6, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, t...

European Cloud Security Project Leaves Rich Legacy of Materials for Cloud Stakeholders

Press Release Published: 12/19/2019

CSA contributions led to development of multi-party recognition framework for cloud security certifications, continuous auditing-based certification, and Privacy Code of ConductSeattle — Dec. 19, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and ...

​CCPA is Ambiguous About Cloud. Your Response Shouldn’t Be.

Blog Published: 12/18/2019

This article was originally published on Fugue's blog here.By Drew Wright, Co-Founder of Fugue On January 1, 2020, the California Consumer Privacy Act (CCPA), California’s answer to GDPR, goes into effect. Like GDPR, the CCPA is delivering anxiety and dread to executives, marketers, compliance...

Cloud Security Alliance Announces Speakers for CSA Summit at RSA Conference 2020

Press Release Published: 12/17/2019

Security experts and thought-leaders from Goldman Sachs, National Security Agency, In-Q-Tel and Intuit Information Security will share their insight and expertiseSEATTLE –Dec. 17, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifica...

Cloud Security Alliance Announces Industry’s First Credential for Cloud Auditing

Press Release Published: 12/04/2019

The Certificate of Cloud Auditing Knowledge (CCAK) allows professionals to demonstrate expertise in auditing cloud computing systemsLas Vegas — Dec. 4, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ...

The Four Pillars of CASB: Visibility

Blog Published: 12/04/2019

By Juan Lugo Product Marketing Manager at BitglassDue to the potential for data leakage in the cloud, the use of CASBs (cloud access security brokers) is needed in order to maintain visibility over data that has gone beyond the reach of on-premises tools. Activity LogsWhen it comes to sensitive d...

What’s a Pseudo Cryptocurrency?

Blog Published: 11/25/2019

By Kurt Seifried, Chief Blockchain Officer, CSAYou may not have yet seen the term “pseudo cryptocurrency,” in fact it (as of 2019-08-22) it only shows up 2030 Google search results and a quarter million without the quotes. So if nobody is using this term, why does it matter?Currently, we have a n...

Digital Transformation, Cybersecurity, Cloud Apps, and Cloud Security

Blog Published: 11/21/2019

By Ben Rice VP Business Development at BitglassWhat you see in the title is what we covered in our latest webinar, but what part of it is really important? All of it? Some? Or is it all just marketing blather that can be ignored? The truth lies in the middle – we are all adopting more cloud in ou...

CSA’s Certificate of Cloud Computing Knowledge Plus Labs Are Now Available on Microsoft Azure Cloud Platform

Press Release Published: 11/20/2019

Expansion gives Microsoft users equal access and functionality on the Azure platformSEATTLE and BERLIN – CSA EMEA CONGRESS – Nov. 20, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cl...

Cloud Security Alliance Health Information Management Working Group Co-Chair Dr. Jim Angle to Present at HIMSS

Press Release Published: 11/20/2019

Attendees will learn best practices to manage the risk inherent with operating modern-day medical devicesSEATTLE – Nov. 20, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud ...

The Four Pillars of CASB: Threat Protection

Blog Published: 11/18/2019

By Juan Lugo Product Marketing Manager at BitglassThreat protection is integral for defense against malware. Oftentimes, months go by without organizations realizing that they have been infected with malware – rather than addressing the problem after the fact, it is best to prevent the attack in ...

​Keeping Up With Changing Technology by Reducing Complexity

Blog Published: 11/15/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, CSA Research Fellow, Assurance Investigatory Fellow, Cloud Security Alliance Fox News reported that in answer to the previous Boeing 737 accidents, the Federal safety officials say, “Boeing should consider how cockpit confusion can slow the res...

4 Common Cloud Misconfigurations & What To Do About Them

Blog Published: 11/14/2019

By Kevin Tatum, IT Security Engineer at ExtraHopIn a recent report, McAfee uncovered the rise of Cloud-Native Breaches and the state of multi-cloud adoption. We'll define the top 4 cloud misconfiguration goofs from their list, how they can affect your organization, and what to do about them.When ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.