All Articles

All Articles
Volunteers Needed: Application Containers and Microservices Working Group

Article Published: 06/07/2018

The CSA Application Containers and Microservices Working Group is searching for volunteers to participate in the development of whitepapers on best practices and challenges in securing containers and microservices. If you are interested in being part of these projects, please sign up for the wo...

Cloud Security Trailing Cloud App Adoption in 2018

Blog Published: 06/06/2018

By Jacob Serpa, Product Marketing Manager, Bitglass In recent years, the cloud has attracted countless organizations with its promises of increased productivity, improved collaboration, and decreased IT overhead. As more and more companies migrate, more and more cloud-based tools arise. In its ...

Five Cloud Migration Mistakes That Will Sink a Business

Blog Published: 06/05/2018

By Jon-Michael C. Brook, Principal, Guide Holdings, LLC Today, with the growing popularity of cloud computing, there exists a wealth of resources for companies that are considering—or are in the process of—migrating their data to the cloud. From checklists to best practices, the Internet teems w...

Cloud Security Alliance Issues Code of Conduct Self-Assessment and Certification Tools for GDPR Compliance

Press Release Published: 06/05/2018

New mechanisms offer vested parties structured, transparent path to meeting personal data protection requirements SEATTLE, WA and LONDON – JUNE 5, 2018 – InfoSecurity Europe Conference - The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, cert...

Cybersecurity and Privacy Certification from the Ground Up

Blog Published: 06/04/2018

By Daniele Catteddu, CTO, Cloud Security Alliance The European Cybersecurity Act, proposed in 2017 by the European Commission, is the most recent of several policy documents adopted and/or proposed by governments around the world, each with the intent (among other objectives) to bring clarity to...

Prepare to Take (and Ace) the CCSK Exam at Infosecurity Europe

Blog Published: 05/31/2018

By Ryan Bergsma, Training Program Director, Cloud Security Alliance Here’s a riddle for you. It’s been called the “mother of all cloud computing security certifications” by CIO Magazine. Search Cloud Security said it’s “a good alternative cloud security certification for an entry-level to midran...

Bitglass Security Spotlight: Twitter, PyRoMine, & Stresspaint

Blog Published: 05/31/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —Twitter exposes user credentials in plaintext —PyRoMine mines Monero and disables security —Stresspaint malware hunts Facebook credentials —MassMiner malware mines cryptocurrency —Access...

Open Survey: Enterprise Resource Planning and Cloud Adoption Survey

Article Published: 05/29/2018

In February, the Cloud Security Alliance released ”The State of ERP Security in the Cloud” to provide IT and management professionals with a sound overview of cloud security for ERP systems. The following survey will attempt to better understand cloud preparation and migration, features and benef...

CCSK Certification vs AWS Certification – A Definitive Guide

Blog Published: 05/28/2018

By Graham Thompson, CCSK, CCSP, CISSP, Authorized Trainer, Intrinsec Security I was recently asked about CCSK certification vs AWS certification and which one should be pursued by someone looking to getting into cloud security. This post tries to address the question “which cloud certification ...

How ChromeOS Dramatically Simplifies Enterprise Security

Blog Published: 05/25/2018

By Rich Campagna, Chief Marketing Officer, Bitglass Google's Chromebooks have enjoyed significant adoption in education, but have seen very little interest in the enterprise until recently. According to Gartner's Peter Firstbrook in Securing Chromebooks in the Enterprise (6 March 2018), a survey...

What If the Cryptography Underlying the Internet Fell Apart?

Blog Published: 05/23/2018

By Roberta Faux, Director of Research, Envieta Without the encryption used to secure passwords for logging in to services like Paypal, Gmail, or Facebook, a user is left vulnerable to attack. Online security is becoming fundamental to life in the 21st century. Once quantum computing is achieved,...

Cloud Security Alliance Releases The State of Post-Quantum Cryptography

Press Release Published: 05/23/2018

Report offers an overview of challenges involved with future of data security SEATTLE, WA – May 23, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing enviro...

Surprise Apps in Your CASB PoC

Blog Published: 05/21/2018

By Rich Campagna, Chief Marketing Officer, Bitglass Barely five years old, the Cloud Access Security Broker (CASB) market is undergoing its second major shift in primary usage. The first CASBs to hit the market way back in 2013-2014 primarily provided visibility into Shadow IT. Interest in that ...

Majority of Australian Data Breaches Caused by Human Error

Blog Published: 05/18/2018

By Rich Campagna, Chief Marketing Officer, Bitglass It wasn't long ago that the first breach under the Office of the Australian Information Commissioner's (OAIC) Privacy Amendment Bill was made public. Now, OAIC is back with their first Quarterly Statistics Report of Notifiable Data Bre...

Bitglass Security Spotlight: LinkedIn, Vector, and AWS

Blog Published: 05/17/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —LinkedIn security gap exposes users' data —Vector app reveals customers' information —AWS misconfiguration makes LocalBlox user information public —New malware steals data via power line...

Cloud Security Alliance Announces FedSTAR, a New Joint Certification System with FedRAMP

Press Release Published: 05/14/2018

System to be based on a common framework for deployment, use and maintenance 
Seattle, WA– May 14, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, tod...

Bob Gourley to Speak on Nation State Attacks at CSA Federal Summit 2018

Press Release Published: 05/11/2018

Joins world-class speaker line-up of federal and cybersecurity experts 
 Seattle, WA – May 11, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announc...

Orbitz: Why You Can't Secure Data in the Dark

Blog Published: 05/11/2018

By Jacob Serpa, Product Marketing Manager, Bitglass On March 1, 2018, Orbitz discovered that a malicious party may have stolen information from one of its legacy platforms. The compromised platform housed Orbitz customer information such as mailing addresses, phone numbers, email addresses, and ...

Cloud Security Alliance Announces Federal Summit 2018 Speaker Line-up

Press Release Published: 05/10/2018

Presentations to focus on how agencies can shift to a secure cloud 
for mission critical systems Seattle, WA – May 9, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computi...

baseStriker: Office 365 Security Fails To Secure 100 Million Email Users

Blog Published: 05/10/2018

By Yoav Nathaniel, Customer Success Manager, Avanan We recently uncovered what may be the largest security flaw in Office 365 since the service was created. Unlike similar attacks that could be learned and blocked, using this vulnerability hackers can completely bypass all of Microsoft’s securit...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.