All Articles

All Articles
Cloud Security Alliance Announces 2018 Ron Knode Service 
Award Recipients

Press Release Published: 12/11/2018

Volunteers recognized for dedication, efforts to furthering cloud security best practicesORLANDO – Dec. 11, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment...

Cloud Security Alliance to Develop Holistic Cloud Incident Response Whitepaper

Press Release Published: 12/11/2018

Singapore – 11 December, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, will be developing a holistic Cloud Incident Response Whitepaper. The framework wi...

Keeping Your Boat Afloat with a Cloud Access Security Broker

Blog Published: 12/07/2018

By Prasidh Srikanth, Senior Product Manager, Bitglass If you were on a sinking ship that was full of holes of various sizes, which ones would you patch first? Probably the big ones. Now, consider this: As an enterprise, you’ve been successfully sailing and securing your corporate data on premise...

Development of Cloud Security Guidance, with Mapping MY PDPA Standard to CCM Control Domains, Jointly Developed by MDEC and CSA

Blog Published: 12/06/2018

By Ekta Mishra, Research Analyst/APAC, Cloud Security Alliance The Cloud Security Alliance Cloud Controls Matrix (CCM) provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains. The f...

OneTrust and Cloud Security Alliance Partner to Launch Free Vendor Risk Tool for CSA Members

Blog Published: 12/04/2018

By Gabrielle Ferree, Public Relations and Marketing Manager, OneTrust OneTrust is excited to announce that we have partnered with Cloud Security Alliance to launch a free Vendor Risk Management (VRM) tool. The tool, available to CSA members today, automates the vendor risk lifecycle for compli...

​Cloud Security Alliance and OneTrust Launch Free Vendor Risk Management Tool for CSA Members

Press Release Published: 12/04/2018

Automate the Vendor Risk Management Lifecycle for Compliance with Global Privacy Laws DECEMBER 4, 2018 – SEATTLE – Today the Cloud Security Alliance (CSA) and OneTrust launched a free Vendor Risk Management (VRM) tool to automate the vendor risk lifecycle for compliance with the GDPR, CCPA...

Typical Challenges in Understanding CCSK and CCSP: Technology Architecture

Blog Published: 12/03/2018

By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.comAs cloud computing is becoming increasingly mainstream, more people are seeking cloud computing security certification. Because I teach prep courses for the two most popular certifications—the Certificate of Cloud Securit...

Bitglass Security Spotlight: US Government Breaches Abound

Blog Published: 11/30/2018

By Jacob Serpa, Product Manager, Bitglass Here are the top cybersecurity headlines of recent weeks: —Healthcare.gov breached —US weapons systems contain cybersecurity gaps —Over 35 million US voter records for sale —National Guard faces ransomware attack Healthcare.gov breached 75,000 people...

Documentation of Distributed Ledger Technology and Blockchain Use

Blog Published: 11/27/2018

By Ashish Mehta, Co-chair, CSA Blockchain/Distributed Ledger Working GroupCSA’s newest white paper, Beyond Cryptocurrency: Nine Relevant Blockchain and Distributed Ledger Technology (DLT) Use Cases, aims to identify wider use cases for both technologies beyond just cryptocurrency, an area with wh...

How to Do the Impossible and Secure BYOD

Blog Published: 11/26/2018

By Will Houcheime, Product Marketing Manager, Bitglass The use of cloud tools in the enterprise is becoming increasingly common, enabling employees to collaborate and work incredibly efficiently. On top of this, when employees are allowed to work from their personal devices (known as bring your ...

International Effort with Collaboration Between Cloud Security Alliance and Huawei Culminated in International Standard ISO/IEC 21878

Press Release Published: 11/26/2018

Singapore – November 26, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, is pleased to announce that the international standard ISO/IEC 21878 – Security Gu...

Fixing Your Mis-Deployed NGFW

Blog Published: 11/23/2018

By Rich Campagna, Chief Marketing Officer, Bitglass The Firewall/Next-Gen Firewall has been the cornerstone of information security strategy for decades now. The thing is, changes in network traffic patterns have resulted in most firewalls protecting a smaller and smaller percentage of enterpris...

Weigh in on the Cloud Control Matrix Addenda

Blog Published: 11/20/2018

Dear Colleagues,The Cloud Security Alliance would like to invite you to review and comment on the Cloud Control Matrix (CCM) addenda for the following standards:—German Federal Office for Information Security (BSI) Cloud Computing Compliance Controls Catalogue (C5). (Add your comments to CCM-C5.)...

CCSK Success Stories: Cloud Security Training from a CTO’s Perspective

Blog Published: 11/19/2018

By the CSA Education TeamWe’re kicking off a series on cloud security training today with a Q&A with the Vice President and CTO of Fusion Risk Management, Cory Cowgill. With a background in enterprise software development spanning multiple industries, Cowgill has multiple certifications inclu...

AWS Cloud: Proactive Security and Forensic Readiness – Part 4

Blog Published: 11/16/2018

Part 4: Detective Controls in AWSBy Neha Thethi, Information Security Analyst, BH ConsultingSecurity controls can be either technical or administrative. A layered security approach to protecting an organization’s information assets and infrastructure should include preventative controls, detectiv...

Cloud Security Alliance’s CCSK Wins Cyber Defense Global Award for Leader Cybersecurity Training

Press Release Published: 11/16/2018

SEATTLE, WA – Nov. 16, 2018– The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced that its Certificate of Cloud Security Knowledge (CCSK), the first cr...

Data Breaches on the Rise in Financial Services

Blog Published: 11/14/2018

By Jacob Serpa, Product Marketing Manager, BitglassFinancial services organizations are a prime target for hackers looking to steal and sell valuable data. This is because these firms handle sensitive information known as PII, personally identifiable information, as well as other financial data. ...

Cloud Security Alliance Releases Minor Update to CCM v3.0.1

Blog Published: 11/12/2018

By the CSA Research TeamThe Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) Working Group has released a minor update for the CCM v3.0.1. This update incorporates mappings to IEC 62443-3-3 and BSI Compliance Controls Catalogue (C5).The CCM is specifically designed to provide fundamental...

Cloud Security Alliance Announces the Release of the Spanish Translation of Guidance 4.0

Blog Published: 11/09/2018

By JR Santos, Executive Vice President of Research, Cloud Security Alliance. The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the release of Guida...

Seven Reasons Why Proxy-based CASBs Are Required for Office 365

Blog Published: 11/08/2018

By Rich Campagna, Chief Marketing Officer, Bitglass A competing CASB vendor blogged recently on why proxy-based Cloud Access Security Brokers (CASBs) shouldn't be used for Office 365. The post cites "7 reasons," all of which are variations of just one reason: their CASB breaks each time Microso...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.