The 7 Deadly Sins of Cloud Data Loss Prevention
Blog Published: 10/10/2014
By Chau Mai, Senior Product Marketing Manager, Skyhigh NetworksIt’s good to learn from your mistakes. It’s even better to learn from the mistakes of others. Skyhigh has some of the security world’s most seasoned data loss prevention (DLP) experts who’ve spent the last decade building DLP solution...
PCI Business-as-Usual Security—Best Practice or Requirement?
Blog Published: 10/08/2014
By Christine Drake, Senior Product Marketing Manager, VenafiWhen attending the 2014 PCI Community Meetings in Orlando in early September, the PCI SSC kicked off the conference with a presentation by Jake Marcinko, Standards Manager, on Business-as-Usual (BAU) compliance practices. The PCI DSS v3,...
The Ability to Inspect What You Didn’t See
Blog Published: 10/07/2014
By Scott Hogrefe, Senior Director, NetskopeContent inspection has come a long way in the past several years. Whether it is our knowledge and understanding of different file types (from video to even the most obscure) or the reduction of false positives through proximity matching, the industry has...
4 Lessons Learned From High Profile Credit Card Breaches
Blog Published: 10/07/2014
By Eric Sampson, Manager and QSA Lead, BrightLineThe media has been filled with stories of high profile credit card breaches, including those from Target, Neiman Marcus, P.F. Chang’s and most recently Home Depot. Details on the Home Depot breach are still emerging, but the details around the Targ...
Was the Cloud ShellShocked?
Blog Published: 10/06/2014
By Pathik Patel, Senior Security Engineer, Skyhigh NetworksInternet security has reached the highest defcon level. Another day, another hack – the new bug on the scene known as “Shellshock” blew up headlines and Twitter feeds.Shellshock exposes a vulnerability in Bourne Again Shell (Bash), the wi...
2015 PCI SIG Presentations—Rallying the Vote for Securing Keys and Certificates
Blog Published: 10/03/2014
By Christine Drake, Senior Product Marketing Manager, VenafiAt the 2014 PCI Community Meetings in Orlando, the 2014 PCI Special Interest Groups (SIGs) provided updates on their progress and presentations were given on the 2015 PCI SIG proposals in hopes of getting votes to become 2015 PCI SIG pro...
Software Defined Perimeter (SDP) Prevailing after Hackathon Kickoff at Cloud Security Alliance Congress 2014
Press Release Published: 10/02/2014
14 Days Left to Attempt Breach of SDP Protected Public Cloud and Earn a Prize of $10,000 San Jose, CA – October 2, 2014 - The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today ann...
CSA Congress Recap Roundup
Blog Published: 10/01/2014
Last week the CSA Congress and IAPP Privacy Academy in San Jose, California. It was the Cloud Security Alliance's first time to partner with IAPP for their respective events. It was a successful event where cloud security and privacy professionals were able to rub elbows and learn best practices ...
The Shared Burden of Cloud Data Security & Compliance
Blog Published: 10/01/2014
By Gerry Grealish, Chief Marketing Officer, PerspecsysData security remains a top concern for enterprises deploying popular cloud applications. While most will instinctively think of cloud data security and compliance as being handled only by IT departments, many enterprises are realizing that al...
Why Dyre Is Different and What It Means for Enterprises
Blog Published: 09/30/2014
By Bob West, Chief Trust Officer, CipherCloudThe Dyre Trojan, which salesforce.com warned its customers about earlier this month, shows that cyber criminals have found a brand new way to target cloud applications.It is the first known malware tool to deliberately target an enterprise cloud provid...
SSL Vulnerabilities in Your Mobile Apps: What Could Possibly Go Wrong?
Blog Published: 09/29/2014
By Patriz Regalado, Product Marketing Manager, VenafiThe majority of people and consumers don’t usually think about security and data privacy when they log into their mobile banking app, take a photo of the check, and make a mobile deposit directly into their account. Nor do they think about secu...
Survey Opportunitiy: Cloud Adoption in the Finance Industry
Press Release Published: 09/25/2014
Due to its particular nature, financial institutions have adopted Information and Communication Technologies throughout its entire business value chain. Advanced and convenient technologies, along with the trust of customers on established institutions have induced a great adoption of very popula...
Enabling Secure Collaboration and Compliance by Mitigating Increasing Information Risks (Part 2 of 2)
Blog Published: 09/25/2014
By Robert F. Brammer, Ph.D., Chief Strategy Officer at Brainloop, Inc.In my previous post, I addressed three major trends that play an immense role in cybersecurity initiatives. These trends include the growth of digital business, information risks, and regulatory requirements. In this post, I’ll...
Worse than Heartbleed?
Blog Published: 09/24/2014
Jim Reavis, Cloud Security AllianceToday at 10am EST a vulnerability in the command shell Bash was announced (http://seclists.org/oss-sec/2014/q3/649 and http://seclists.org/oss-sec/2014/q3/650). Bash is a local shell, it doesn't handle data supplied from remote users, so no big deal right? Wrong...
Enabling Secure Collaboration and Compliance by Mitigating Increasing Information Risks (Part 1 of 2)
Blog Published: 09/24/2014
By Robert F. Brammer, Ph.D., Chief Strategy Officer at Brainloop, Inc.The growth of digital business, information risks, and regulatory requirements are major global business trends that have an immense impact on cybersecurity. These trends are prevalent throughout a broad range of industries – i...
New Cloud Security Alliance Survey Reveals Emerging International Data Privacy Challenges
Press Release Published: 09/23/2014
73% of Respondents Call for Global Consumer Bill of Rights Around Data Privacy Seattle, WA – September 23, 2014 – According to a new survey from the Cloud Security Alliance there is a growing and strong interest in harmonizing privacy laws towards a universal set of principles. Released today...
New CSA Survey Reveals Emerging International Data Privacy Challenges; Discrepancies Illustrate the Demand for Data Protection Harmonization
Blog Published: 09/23/2014
By Evelyn de Souza,Data Privacy and Compliance Leader, Cisco SystemsAccording to a new survey from Cloud Security Alliance sponsored by Cisco, there is a growing and strong interest in harmonizing privacy laws towards a universal set of principles. Findings include overwhelming support for a glob...
The Cloud Perception-Reality Gap Lives On in CSA Survey
Blog Published: 09/22/2014
by Krishna Narayanaswamy, Netskope Chief ScientistI thought we had moved beyond the cloud app perception-reality gap.Shadow IT has been a topic of much conversation in the media, at conferences, and among our customer and partner communities for the past several years. Gartner highlighted the iss...
Cloud Security Alliance Announces Annual Ron Knode Service Award Recipients
Press Release Published: 09/19/2014
Contributions from Six Dedicated Individual CSA Volunteers Recognized in Honor of the Late CSA Member and Volunteer Contributor Ron Knode San Jose, CA – CSA CONGRESS 2014 - September 19, 2014 –The Cloud Security Alliance (CSA) today announced the recipients of its third annual Ron Knode Service...
Call for Volunteers: Critical Areas of Focus in Cloud Computing/Guidance v4
Blog Published: 09/19/2014
By J.R. Santos, CSA Global Research DirectorToday at our annual CSA Congress in San Jose, we are announcing a formal recruitment effort for volunteers to help develop the next Critical Areas of Focus in Cloud Computing Guidance, version 4.This is among the most important guidance documents the CS...
