Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Vulnerability Data
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Vulnerability Data
Top Threats
View all topics
Cloud 101CircleEventsBlog
Sign In
Register now for CSA’s free Virtual AI Summit taking place January 17-18th

All Articles

Home
All Articles
Cloud Security Alliance Expands CCSK Training Program

Press Release Published: 06/25/2014

CSA selects HP as Master Training Partner for China and Japan Seattle, WA – June 17, 2014 – The Cloud Security Alliance (CSA) today announced that in recognition of the success and growth of the CSA Certificate of Cloud Security Knowledge (CCSK) Certification training program conducted by HP, t...

The 5 Steps to Prepare for a PCI Assessment

Blog Published: 06/19/2014

Preparing for a Payment Card Industry (PCI) compliance assessment is a major task for any size organization. However, companies that store, process, or transmit credit card transactions are required to comply with PCI's Data Security Standards (DSS). PCI DSS includes up to 13 requirements that sp...

Security as a Service (SecaaS) Working Group 2014 Kick-Off Call

Press Release Published: 06/16/2014

The Security as a Service (SecaaS) Working Group will be kicking off their latest research efforts on: Monday June 16th at 9:00am PDT (GMT-7) (Meeting details are below) The latest developments will be towards an updated "Defined Categories of Service v2.0" and includes: Proposals for new...

OpenSSL CCS Injection Vulnerability Countdown

Blog Published: 06/16/2014

By Krishna Narayanaswamy, Netskope Chief ScientistOn June 5, researchers discovered an OpenSSL vulnerability (CVE-2014-0224) that could result in a man-in-the-middle attack exploiting some versions of OpenSSL. Called the OpenSSL Change Cipher Spec (CCS) Injection, this vulnerability requires that...

Virtualization Working Group 2014 Kick-Off Call

Press Release Published: 06/13/2014

The Cloud Security Alliance Virtualization Working Group is seeking volunteers to participate in developing and maintaining a research portfolio providing capabilities to assist the cloud provider industry in research of the combined virtualized operating systems and future technologies. The grou...

TweetDeck — Just another hack or a missed opportunity to tighten cloud security?

Blog Published: 06/13/2014

June 12, 2014By Harold Byun, Senior Director of Product Management, Skyhigh Networks The recent TweetDeck hack on Twitter presents a common cloud dilemma for information security teams. On the one hand, the BYOX trends that drive cloud service adoption and worker self-enablement are transform...

DON’T GET SNOWDENED: 5 QUESTIONS EVERY CEO SHOULD ASK THEIR CIO / CISO

Blog Published: 06/05/2014

By Sekhar Sarukkai, Founder, VP of EngineeringSkyhigh NetworksToday is the 1-year anniversary of the historic Snowden disclosure. In the year since the first stories about Edward Snowden appeared, one of the lasting affects of the scandal is a heightened awareness of the risk posed by rogue insi...

The Evolution of Threats against Keys and Certificates

Blog Published: 06/05/2014

By George Muldoon, Regional Director, Venafi In my blog post about the Heartbleed hype, I stress that threats against keys and certificates neither started with the Heartbleed vulnerability, nor certainly will end with it. Threats specifically against keys and certificates go back to 2009 and 20...

The Cloud Multiplier Effect on Data Breaches

Blog Published: 06/04/2014

by Krishna Narayanaswamy, Chief Scientist at NetskopeAll of the things we love about cloud and SaaS apps can also put us at risk of a data breach. First, we love that we can get our favorite apps quickly and easy without having to answer to anyone. This leads to massive app growth, usually of inh...

Heartbleed Hype Left Enterprises Uninformed

Blog Published: 06/03/2014

By George Muldoon, Regional Director, Venafi In early April, the vulnerability known simply as “Heartbleed” became the latest rage. During the first week after discovery, the mainstream media aggressively reported on Heartbleed, stirring up a tornado of fear, uncertainty, and doubt amongst all I...

Too Many Employees Ignore BYOD Security

Blog Published: 06/02/2014

By Nina Seth, AccellionConsidering the risks that BYOD mobile activity can pose to enterprises, CIOs have a right to be dismayed by two recent surveys showing just how little some employees care about protecting data on mobile devices.A recent survey by Centrify found that: 43% have accessed se...

5 Ways to Prevent Unauthorized Access of Misused Mobile Certificates

Blog Published: 05/28/2014

By Patriz Regalado, Product Marketing Manager, Venafi Mobile devices and mobile applications are becoming more dangerous threat vectors against the corporate network. Android devices seem to be continually under attack with new reports of malware appearing at an astounding rate of 197% from 2012...

Join CSA at Black Hat 2014 – Registration Discounts for Members

Press Release Published: 05/27/2014

We invite CSA members to join us at Black Hat 2014 taking place August 2-7 at the Mandalay Bay in Las Vegas. Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, it will bring together the brightest in the wor...

CSA APAC Update

Press Release Published: 05/21/2014

1) Cloud Vulnerabilities Working Group Founded by the CSA APAC region in May 2013, the CSA Cloud Vulnerabilities Working Group (CVWG) is a global work group chartered to conduct research in the area of cloud computing vulnerabilities, with the goals of understanding and educating the classificati...

Volunteer Spotlight: Henry St Andre

Press Release Published: 05/21/2014

Henry St. Andre’s work in the IT and telecom industries dates back to the divestiture of AT&T and the creation of the competitive long distance industry. Henry spent those years in operations managing network operation centers. In 2003, Henry went to work for inContact, a cloud provider of co...

Cloud Security Alliance Opens Registration for CSA Congress 2014

Press Release Published: 05/19/2014

Special Pricing Offered for Early Registration to Event Covering All Aspects of Privacy and Cloud Security Seattle, WA – May 19, 2014 – The Cloud Security Alliance (CSA) today announced the opening of registration for its annual CSA Congress 2014 scheduled to take place September 17-19, 2014, a...

Cloud Security Alliance Announces China Representative Office, Forms Strategic Partnership With China Government-Academia-Industry Partners, And Expands Its Chinese Corporate Members.

Press Release Published: 05/19/2014

CSA Makes Strong Long-Term Commitments in China Beijing – May 19, 2014 – The Cloud Security Alliance (CSA) today held a special event to announce the establishment of the new CSA China Representative Office in Beijing. The CSA also signed a total of seven strategic partnership agreements with m...

Have You Budgeted for the Next Heartbleed?

Blog Published: 05/15/2014

By Gavin Hill, Director/Product Marketing and Threat Intelligence, Venafi Last month the Heartbleed vulnerability took the world by storm. IT groups across the globe scrambled to patch systems that were susceptible to the OpenSSL vulnerability known as Heartbleed. Y2K—the millennium bug—has been...

SOC in 5 Simple Steps

Blog Published: 05/09/2014

By Ryan Dean, Senior AssociateBrightLineAs an audit firm, we are frequently contacted by service organizations that know they need a SOC report (usually by way of a client request), but don’t know where to begin. With that in mind, I have broken down the process of obtaining a SOC report into fiv...

CLOUD SECURITY INNOVATORS – Q+A WITH GEORGE DO, CISO, EQUINIX

Blog Published: 05/07/2014

April 30, 2014 By Brandon Cook, director of product marketing (@BCookshow) Skyhigh Networks We are incredibly excited to feature a Q+A session with George Do, CISO of Equinix, as the first in our new monthly Skyhigh Networks Cloud Security Innovators blog series. Every month we will inter...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
129
130
131
133
135
136
137
Last »