All Articles

All Articles
NEW! Quantum Safe Security Awareness Survey

Article Published: 07/07/2016

Quantum Safe Security Awareness Survey The goal of this survey is to collect information from security professionals on their awareness of quantum safe issues and the approaches that can be used to address them. The results of the survey will be disseminated by the CSA and will be available on t...

No More Excuses – Time to Get a Grip On Your Cloud Security

Blog Published: 07/07/2016

Rolf Haas, Enterprise Technology Specialist/Network Security and Content Division, Intel Security Cloud use continues to grow rapidly in the enterprise and has unquestionably become a part of mainstream IT – so much so that many organizations now claim to have a “cloud-first” strategy. That's b...

Google’s Gerhard Eschelbeck to Keynote at Cloud Security Alliance Congress US at Privacy.Security.Risk Conference

Press Release Published: 07/06/2016

Registration Now Open for the Industry’s Premier Gathering for Cloud Education and Best Practices San Jose, CA – July 6, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computin...

Shock Treatment: Combatting Infosec Negligence

Blog Published: 07/06/2016

By Peter Wood, Cyber Security Consultant, Code42 Boring training videos, box-ticking to meet regulations, blacklisting software at the expense of productivity: large enterprise has been reliant on these methods of “cyber security control” for too long. They are outdated and don’t work. Cyber cri...

FedRAMP High Baseline Requirements Published

Blog Published: 07/01/2016

By Abel Sussman, Director, TAAS–Public Sector and Cyber Risk Advisory, Coalfire The Federal Risk and Authorization Management Program (FedRAMP) Project Management Office officially released its High baseline for High impact-level systems. This baseline is at the High/High/High categorization lev...

Microsoft Azure Closes IaaS Adoption Gap with Amazon AWS

Blog Published: 06/29/2016

Percentage of Enterprise Computing Workloads in the Public Cloud Expected to Reach 41.05% This Year By Cameron Coles, Director of Product Marketing, Skyhigh Networks Industry analyst firm Gartner predicts that the infrastructure as a service (IaaS) market will grow 38.4% in 2016 to reach $22.4 b...

Cloud Security Alliance Issues New Paper on Understanding Quantum Random Number Generators

Article Published: 06/27/2016

The Cloud Security Alliance (CSA) today announced the availability of a new research brief from the Quantum-Safe Security (QSS) Working Group titled Quantum Random Number Generators, a whitepaper that looks to detail the impact of randomness on security in an effort to develop the building blocks...

Little Bits of Security – Micro-Segmentation in Clouds

Blog Published: 06/27/2016

By Darren Pulsipher, Enterprise Solution Architect, Intel Corp. Cloud environments have made some things much easier for development teams and IT organizations. Self-service portals have cut down the amount of “hands on” intervention to spin up new environments for new products. Provisioning of ...

Verizon DBIR Says You Can’t Stop the Storm—But You Can See It Coming

Blog Published: 06/22/2016

By Susan Richardson, Manager/Content Strategy, Code42 The 2016 Verizon Data Breach Investigations Report (DBIR) paints a grim picture of the unavoidable enterprise data breach. But accepting the inevitability of breaches doesn’t mean accepting defeat. It’s like severe weather: you can’t prevent ...

Why You Need a Multi-Layer Approach to Public Cloud Security

Blog Published: 06/20/2016

By Scott Montgomery, Vice President & Chief Technical Strategist, Intel Security Group Would you hand your house keys to a total stranger and then go away on vacation for two weeks? Probably not, but that’s precisely what some businesses do when they move applications and data to the public ...

Confident Endpoint Visibility Responds to Modern Data Protection Problems

Blog Published: 06/17/2016

By Joe Payne, President and CEO, Code42 Consumer tech adoption has outpaced tech evolution in business for more than ten years. SaaS and cloud solutions, new apps and devices are at the disposal of empowered workers, making it very easy for employees to get what they need to work anywhere or—des...

More Than One-Fourth of Malware Files “Shared”

Blog Published: 06/15/2016

By Krishna Narayanaswamy, Chief Scientist, Netskope Last week, Netskope released its global Cloud Report as well as its Europe, Middle East and Africa version highlighting cloud activity from January through March of 2016. Each quarter we report on aggregated, anonymized findings such as top use...

Securing the Hybrid Cloud: What Skills Do You Need?

Blog Published: 06/14/2016

By Brian Dye, Corporate Vice President & General Manager/Corporate Products, Intel Security Group With enterprises moving to hybrid cloud environments, IT architectures are increasingly spread among on-premises infrastructure and public and private cloud platforms. Hybrid models offer many w...

Leaky End Users Star in DBIR 2016

Blog Published: 06/10/2016

By Susan Richardson, Manager/Content Strategy, Code42 Insider threat once again tops the list of enterprise cyber security threats in the 2016 Verizon Data Breach Investigations Report (DBIR). For the second straight year, Verizon research showed that the average enterprise is less likely to hav...

Filling the Cloud Security IT Skills Gap... and Preventing Attrition

Blog Published: 06/08/2016

By Brian Dye, Corporate Vice President & General Manager/Corporate Products, Intel Security Group With all the various cloud services being offered in multiple deployment options, coupled with the 500,000 new security threats discovered daily, the strain on IT staff has never been greater. T...

Data Privacy and Digital Transformation Survey in English, Español, and Português

Article Published: 06/07/2016

Prizes include: 10 CCSK Tokens, 100 $20 Amazon Gift Cards, and a Ring Video Doorbell. Data Privacy and Digital Transformation Cloud-based technologies are driving digital transformation, but new data privacy regulations are hampering adoption. We’d like to understand how you and your organizati...

Five Telltale Signs You Don’t Have the Latest Backup System

Blog Published: 06/02/2016

By Susan Richardson, Manager/Content Strategy, Code42 It’s Backup Awareness Month—time to take stock of how well your backup system is serving your organization. To help you get started, here are five telltale signs you don’t have the most modern endpoint backup system: 1. You still get Help De...

Open Peer Review: Application Containers and Microservices Charter

Article Published: 06/01/2016

The CSA encourages its community to provide feedback in order to help identify any critical areas which may be missing in this document's focus as it regards to scope, deliverables/activities, and mission. The open review and comments period starts today and ends on Friday, July 1, 2016. We appre...

Open Surveys: Mitigating Risk for Cloud Apps and IT Security in the Age of Cloud

Article Published: 05/26/2016

We have two surveys open. If you have a few minutes and would like to win some cool prizes, consider taking our surveys. Mitigating Risk for Cloud Apps Time: 10-15 minutes Prizes: 10 CCSK tokens and a fun new prize will be added shortly Abstract: Current state of SaaS security - with several y...

Open Peer Review - Big Data Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy

Article Published: 05/26/2016

The Cloud Security Alliance would like to invite you to review and comment on the Big Data working group's latest document, Big Data Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy. This document lists out in detail the best practices that should be followed by ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.