All Articles

All Articles
3-2-1, Takeoff. The STARWatch Cloud Security Management Application Has Launched

Blog Published: 02/13/2017

By Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance Compliance, assurance and vendor management are becoming more and more complex and resource-intensive issues, so we created STARWatch, a Software as a Service (SaaS) application designed to provide organizations a centralized...

On Data Privacy Day, Keep Your Data Safe by Identifying the Threats

Blog Published: 01/30/2017

By Rick Orloff, Chief Security Officer, Code42Saturday, January 28th was Data Privacy Day. We’re proud champions of the National Cyber Security Alliance’s focused effort on protecting privacy and safeguarding data. But at Code42, we know that one day isn’t enough. We dedicate an entire month each...

Reviewers Needed: Security Guidance for Critical Areas of Mobile Computing

Article Published: 01/25/2017

Dear Colleagues, The Mobile Working Group is updating the document entitled "Security Guidance for Critical Areas of Mobile Computing" last published in 2012. To streamline the updating process, we are opening a peer review of the 2012 document. We are looking for SMEs to provide feedback on the...

CSA’s Mobile Working Group Seeking New Co-Chair

Article Published: 01/25/2017

The Cloud Security Alliance’s Mobile Working Group is seeking new co-chairs to develop and maintain a research portfolio providing capabilities to lead the crystallization of best practices for mobile security, help industry and government on adoption of best practices, establish liaisons with ot...

CSA releases Quantum-Safe Security Glossary

Blog Published: 01/25/2017

The Cloud Security Alliance's Quantum-Safe Security (QSS) Working Group announces their latest release with the Quantum-Safe Security Glossary. The QSS Working Group was formed to address key generation and transmission methods and to help the industry understand quantum-safe methods for protec...

STAR- A Window to the Cloud

Blog Published: 01/20/2017

By Raj Samani, Chief Technology Officer/EMEA, Intel Security We are all going to live in the cloud. Well that is what every study, and forecast tells us. From our clash of clans villages, to our connected cars we can expect all of our data to be hosted in an unmarked data center in a town that w...

People Are Not IP Addresses…So Why Do Security Solutions Think They Are?

Blog Published: 01/18/2017

By Jason Garbis, Vice President of Products, Cryptzone Attackers are erasing database contents and replacing them with a note demanding Bitcoin ransom payment for restoration. It also appears that victims who pay are often not getting their data back, and that multiple attackers are overwriting ...

Windows 10 Steps Up Ransomware Defense

Blog Published: 01/17/2017

By Jeremy Zoss, Managing Editor, Code42 Here’s some good news for the countless businesses getting ready for the migration to Windows 10: Microsoft recently announced that its Windows 10 Anniversary Update features security updates specifically targeted to fight ransomware. No defense is compl...

Open Peer Review: Cloud Security Services Management Working Group Charter

Article Published: 01/13/2017

The Cloud Security Alliance would like to invite you to review and comment on the proposed Cloud Security Services Management Working Group Charter. It is well acknowledged that collaboration and coordination among all stakeholders are critical to secure the cloud platform, therefore there is a ...

Open Peer Review: Cloud Component Specifications Working Group Charter

Article Published: 01/13/2017

The Cloud Security Alliance would like to invite you to review and comment on a proposed Cloud Component Specifications Working Group Charter. The working group aims to look at security of Cloud computing at a component level - e.g. hypervisor, virtual desktop infrastructure (VDI) platforms, clou...

Securing the Converged Cloud Takes Center Stage at the Cloud Security Alliance’s Annual CSA Summit at RSA Conference 2017

Press Release Published: 01/13/2017

General Keith Alexander of IronNet Cybersecurity and Robert Herjavec of Herjavec Group to Keynote at this Year’s Event. Registration Now Open. San Francisco, CA – January 13, 2017 – RSA Conference 2017 -- The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining a...

Long Con or Domino Effect: Beware the Secondary Attack

Blog Published: 01/12/2017

By  Jeremy Zoss, Managing Editor, Code42 Lightning may not strike twice, but cybercrime certainly does. The latest example: A year after the major hack of the U.S. Office of Personnel Management (OPM), cyber criminals are again targeting individuals impacted by the OPM breach with ransomware att...

Six Cloud Threat Protection Best Practices from the Trenches

Blog Published: 01/06/2017

By Ajmal Kohgadai, Product Marketing Manager, Skyhigh Networks As enterprises continue to migrate their on-premises IT infrastructure to the cloud, they often find that their existing threat protection solutions aren’t sufficient to consistently detect threats that arise in the cloud. While secu...

Behavox on course for Level 2 STAR Attestation from the Cloud Security Alliance

Press Release Published: 12/29/2016

Rigorous Third Party Independent Assessment To Validate Company’s Security Posture SEATTLE, WA – December 28, 2016 - The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environme...

CSA’s Big Data Working Group seeking new Co-chairs to develop and maintain Research Portfolio

Article Published: 12/23/2016

The Cloud Security Alliance’s Big Data Working Group is seeking new co-chairs to develop and maintain a research portfolio providing capabilities to lead the crystallization of best practices for security and privacy in big data, help industry and government on adoption of best practices, establi...

Three Lessons From the San Francisco Muni Ransomware Attack

Blog Published: 12/22/2016

By Laurie Kumerow, Consultant, Code42 On Black Friday, a hacker hit San Francisco’s light rail agency with a ransomware attack. Fortunately, this story has a happy ending: the attack ended in failure. So why did it raise the hairs on the back of our collective neck? Because we fear that next tim...

Call for Participation: Contribute to CSA Security Guidance v4.0 Peer Review

Article Published: 12/21/2016

Closing Date: Jan 13th, 2017 The Cloud Security Alliance would like to invite you to review and comment on 12 Domains of the CSA's Security Guidance for Critical Areas of Focus in Cloud Computing. This document acts as a practical, actionable roadmap to individuals looking to safely and securely...

Adding Up the Full Cost of a Data Breach

Blog Published: 12/19/2016

By Nigel Hawthorn, Skyhigh Networks, EMEA Marketing Director Data breaches are happening all the time; often they hit the news for a short while then they are replaced with the latest list of victims, so we thought we’d review a data breach from a year ago and look back at the total cost to the ...

Cyber Insurance Against Phishing? There’s a Catch

Blog Published: 12/15/2016

By Jeremy Zoss, Managing Editor, Code42 If one of your employees gets duped into transferring money or securities in a phishing scam, don’t expect your cyber insurance policy to cover it. And even your crime policy won’t cover it unless you purchase a specific social engineering endorsement. Man...

Standardizing Cloud Security with CSA STAR Certification

Blog Published: 12/14/2016

By Tolga Erbay, Senior Manager, Security Risk and Compliance, Dropbox In early 2014 Dropbox joined the Cloud Security Alliance (CSA). Working with the CSA is an important part of Dropbox’s commitment to security and transparency. In June of 2014 Dropbox achieved Level 1 Certification through ST...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.