All Articles

All Articles
Cloud Security Alliance Congress EMEA 2019 Call for Papers 
Deadline Extended

Press Release Published: 07/02/2019

Papers examining new frontiers accelerating change in information security are sought Berlin, Germany – June 26, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing...

Using The CAIQ-Lite to Assess Third Party Vendors

Blog Published: 07/01/2019

By Dave Christiansen, Marketing Director, WhisticThe mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t disag...

What is a CASB and How Do You Even Say It?

Blog Published: 06/26/2019

Caleb Mast, Regional Sales Director, Bitglass These are some of the questions that I asked as I went through the recruiting process with Bitglass. My goal was to understand the product completely before going out and pitching it to prospective clients. So, what exactly is a Cloud Access S...

How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?

Blog Published: 06/24/2019

By Jim de Haas, cloud security expert, ABN AMRO Bank This whitepaper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it ...

Cloud Security Alliance Releases Cloud Octagon Model to Facilitate Cloud Computing Risk Assessment

Press Release Published: 06/24/2019

Innovative model challenges enterprises to investigate risk from perspective other than that of the cloud service provider SEATTLE – June 24, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help en...

Will Hybrid Cryptography Protect Us from the Quantum Threat?

Blog Published: 06/17/2019

By Roberta Faux, Director of Advance Cryptography, BlackHorse SolutionsOur new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybrid Crypto...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Blog Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security AllianceCloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP)...

Security Spotlight: G Suite User Passwords Stored in Plaintext

Blog Published: 06/06/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:   G Suite User Passwords Stored in Plaintext Since 2005Contact Data of Millions of Instagram Influencers ExposedRogue Iframe Phishing Used to Steal Payment Card InformationLon...

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)

Blog Published: 05/28/2019

In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials, to how to prepare, to the details of the exam, including a module breakdown, passing rates, format etc. Below is an infographic highlighting the main topics we'll be discu...

What Will Happen If Encryption Used to Protect Data in Corporations Can Be Broken?

Blog Published: 05/23/2019

By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching using quantum...

Happy Birthday GDPR! – Defending Against Illegitimate Complaints

Blog Published: 05/22/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going t...

New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Blog Published: 05/21/2019

By Hillary Baron, Research Analyst, Cloud Security AllianceCSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the survey of 700 IT a...

Cloud Security Alliance Study Identifies New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Press Release Published: 05/21/2019

Holistic cloud visibility and control over increasingly complex environments are essential for successful deployments in various cloud scenarios SEATTLE – May 21, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of b...

Financial Services: Counting on CASBs

Blog Published: 05/20/2019

By Will Houcheime, Product Marketing Manager, Bitglass Financial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to em...

"Collection #1" Data Breach

Blog Published: 05/15/2019

By Paul Sullivan, Software Engineer, Bitglass News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for en...

Registration Opens for Cloud Security Alliance Congress EMEA 2019

Press Release Published: 05/13/2019

Agenda to mix presentations and topical discussions on research, development, practice, and requirements related to cloud security Berlin, Germany – May 13, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best p...

Survey Says: Almost Half of Cloud Workloads Not Controlled by Privileged Access

Blog Published: 05/10/2019

By Nate Yocom, Chief Technology Officer, Centrify For the past few years, Centrify has been using a statistic from Forrester to demonstrate the importance of protecting privileged accounts, which estimates that 80 percent of data breaches involve privileged credentials. This first showed up ...

Cloud Security Alliance Releases Cloud Operating System (OS) 
Security Specification Report

Press Release Published: 05/07/2019

The first international research report to define technical requirements for cloud OS security specifications and to address their importanceSINGAPORE – May 8, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices ...

Cloud Security Alliance Releases Software-Defined Perimeter Architecture Guide

Press Release Published: 05/07/2019

Document offers a better understanding of how SDP architecture works and can be deployed in unique situations SEATTLE – May 7, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a se...

AWS Cloud: Proactive Security and Forensic Readiness – Part 5

Blog Published: 05/02/2019

By Neha Thethi, Information Security Analyst, BH Consulting Part 5: Incident Response in AWS In the event your organization suffers a data breach or a security incident, it’s crucial to be prepared and conduct timely investigations. Preparation involves having a plan or playbook at han...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.