All Articles

All Articles
Cloud Security Alliance Launches STAR Continuous, a Compliance Assessment Program for Cloud Service Providers

Press Release Published: 03/04/2019

Chance to align security validation capabilities with cloud security compliance gives enterprises a competitive edge SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best pra...

Cloud Security Alliance Debuts the Knowledge Center, a Comprehensive 
E-Learning Platform

Press Release Published: 03/04/2019

Offers individuals, enterprises high-quality flexible training to complement and enhance knowledge, schedules and budgets SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of bes...

Introducing CAIQ-Lite

Blog Published: 03/01/2019

By Dave Christiansen, Marketing Director, Whistic The Cloud Security Alliance and Whistic are pleased to release CAIQ-Lite beta, a new framework for cloud vendor assessment. CSA and Whistic identified the need for a lighter-weight assessment questionnaire in order to accommodate the sh...

CSA and Whistic Unveil Streamlined Consensus Assessments Initiative Questionnaire (CAIQ)

Press Release Published: 03/01/2019

Beta release of CAIQ-Lite, based on Whistic and CSA research, available for community reviewSeattle – March 1, 2019 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing ...

Five Years of the GitHub Bug Bounty Program

Blog Published: 02/28/2019

By Philip Turnbull, Senior Application Security Engineer, GitHub Image credit: GitHub, This article was originally published by the GitHub team. GitHub launched our Security Bug Bounty program in 2014, allowing us to reward independent security researchers for their help in keeping GitHub ...

Bitglass Security Spotlight: DoD, Facebook & NASA

Blog Published: 02/25/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:  —Cybersecurity vulnerabilities found in US missile system—Facebook shares private user data with Amazon, Netflix, and Spotify—Personal information of NASA employees exposed—C...

Rocks, Pebbles, Shadow IT

Blog Published: 02/19/2019

By Rich Campagna, Chief Marketing Officer, Bitglass Way back in 2013/14, Cloud Access Security Brokers (CASBs) were first deployed to identify Shadow IT, or unsanctioned cloud applications. At the time, the prevailing mindset amongst security professionals was that cloud was bad, and discove...

Rethinking Security for Public Cloud

Blog Published: 02/13/2019

Symantec’s Raj Patel highlights how organizations should be retooling security postures to support a modern cloud environment By Beth Stackpole, Writer, Symantec Enterprises have come a long way with cyber security, embracing robust enterprise security platforms and elevating security ...

Bitglass Security Spotlight: Financial Services Facing Cyberattacks

Blog Published: 02/12/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent months: —Customer information exposed in Bankers Life hack—American Express India leaves customers defenseless—Online HSBC accounts breached—Millions of dollars taken from major Paki...

The 12 Most Critical Risks for Serverless Applications

Blog Published: 02/11/2019

By Sean Heide, CSA Research Analyst and Ory Segal, Israel Chapter Board MemberWhen building the idea and thought process around implementing a serverless structure for your company, there are a few key risks one must take into account to ensure the architecture is gathering proper controls when s...

Deciphering DevSecOps

Blog Published: 02/07/2019

Security needs to be an integral part of the DevOps roadmap. Enterprise Strategy Group’s Doug Cahill shows the way By Beth Stackpole, Writer, Symantec Security has moved to the forefront of the IT agenda as organizations push forward with digital transformation initiatives. At the s...

Bitglass Security Spotlight: Breaches Expose Millions of Emails, Texts, and Call Logs

Blog Published: 02/05/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:  —773 million email accounts published on hacking forum— Unprotected FBI data and Social Security numbers found online — Millions of texts and call logs exposed on unlocked se...

Security Risks and Continuous Development Drive Push for DevSecOps

Blog Published: 01/31/2019

How the need to speed application creation and subsequent iterations has catalyzed the adoption of the DevOps philosophy By Dwight B. Davis, Writer, Symantec The sharp rise in cyber security attacks and damaging breaches in recent years has driven a new mantra among both application de...

CCSK Success Stories: From the Financial Sector

Blog Published: 01/24/2019

By the CSA Education TeamThis is the second part in a blog series on Cloud Security Training. Today we will be interviewing an infosecurity professional working in the financial sector. John C Checco is President Emeritus for the New York Metro InfraGard Members Alliance, as well as an Informatio...

Cloud Security Alliance Celebrates 10th Anniversary at CSA Summit at RSA Conference 2019

Press Release Published: 01/24/2019

IBM, Starbucks, Turner CISOs to Give Keynote Addresses SEATTLE – RSA CONFERENCE 2019 - Jan. 24, 2019 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today a...

CCM Addenda Updates for Two Additional Standards

Blog Published: 01/21/2019

By the CSA CCM Working GroupWe're happy to announce the publication of the updated Cloud Controls Matrix (CCM) Addenda for the following standards: — German Federal Office for Information Security (BSI) Cloud Computing Compliance Controls Catalogue (C5) — ISO/IEC 27002, ISO/IEC 27017 and ISO/IEC ...

New Cloud Security Alliance Study Finds Cybersecurity Incidents and Misconceptions Both Increase as Critical ERP Systems Migrate to Clouds

Press Release Published: 01/14/2019

Seattle, WA – January 11, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the findings from the first research survey on “Enterprise Re...

Cloud Security Alliance, National Technology Security Coalition Release “Streamlining Vendor IT Security and Risk Assessments” Whitepaper

Press Release Published: 12/20/2018

Report advocates for a new approach to how organizations manage risks, achieve assurance, and enable trust in the cloudSEATTLE – Dec. 20, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure...

Addressing the Skills Gap in Cloud Security Professionals

Blog Published: 12/17/2018

By Ryan Bergsma, Training Program Director, CSAOne of the math lessons that has always stuck with me from childhood is that if you took a penny and doubled it every day for a month, it would make you a millionaire. In fact, it wouldn’t even take the whole month, you would be a millionaire on the...

Cloud Security Alliance Announces 2018 Ron Knode Service 
Award Recipients

Press Release Published: 12/11/2018

Volunteers recognized for dedication, efforts to furthering cloud security best practicesORLANDO – Dec. 11, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.