Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Cloud Security Alliance Study Finds While CASB Demand Is High, Additional Education Is Needed to Clarify Cloud Security Goals

Press Release Published: 08/11/2020

More training, clear goals are needed to ensure companies get full effectiveness of cloud security access broker productsSEATTLE – Aug. 11, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure ...

What Schrems 2 Means for your Privacy Shield Program

Blog Published: 08/10/2020

By Francoise Gilbert, CEO, DataMinding, Inc.The publication of the EU Court of Justice decision in the Schrems 2 case has left many organizations, worldwide, facing a difficult dilemma. What to do next to ensure the continuity of personal data flows from the European Union or European Economic Ar...

You’ve passed your SOX audit, but is your cloud environment really secure?

Blog Published: 08/10/2020

By Petrina Youhan, Director of Channel Partnerships and Services at HyperproofCloud environments have unique risks that are not fully addressed by SOX. Additionally, while SOX does support good IT control hygiene, the actual scope of a SOX audit leaves out key security principles that are imperat...

Compliance is the Equal and Opposite Force to Digital Transformation…that’s where DevOps comes in

Blog Published: 08/07/2020

By J. Travis Howerton, Co-Founder and CTO, C2 Labs.This blog is shortened version of the original blog published by C2. For the full length post go here. Digital transformation will reshape all businesses, large and small, over the next decade and beyond; driven by the convergence of major techno...

A Better Than Remote Chance – More People Work from Home in Post COVID World

Blog Published: 08/05/2020

By Matt Hines, VP of Marketing at CipherCloud & Neeraj Nayak, Sr. Product Marketing Manager at CipherCloudSummary: New research underlines the fact that more people will likely prefer to work from home, even when the pandemic passes. Security models that better address cloud apps, mobility an...

Upending Old Assumptions in Security

Blog Published: 08/03/2020

By Wendy Nather, Head of Advisory CISOs at DuoEvery time you think you’ve figured out this risk management thing, something else happens to torpedo your hidden assumptions. Remember when we assumed that an IP address was a pretty good indicator of someone’s physical location and origin, so a netw...

Strong MFA: The First Stop on the Path to Passwordless

Blog Published: 07/31/2020

By Andrew Hickey, Director of Content at DuoStrong MFA: The First Stop on the Path to PasswordlessPasswords, the antiquated security mechanism in place since the 1960’s, have since their inception caused user and administrative frustration due to their complexity and frequent resets. As technolog...

CSA’s SECtember Experience to Provide a Month of Vital Expert Briefings

Press Release Published: 07/28/2020

CloudBytes webinar series to guide participants’ race to the cloud, offers CPE creditsSEATTLE – July 28, 2020 – The Cloud Security Alliance (CSA), the global leader of the secure cloud ecosystem, today announced the SECtember Experience (Sept. 8-25), a webinar series that will provide a preview ...

Implementing a Vendor Assessment Platform? Tips for Long-Term Success

Blog Published: 07/27/2020

By the Whistic TeamProactive vendor security is no longer just a buzzword tossed about in InfoSec conversations—it’s a must-have for cloud-based organizations to differentiate themselves from peers and vendors in a competitive landscape. As data security is working its way up the list of corporat...

​Schrems 2 – 12 FAQs Published by the EDPB but Little Practical Guidance

Blog Published: 07/24/2020

By Francoise Gilbert, CEO, DataMinding, Inc.Since the publication of the European Court of Justice (EUCJ) decision in the Schrems 2 case, businesses located on both sides of the Atlantic, and around the world, have been attempting to determine how they should interpret and act upon the decision. ...

Healthcare Big Data in the Cloud Summary

Blog Published: 07/23/2020

By Dr. Jim Angle, Trinity Health, and Alex Kaluza, Cloud Security AllianceIn the modern age of technology and all the ways that it impacts our lives, healthcare is no exception. The use of cloud computing, big data analytics, and the move to consumer-focused health care is changing the way health...

How Hackers Changed Strategy with Cloud

Blog Published: 07/21/2020

By Drew Wright, Co-Founder of FugueOriginally published June 30, 2020 on https://www.fugue.co/blogIf you’re running a workload in the cloud, take a moment to look at the activity logs for your public-facing resources. There’s bad guys there, and they’re probing your cloud infrastructure looking f...

​The Mobile App Testing Landscape

Blog Published: 07/20/2020

Written by: Henry Hu, Co-Chair, MAST Working Group & CTO, Auriga Security, Inc. and Michael Roza, Member, MAST Working GroupCloud computing accelerates the development and real-time use of applications, which drives personal productivity and business agility. However, with the proliferation o...

EU Court of Justice Decision - Privacy Shield Invalidated; Standard Clauses Challenged​​

Blog Published: 07/16/2020

European Court of Justice Schrems 2 Decision Creates Havoc in Global Digital Exchanges: Significant Challenges to Privacy Shield and Standard Contractual Clauses UsersBy Francoise Gilbert, CEO, DataMinding, Inc.For months, the global digital trade community has been awaiting the decision of the E...

Abusing Privilege Escalation in Salesforce Using APEX

Blog Published: 07/16/2020

By Nitay Bachrach, Senior Security Researcher, PolyrizeThis article describes in detail a Salesforce privilege escalation scenario whereby a malicious insider exploits Author Apex permission to take over an organization’s Salesforce account and all data within it. The user abuses the fact that so...

​Understanding Common Risks in Hybrid Clouds

Blog Published: 07/14/2020

Written by:ZOU Feng, Co-Chair, Hybrid Cloud Security WG & Director of Cloud Security Planning and Compliance, HuaweiNarudom ROONGSIRIWONG, Co-Chair, Hybrid Cloud Security WG & SVP and Head of IT Security, Kiatnakin BankGENG Tao, Senior Engineer of Cloud Security Planning and Compliance, H...

​Securing the multi-cloud environment through CSPM and SSPM

Blog Published: 07/13/2020

By the CipherCloud TeamMisconfigurations are the biggest cause of data breaches in the cloud, exposing more than 33 billion records and costing companies close to $5 trillion in 2018 and 2019. - DivvyCloudIt took decades to convince IT leaders to move to the cloud. In the initial years, cloud ado...

Cryptocurrencies, Digital assets, Tokens and Blockchain maturity is coming soon

Blog Published: 07/10/2020

By Kurt Seifried, Chief Blockchain Officer, CSTautology - a statement that is true by necessity or by virtue of its logical form.Blockchains are going to rapidly gain maturity because people are using blockchains, because they are rapidly gaining maturity. Essentially we’re at the inflection poin...

What Does Proactive Vendor Security Mean?

Blog Published: 07/10/2020

By the Whistic TeamAs an InfoSec professional, you have probably heard the term “proactive vendor security” tossed around. But what exactly does proactive vendor security mean?Looking for a deeper meaningOn the surface, proactive is the opposite of reactive. Instead of waiting around for issues, ...

Night of the Living Cloud (aka CSA Federal Summit) Part 1 of 2

Blog Published: 07/09/2020

By Jim Reavis, Co-founder and Chief Executive Officer, CSAIf you want to get a feel for what the zombie apocalypse might be like, I highly recommend taking a business trip right now. It provides a surreal experience without the hassle of someone trying to eat your brains. It was thus for me as I ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
112
113
114
116
118
119
120
Last »