Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
​Keeping Up With Changing Technology by Reducing Complexity

Blog Published: 11/15/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, CSA Research Fellow, Assurance Investigatory Fellow, Cloud Security Alliance Fox News reported that in answer to the previous Boeing 737 accidents, the Federal safety officials say, “Boeing should consider how cockpit confusion can slow the res...

4 Common Cloud Misconfigurations & What To Do About Them

Blog Published: 11/14/2019

By Kevin Tatum, IT Security Engineer at ExtraHopIn a recent report, McAfee uncovered the rise of Cloud-Native Breaches and the state of multi-cloud adoption. We'll define the top 4 cloud misconfiguration goofs from their list, how they can affect your organization, and what to do about them.When ...

The Risk of Unsecured Dev Accounts

Blog Published: 11/13/2019

This article was originally published on Fugue's blog here. By Drew Wright, Co-Founder Fugue Most organizations now recognize the importance of cloud security, likely due in large part to the sharp uptick in cloud-based data breaches resulting from cloud misconfiguration. Achieving and maintain...

CSA Contributes to Key How-To Guidance Documents for Multi-Party Recognition and Continuous Audit-Based Certification

Press Release Published: 11/07/2019

Practical guidelines to innovative framework promoting trust in cloud servicesBERLIN –– Nov. 7, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today annou...

Google’s Potential Claim to the Throne of Quantum Supremacy: What Does it Mean for Cybersecurity?

Blog Published: 11/06/2019

By Roberta Faux, Shamik Kacker, Bruno Huttner, John Hooks, Ron F. del Rosario, Ludovic Perret and John Young A mysterious paper A research paper titled “Quantum Supremacy Using a Programmable Superconducting Processor” briefly appeared last September 21, 2019 on NASA’s Technical Report Server (TR...

CMMC – the New Protocol Droid for DoD Compliance

Blog Published: 11/06/2019

By Doug Barbin - Cybersecurity Practice Leader at Schellman & Company, LLCA long time ago in a galaxy exactly ours…There was 800-171. For some time, the US Department of Defense has been working to revise its funding procurement procedures referred to as the Defense Acquisition Regulation...

3 Technical Benefits of Service Mesh, and Security Best Practices

Blog Published: 11/04/2019

By Ran Ilany, co-founder and CEO for PortshiftOrganizations that implement containers often ask about using a service mesh layer. While this isn’t obligatory by any means, there are many benefits to running a service mesh that makes it the sensible choice for organizations seeking security, effic...

CSA Announces Advanced Cloud Security Practitioner Training, a Highly Technical Hands-on Course for Technical Security Professionals

Press Release Published: 11/04/2019

Program delves deep into practical cloud security, applied DevSecOps for enterprise-scale cloud deployments SEATTLE – Nov. 4, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud comp...

Cloud Security Alliance Releases Anti-DDoS: Software-Defined Perimeter 
As a DDoS Prevention Mechanism

Press Release Published: 10/28/2019

Document examines the operationalization of Software-Defined Perimeter as prevention mechanism against three well-known types of Distributed Denial of Service attacksORLANDO – (ISC)2 Security Congress – Oct. 28, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated ...

Cloud Security Alliance 2019 EMEA Congress Adds Focus on Risk Governance and European Cloud Certification Enablement

Press Release Published: 10/24/2019

William Ochs, Rolf Becker will share insight from 60 years combined experience in banking and cybersecurity risks Berlin, Germany – Oct. 24, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure...

Corporate Contractors and the Requirement for Zero-Trust Network Access

Blog Published: 10/21/2019

By Etay Bogner, VP, Zero-Trust Products Proofpoint and former CEO of Meta NetworksIt’s not a stretch to say that most industries and organizations today have contractors in the mix who need remote access to the company’s network. Yet the traditional virtual private network (VPN) method of enablin...

Introducing Reflexive Security for integrating security, development and operations

Blog Published: 10/14/2019

By the CSA DevSecOps Working Group Organizations today are confronted with spiraling compliance governance costs, a shortage of information security professionals, and a disconnect between strategic security and operational security. Due to these challenges, more and more companies value agility...

Cloud Penetration Testing the Capital One Breach

Blog Published: 10/10/2019

By Alexander Getsin, Lead Author for Cloud Penetration Testing PlaybookAligning the Capital One breach with the CSA Cloud Penetration Testing PlaybookIn March 2019, Capital One suffered a unique cloud breach. 140,000 Social Security numbers and 80,000 linked bank account numbers were exposed, alo...

It's all about the Data! - Preventative Security

Blog Published: 10/08/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceI have always said I am a "data guy." Decisions made with data eliminate all bias, opinions, and ad hoc decisions that cause potential costly moves.In my most recent podcast interview with Phillip Merrick, CEO of Fugue, he di...

Guardians of the Cloud: The Latest Security Findings

Blog Published: 10/07/2019

By Juan Lugo from BitglassWith the emergence of cloud adoption and BYOD in the workplace, companies are experiencing an overwhelming amount of data breaches. This is largely because they are not taking the appropriate steps to secure data in the cloud. As such, Bitglass conducted a survey with IT...

​CSA Announces Availability of Certificate of Cloud Security Knowledge Foundation Exam Bundle

Press Release Published: 10/03/2019

Exam bundle makes it even easier to demonstrate knowledge in key areas of cloud securitySEATTLE – October 3, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment...

Why you can't have backdoored crypto that is secure

Blog Published: 10/03/2019

By Kurt Seifried, Chief Blockchain Officer, CSASo as you have probably seen some parts of the US government are again making noise about end-to-end encryption. We’ve seen this before (clipper chip, key escrow, etc., etc.). The new twist is that they appear to be trying a thin end of the wedge app...

What to Expect at the 2019 Colorado Chapter Forum

Blog Published: 10/02/2019

Understanding the complexities of cloud security can be very challenging. Because of this, Cloud Security Alliance has membership opportunities, resources, certifications, and local chapters to help explain it. The Colorado Chapter of Cloud Security Alliance is pleased to announce its 4th annual ...

Cloud Security Posture Management: Why You Need It Now

Blog Published: 10/01/2019

By Samantha Nguyen, Product Manager, BitglassGartner recommends that security and risk management leaders invest in CSPM (cloud security posture management) processes and tools to avoid misconfigurations that can lead to data leakage. Although it is a relatively new class of tools, this recommend...

How Blockchain Might Save Us All

Blog Published: 09/27/2019

By Kurt Seifried, Chief Blockchain Officer, CSAI’ve been seeing a lot of articles claiming that Blockchain will save us from hackers, and ransomware, and all sorts of other Cyber-Shenanigans. So… will Blockchain save us all? Yes, well . . . sort of, it’s complicated. Let’s start with a story:The ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
118
119
120
122
124
125
126
Last »