Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis
Blog Published: 08/08/2019
By Greg Jensen, Sr. Principal Director - Security Cloud Business Group, OracleFor the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on how they can w...
Challenges & Best Practices in Securing Application Containers and Microservices
Blog Published: 08/08/2019
By Anil Karmel, Co-Chair, CSA Application Containers and Microservices (ACM) Working GroupApplication Containers have a long and storied history, dating back to the early 1960s with virtualization on mainframes up to the 2000s with the release of Solaris and Linux Containers (LXC). The rise of Do...
The Cloud in the Fight Against Cyber-Bullying
Blog Published: 08/07/2019
By the Cybersecurity International Institute (CSI)Learn about the upcoming innovative social project on Cyber-bullying using a cloud platform.The CSI Institute (Cybersecurity International Institute) is a non-governmental and not-for-profit organization. Our goal is to contribute to the informati...
Facebook Project Libra - the good, the bad, the ugly and why you should care
Blog Published: 08/05/2019
By Kurt Seifried, Chief Blockchain Officer, CSASo you’ve probably heard by now that Facebook will be creating a crypto-currency called “Project Libra” and if you haven’t well, now you know.So first let’s cover what is good about this. Facebook has announced Project Libra as a Stablecoin, its valu...
CCM v3.0.1. Update for AICPA, NIST and FedRAMP Mappings
Blog Published: 08/02/2019
Victor Chin and Lefteris Skoutaris, Research Analysts, CSA The CSA Cloud Controls Matrix (CCM) Working Group is glad to announce the new update to the CCM v3.0.1. This minor update will incorporate the following mappings:Association of International Certified Professional Accountants (AICPA) Trus...
Quantum Technology Captures Headlines in the Wall Street Journal
Blog Published: 08/01/2019
By the Quantum-Safe Security Working GroupLast month, we celebrated the 50th anniversary of the Apollo 11 moon landing. Apollo, which captured the imagination of the whole world, epitomizes the necessity for government involvement in long term, big science projects. What started as a fierce race ...
Use Cases for Blockchain Beyond Cryptocurrency
Blog Published: 07/31/2019
CSA’s white paper, Documentation of Relevant Distributed Ledger Technology and Blockchain Use Cases v2 is a continuation of the efforts made in v1. The purpose of this publication is to describe relevant use cases beyond cryptocurrency for the application of these technologies.In the process of o...
Organizations Must Realign to Face New Cloud Realities
Blog Published: 07/30/2019
Jim Reavis, Co-founder and Chief Executive Officer, CSAWhile cloud adoption is moving fast, many enterprises still underestimate the scale and complexity of cloud threatsTechnology advancements often present benefits to humanity while simultaneously opening up new fronts in the on-going and incre...
It's Time for Security Leadership to Embrace the Cloud-First Future
Blog Published: 07/29/2019
By Arif Kareem, CEO and President at ExtraHop NetworksOn the campus at Stanford Business School is a plaque engraved with a quote from Phil Knight, graduate of the business school and co-founder of Nike. I've visited the campus many times, and each time the words stop me in my tracks."There comes...
Cloud Security Alliance Releases Best Practices for Implementing a Secure Application Container Architecture
Press Release Published: 07/26/2019
Second report in series provides mitigation options for 18 possible risks surrounding integration of application containers into trustworthy, secure systemsSEATTLE – July 26, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications...
FedSTAR Pilot Program Status
Blog Published: 07/24/2019
As the use of cloud technology has become more widespread, the concern about cloud security has increased. Government agencies and private sector users are concerned with protecting data and ensuring service availability. Many countries and private entities have designed and implemented security...
4 Reasons Why IT Supervision is a Must in Content Collaboration
Blog Published: 07/23/2019
By István Molnár, Compliance Specialist, TresoritFor many organizations, workflow supervision is one of the biggest challenges to solve. Ideally users should be properly managed and monitored but sadly, countless organizations suffer from a lack of IT supervision. As a result, there is no telling...
Signal vs. Noise: Banker Cloud Stories by Craig Balding
Blog Published: 07/19/2019
A good question to ask any professional in any line of business is: which "industry events" do you attend and why? Over a few decades of attending a wide variety of events - and skipping many more - my primary driver is "signal to noise" ratio. In other words, I look for events attended by peop...
“Shift Left” to Harden Your Cloud Security Posture
Blog Published: 07/18/2019
This article was originally published on Fugue's blog here. By Josh Stella, Co-founder & Chief Technology Officer, FugueAfter a decade-long uneasy courtship with cloud computing, enterprises are migrating their IT systems to platforms like AWS and Azure as fast as they can. This means the key...
Cloud Security Alliance Releases New Research Identifying Challenges in Securing Application Containers and Microservices
Press Release Published: 07/16/2019
Report identifies challenges in securing application containers and microservices through the lens of the developer, operator and architect SEATTLE – July 16, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practi...
Cloud Security Alliance Releases Cloud Penetration Testing Playbook
Press Release Published: 07/12/2019
Reports provides foundation for public cloud penetration testing methodology SEATTLE – July 12, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, tod...
How Traffic Mirroring in the Cloud Works
Blog Published: 07/08/2019
By Tyson Supasatit, Sr. Product Marketing Manage, ExtraHop Learn how Amazon traffic mirroring and the Azure vTAP fulfill the SOC visibility triadAfter years of traffic mirroring not being available in the cloud, between Amazon VPC traffic mirroring and the Azure vTAP, it's finally here! In this l...
Highlights from the CSA Summit at Cyberweek
Blog Published: 07/03/2019
By Moshe Ferber, Chairman, Cloud Security Alliance, Israel and Damir Savanovic, Senior Innovation Analyst, Cloud Security AllianceThe city of Tel Aviv is crowded throughout the year with a buzzing cybersecurity ecosystem, but in the last week of June, this ecosystem comes to boil when Tel Aviv Un...
The State of SDP Survey: A Summary
Blog Published: 07/02/2019
The CSA recently completed its first annual “State of Software-Defined Perimeter” Survey, gauging market awareness and adoption of this modern security architecture – summarized in this infographic. The survey indicates it is still early for SDP market adoption and awareness, with only 24% of res...
Cloud Security Alliance Congress EMEA 2019 Call for Papers Deadline Extended
Press Release Published: 07/02/2019
Papers examining new frontiers accelerating change in information security are sought Berlin, Germany – June 26, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing...