Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
CSA Summit at RSA Conference 2018 Turns Its Focus to Enterprise Grade Security: Will you be there?

Blog Published: 04/03/2018

By J.R. Santos, Executive Vice President of Research, Cloud Security AllianceToday’s enterprise cloud adoption has moved well beyond the early adopters to encompass a wide range of mission-critical business functions. As financial services, government and other industries with regulatory mandate...

The "Ronald Reagan" Attack Allows Hackers to Bypass Gmail's Anti-phishing Security

Blog Published: 04/02/2018

By Yoav Nathaniel, ‎Customer Success Manager, AvananWe started tracking a new method hackers use to bypass Gmail's SPF check for spear-phishing. The hackers send from an external server, the user sees an internal user (For example, your CEO) and Gmail's SPF-check, designed to indicate the validit...

AWS Cloud: Proactive Security and Forensic Readiness – Part 3

Blog Published: 03/27/2018

Part 3: Data protection in AWSBy Neha Thethi, Information Security Analyst, BH Consulting This is the third in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting data within AWS. Data protec...

34 Cloud Security Terms You Should Know

Blog Published: 03/23/2018

By Dylan Press, Director of Marketing, AvananWe hope you use this as a reference not only for yourself but for your team and in training your organization. Print this out and pin it outside your cubicle.How can you properly research a cloud security solution if you don't understand what you are r...

Are Healthcare Breaches Down Because of CASBs?

Blog Published: 03/19/2018

By Salim Hafid, Product Marketing Manager, Bitglass Bitglass just released its fourth annual Healthcare Breach Report, which dives into healthcare breaches over 2017 and compares the rate of breach over previous years. A big surprise this year was the precipitous drop in the volume of breaches an...

You Are the Weakest Link – Goodbye

Blog Published: 03/14/2018

By Jacob Serpa, Product Marketing Manager, BitglassSecurity in the cloud is a top concern for the modern enterprise. Fortunately, provided that organizations do their due diligence when evaluating security tools, storing data in the cloud can be even more secure than storing data on premises. How...

AWS Cloud: Proactive Security and Forensic Readiness – Part 2

Blog Published: 03/13/2018

By Neha Thethi, Information Security Analyst, BH Consulting Part 2: Infrastructure-level protection in AWS This is the second in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting your virtu...

Securing the Internet of Things: Devices & Networks

Blog Published: 03/12/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust Datacard The Internet of Things (IoT) is changing manufacturing for the better.With data from billions of connected devices and trillions of sensors, supply chain and device manufacturing operators are taking advanta...

Zero-Day in the Cloud – Say It Ain't So

Blog Published: 03/09/2018

By Steve Armstrong, Regional Sales Director, BitglassZero-day vulnerabilities are computer or software security gaps that are unknown to the public – particularly to parties who would like to close said gaps, like the vendors of vulnerable software.To many in the infosec community, the term "zero...

Co-chair Needed for the Quantum-Safe Security Working Group

Article Published: 03/08/2018

The Cloud Security Alliance's Quantum-Safe Security Working Group is seeking a new co-chair to lead the working groups initiatives on cryptographic methods that will remain safe after the widespread availability of the quantum computer. These volunteer positions will have a one-year term commit...

Saturday Security Spotlight: Tesla, FedEx, & the White House

Blog Published: 03/08/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—Tesla hacked and used to mine cryptocurrency—FedEx exposes customer data in AWS misconfiguration—White House releases cybersecurity report—SEC categorizes knowledge of unannounced breaches a...

FedRAMP - Three Stages of Vulnerability Scanning and their Pitfalls

Blog Published: 03/07/2018

By Matt Wilgus, Practice Leader, Threat & Vulnerability Assessments, Schellman & Co.Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate (ATO), as FedRAMP requir...

Securing the Internet of Things: Connected Cars

Blog Published: 03/05/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust DatacardEstablishing safety and security in automotive design goes far beyond crash test dummies.By 2022, the global automotive Internet of Things (IoT) market is expected to skyrocket to $82.79 billion – and manufac...

CASBs and Education's Flight to the Cloud

Blog Published: 03/01/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Cloud is becoming an integral part of modern organizations seeking productivity and flexibility. For higher education, cloud enables online course creation, dynamic collaboration on research documents, and more. As many cloud services like G Sui...

Saturday Security Spotlight: Malware, AWS, and US Defense

Blog Published: 02/26/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—AndroRAT malware spies on Android users—Smart TVs easily hackable—BuckHacker tool finds unsecured data in AWS buckets—Octoly breach exposes social media stars' personal data—Russian hackers ...

Unmanaged Device Controls, External Sharing, and Other Real CASB Use Cases

Blog Published: 02/23/2018

By Salim Hafid, Product Marketing Manager, Bitglass Many in the security industry have heard about CASBs (cloud access security brokers) as the go-to solutions for data and threat protection in the cloud. But where exactly do CASBs slot in? If you already have a NGFW (next-gen firewall) ...

A Home for CASB

Blog Published: 02/21/2018

By Kyle Watson, Partner, Information Security, CedrusOver the past 18 months, I’ve been working on CASB in some form or another including:—Educational architectural and technical videos—Request for Proposal (RFP) assistance—Pre-sales presentations and demos—Proof of Concepts (POCs)—Implementation...

Malware P.I. – Odds Are You're Infected

Blog Published: 02/19/2018

By Jacob Serpa, Product Marketing Manager, BitglassIn Bitglass' latest report, Malware P.I., the Next-Gen CASB company uncovered startling information about the rate of malware infection amongst organizations. Additionally, experiments with a new piece of zero-day malware yielded shocking results...

Agentless Mobile Security: No More Tradeoffs

Blog Published: 02/15/2018

By Kevin Lee, Systems QA Engineer, Bitglass Have you ever seen a "Pick two out of three” diagram? They present three concepts and force individuals to select the one that they see as the least important. The tradeoffs between convenience, privacy, and security serve as a perfect example o...

Cloud Security Alliance Releases New Report Examining Ways in Which Blockchain Technology Can Facilitate, Improve IoT Security

Press Release Published: 02/13/2018

Report offers high-level overview, use-case examples of blockchain for IoT security SEATTLE, WA – Feb. 13, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment,...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
129
130
131
133
135
136
137
Last »