Decoding NYCRR Part 500: What Finance Institutions Need to Know
Blog Published: 12/13/2017
By Kyle Watson, Identity and Access Management and Cloud Access Security Broker Expert, CedrusFor those of you in organizations subject to NYDFS oversight, you are probably aware of 23 NYCRR 500, a new set of cybersecurity requirements that went into effect this past March for financial services ...
AWS Cloud: Proactive Security and Forensic Readiness – Part 1
Blog Published: 12/11/2017
By Neha Thethi, Information Security Analyst, BH Consulting Part 1 – Identity and Access Management in AWS This is the first in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to identity and access ma...
What Will Software Defined Perimeter Mean for Compliance?
Blog Published: 12/08/2017
By Eitan Bremler, VP Marketing and Product Management, Safe-T DataYour network isn't really your network anymore. More specifically, the things you thought of as your network — the boxes with blinking lights, the antennae, the switches, the miles of Cat 5 cable — no longer represent the physical ...
Your Morning Security Spotlight: Apple, Breaches, and Leaks
Blog Published: 12/07/2017
By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:–Apple's High Sierra has massive vulnerability–Survey says all firms suffered a mobile cyberattack–Morrisons liable for ex-employee leaking data–S3 misconfiguration leaks NCF customer data–Im...
Electrify Your Digital Transformation with the Cloud
Blog Published: 12/05/2017
By Tori Ballantine, Product Marketing, HylandTaking your organization on a digital transformation journey isn’t just a whimsical idea; or something fun to daydream about; or an initiative that “other” companies probably have time to implement. It’s something that every organization needs to serio...
Cloud Security Alliance Announces Launch of CCSKv4
Press Release Published: 12/04/2017
Updates to industry leading cloud certificate reflect evolving cloud landscape and the need for qualified security professionals SEATTLE, WA – December 4, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices ...
AWS Cloud: Proactive Security & Forensic Readiness
Blog Published: 12/01/2017
This post kicks off a series examining proactive security and forensic readiness in the AWS cloud environment. By Neha Thethi, Information Security Analyst, BH Consulting In a time where cyber-attacks are on the rise in magnitude and frequency, being prepared during a security incident is paramo...
Cloud Security Alliance Announces 2017 Ron Knode Service Award Recipients
Press Release Published: 11/30/2017
Volunteers recognized for dedication, efforts to furthering cloud security best practices SEATTLE, WA – November 30, 2017 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computi...
Four Important Best Practices for Assessing Cloud Vendors
Blog Published: 11/24/2017
By Nick Sorensen, President & CEO, Whistic When it comes to evaluating new vendors, it can be challenging to know how best to communicate the requirements of your vendor assessment process and ultimately select the right partner to help your business move forward — while at the same time avoi...
Your Morning Security Spotlight
Blog Published: 11/21/2017
By Jacob Serpa, Product Marketing Manager, BitglassThe top cybersecurity stories of the week revolved around malware and breaches. Infections and data theft remain very threatening realities for the enterprise.400 Million Malware Infections in Q3 of 2017In the last few months, malware has success...
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance
Press Release Published: 11/21/2017
Significant updates provide actionable guidance to reflect new European personal protection obligations Edinburgh, Scotland – November 21, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a sec...
Cloud Security Alliance Releases New Cloud Security for Startups Report
Press Release Published: 11/20/2017
New White Paper Helps Software-as-a-Service Startups Build Solid Security by Aligning Security Controls with Product Development and Investment Rounds SEATTLE, WA – November 20, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awar...
IT Sales in the Age of the Cloud
Blog Published: 11/09/2017
By Mathias Widler, Regional Sales Director, ZscalerThe cloud is associated not only with a change in corporate structures, but also a transformation of the channel and even sales itself. Cloudification makes it necessary for sales negotiations to be held with decision-makers in different departme...
Days of Our Stolen Identity: The Equifax Soap Opera
Blog Published: 10/26/2017
By Kate Donofrio, Senior Associate, Schellman & Co.The Equifax saga continues like a soap opera, Days of Our Stolen Identity. Every time it appears the Equifax drama is ending, a new report surfaces confirming additional security issues.On Thursday, September 12, NPR reported that Equifax to...
Cloud Security Alliance Releases Updates to ‘The Treacherous 12: Cloud Computing Top Threats in 2016’
Press Release Published: 10/20/2017
Updates Extend Real-World Examples to Align with Top Security Threats SEATTLE, WA – October 20, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, t...
CSA Releases Minor Update to CCM, CAIQ
Blog Published: 10/19/2017
By the CSA Research TeamThe Cloud Security Alliance has released a minor update for the Cloud Control Matrix (CCM) and the Consensus Assessment Initiative Questionnaire (CAIQ) v3.0.1. This update incorporates mappings to Shared Assessments 2017 Agreed Upon Procedures (AUP), PCI DSS v3.2, CIS-AWS-...
The GDPR and Personal Data…HELP!
Blog Published: 10/04/2017
By Chris Lippert, Senior Associate, Schellman & Co.With the General Data Protection Regulation (GDPR) becoming effective May 25, 2018, organizations (or rather, organisations) seem to be stressing a bit. Most we speak with are asking, “where do we even start?” or “what is included as personal...
Webinar: How Threat Intelligence Sharing Can Help You Stay Ahead of Attacks
Blog Published: 09/27/2017
By Lianna Catino, Communications Manager, TruSTAR TechnologyAccording to a recent Ponemon Institute survey of more than 1,000 security practitioners, 84 percent say threat intelligence is "essential to a strong security posture," but the data is too voluminous and complex to be actionable.Enter t...
Improving Metrics in Cyber Resiliency: A Study from CSA
Blog Published: 08/30/2017
By Dr. Senthil Arul, Lead Author, Improving Metrics in Cyber Resiliency With the growth in cloud computing, businesses rely on the network to access information about operational assets being stored away from the local server. Decoupling information assets from other operational assets could re...
Cloud Security Alliance Announces Release of Newest Report on ‘Improving Metrics in Cyber Resiliency”
Press Release Published: 08/30/2017
White paper introduces key metrics to measure threats, recover lost functionality in wake of attack SEATTLE, WA – August 30, 2017 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud comp...