Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Cloud Security Alliance Releases Guidelines on Effectively Managing Security Service in the Cloud

Press Release Published: 10/10/2018

Newest paper offers clearly defined security responsibilities for vendors, customers across various cloud-service modelsSINGAPORE – October 11, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a...

CCSK in the Wild: Survey of 2018 Certificate Holders

Blog Published: 10/09/2018

Even as more organizations migrate to the cloud, there’s still a concern as to how well those cloud services are being secured. According to an article by Forbes “66% of IT professionals say security is their greatest concern in adopting a cloud computing strategy.” As you embark on your quest to...

Software-Defined Perimeter Architecture Guide Preview: Part 4

Blog Published: 10/08/2018

Part 4 of a four-part seriesBy Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc.Over the past three blog posts on this topic, we’ve provided an overview of the Software-Defined Perimeter (SDP) Architecture Guide, including its outline, core SDP concepts, and a summary...

CVE and Cloud Services, Part 2: Impacts on Cloud Vulnerability and Risk Management

Blog Published: 09/28/2018

By Victor Chin, Research Analyst, Cloud Security Alliance, and Kurt Seifried, Director of IT, Cloud Security AllianceThis is the second post in a series, where we’ll discuss cloud service vulnerability and risk management trends in relation to the Common Vulnerability and Exposures (CVE) system. ...

Cloud Security Alliance Establishes New European Headquarters, GDPR Center of Excellence in Berlin

Press Release Published: 09/27/2018

Berlin, Germany – Sept. 27, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced that in response to rapid membership growth throughout the...

Cloud Security Alliance Announces Speakers, Sessions 
for 8th Annual CSA Congress

Press Release Published: 09/25/2018

Keynote presenters from the United Nations, Turners Broadcasting, Qualys and Arizona State to discuss global governance, the threat landscape and security innovations that address new cloud security frontiers Seattle, WA – Sept. 25, 2018 – The Cloud Security Alliance (CSA), the world’s lead...

Recommendations for IoT Firmware Update Processes: Addressing complexities in a vast ecosystem of connected devices

Blog Published: 09/20/2018

By Sabri Khemissa, IT-OT-Cloud Cybersecurity Strategist,ThalesTraditionally, updating software for IT assets involves three stages: analysis, staging, and distribution of the update—a process that usually occurs during off-hours for the business. Typically, these updates apply cryptographic contr...

PCI Compliance for Cloud Environments: Tackle FIM and Other Requirements with a Host-Based Approach

Blog Published: 09/19/2018

By Patrick Flanders, Director of Marketing, LaceworkCompliance frameworks and security standards are necessary, but they can be a burden on IT and security teams. They provide structure, process, and management guidelines that enable businesses to serve customers and interoperate with other organ...

Software-Defined Perimeter Architecture Guide Preview: Part 3

Blog Published: 09/18/2018

Part 3 in a four-part seriesBy Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc.Thanks for returning for our third blog posting, providing a preview of the forthcoming Software-Defined Perimeter (SDP) Architecture Guide. In this article, we’re focusing on the "Core SD...

Pwned Passwords – Have Your Credentials Been Stolen?

Blog Published: 09/14/2018

By Paul Sullivan, Software Engineer, BitglassData breaches now seem to be a daily occurrence. In recent months, Have I Been Pwned (HIBP) introduced Pwned Passwords, which allows you to securely check your password against a database of breach data. There are over 280 breaches in the database, an...

Join CSA's New DC Metro Area Chapter

Blog Published: 09/10/2018

The Cloud Security Alliance (CSA) is pleased to announce that its DC Metro Area chapter has been chartered to serve the DC metro area CSA membership.The chapter's region includes a diverse range of businesses, government organizations and academic institutions who all have an interest in well-eng...

Avoiding Holes in Your AWS Buckets

Blog Published: 09/07/2018

By Sanjay Kalra, CPO & Co-Founder, Lacework Enterprises are moving to the cloud at a breathtaking pace, and they’re taking valuable data with them. Hackers are right behind them, hot on the trail of as much data as they can steal. The cloud upends traditional notions of networks and hosts,...

US CLOUD Act Drives Adoption of Cloud Encryption

Blog Published: 09/05/2018

By Rich Campagna, Chief Marketing Officer, BitglassThe US Clarifying Lawful Overseas Use of Data (CLOUD) Act was quietly enacted into law on March 23, 2018. I say quietly due to the controversial nature of how it was passed—snuck into the back of a 2,300 page Federal spending bill on the eve of C...

California's CCPA Brings EU Data Privacy to the US

Blog Published: 08/27/2018

By Rich Campagna, Chief Marketing Officer, BitglassOver the summer a new data privacy law, the California Consumer Privacy Act of 2018 (CCPA), was passed. Assembly Bill 375 is scheduled to go into effect on Jan 1, 2020, which means there will likely be a lot of change before we see the final, enf...

Software-Defined Perimeter Architecture Guide Preview: Part 2

Blog Published: 08/23/2018

Part 2 in a four-part seriesBy Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc.Thanks for returning for the second blog posting, providing a preview of the forthcoming Software-Defined Perimeter (SDP) Architecture Guide (Read Part 1). In this article, we focus on the...

EU GDPR vs US: What Is Personal Data?

Blog Published: 08/20/2018

By Rich Campagna, Chief Marketing Officer, BitglassMay 25, 2018—GDPR enforcement day,—has come and gone with little fan fare (and about 6 quadrillion privacy policy updates), but that doesn't mean we all know what to do to get into compliance. In fact, some measures put only one third of organiza...

Cloud Security Alliance Releases Malaysia Financial Sector Cloud 
Adoption Report

Press Release Published: 08/20/2018

Survey offers insight into areas of cloud adoption, IT security budgets, cloud computing, cyber security skills KUALA LUMPUR, MALAYSIA – August 20, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to hel...

CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities

Blog Published: 08/13/2018

By Kurt Seifried, Director of IT, Cloud Security Alliance and Victor Chin, Research Analyst, Cloud Security AllianceThe vulnerability management process has traditionally been supported by a finely balanced ecosystem, which includes such stakeholders as security researchers, enterprises, and vend...

CSA Releases Top Threats to Cloud Computing: Deep Dive

Press Release Published: 08/08/2018

Paper identifies chief cloud security risks, how they fit in a greater security analysis BLACKHAT LAS VEGAS – AUGUST 8, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure clou...

CSA, OWASP Issue Updated Guidance for Secure Medical 
Device Deployment

Press Release Published: 08/07/2018

Report includes enhanced sections on purchasing and mechanism controls, as well as relevant FDA guidance BLACKHAT LAS VEGAS – AUGUST 7, 2018 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
131
132
133
135
137
138
139
Last »