Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

All Articles
You Are the Weakest Link – Goodbye

Blog Published: 03/14/2018

By Jacob Serpa, Product Marketing Manager, BitglassSecurity in the cloud is a top concern for the modern enterprise. Fortunately, provided that organizations do their due diligence when evaluating security tools, storing data in the cloud can be even more secure than storing data on premises. How...

AWS Cloud: Proactive Security and Forensic Readiness – Part 2

Blog Published: 03/13/2018

By Neha Thethi, Information Security Analyst, BH Consulting Part 2: Infrastructure-level protection in AWS This is the second in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting your virtu...

Securing the Internet of Things: Devices & Networks

Blog Published: 03/12/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust Datacard The Internet of Things (IoT) is changing manufacturing for the better.With data from billions of connected devices and trillions of sensors, supply chain and device manufacturing operators are taking advanta...

Zero-Day in the Cloud – Say It Ain't So

Blog Published: 03/09/2018

By Steve Armstrong, Regional Sales Director, BitglassZero-day vulnerabilities are computer or software security gaps that are unknown to the public – particularly to parties who would like to close said gaps, like the vendors of vulnerable software.To many in the infosec community, the term "zero...

Co-chair Needed for the Quantum-Safe Security Working Group

Article Published: 03/08/2018

The Cloud Security Alliance's Quantum-Safe Security Working Group is seeking a new co-chair to lead the working groups initiatives on cryptographic methods that will remain safe after the widespread availability of the quantum computer. These volunteer positions will have a one-year term commit...

Saturday Security Spotlight: Tesla, FedEx, & the White House

Blog Published: 03/08/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—Tesla hacked and used to mine cryptocurrency—FedEx exposes customer data in AWS misconfiguration—White House releases cybersecurity report—SEC categorizes knowledge of unannounced breaches a...

FedRAMP - Three Stages of Vulnerability Scanning and their Pitfalls

Blog Published: 03/07/2018

By Matt Wilgus, Practice Leader, Threat & Vulnerability Assessments, Schellman & Co.Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate (ATO), as FedRAMP requir...

Securing the Internet of Things: Connected Cars

Blog Published: 03/05/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust DatacardEstablishing safety and security in automotive design goes far beyond crash test dummies.By 2022, the global automotive Internet of Things (IoT) market is expected to skyrocket to $82.79 billion – and manufac...

CASBs and Education's Flight to the Cloud

Blog Published: 03/01/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Cloud is becoming an integral part of modern organizations seeking productivity and flexibility. For higher education, cloud enables online course creation, dynamic collaboration on research documents, and more. As many cloud services like G Sui...

Saturday Security Spotlight: Malware, AWS, and US Defense

Blog Published: 02/26/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—AndroRAT malware spies on Android users—Smart TVs easily hackable—BuckHacker tool finds unsecured data in AWS buckets—Octoly breach exposes social media stars' personal data—Russian hackers ...

Unmanaged Device Controls, External Sharing, and Other Real CASB Use Cases

Blog Published: 02/23/2018

By Salim Hafid, Product Marketing Manager, Bitglass Many in the security industry have heard about CASBs (cloud access security brokers) as the go-to solutions for data and threat protection in the cloud. But where exactly do CASBs slot in? If you already have a NGFW (next-gen firewall) ...

A Home for CASB

Blog Published: 02/21/2018

By Kyle Watson, Partner, Information Security, CedrusOver the past 18 months, I’ve been working on CASB in some form or another including:—Educational architectural and technical videos—Request for Proposal (RFP) assistance—Pre-sales presentations and demos—Proof of Concepts (POCs)—Implementation...

Malware P.I. – Odds Are You're Infected

Blog Published: 02/19/2018

By Jacob Serpa, Product Marketing Manager, BitglassIn Bitglass' latest report, Malware P.I., the Next-Gen CASB company uncovered startling information about the rate of malware infection amongst organizations. Additionally, experiments with a new piece of zero-day malware yielded shocking results...

Agentless Mobile Security: No More Tradeoffs

Blog Published: 02/15/2018

By Kevin Lee, Systems QA Engineer, Bitglass Have you ever seen a "Pick two out of three” diagram? They present three concepts and force individuals to select the one that they see as the least important. The tradeoffs between convenience, privacy, and security serve as a perfect example o...

Cloud Security Alliance Releases New Report Examining Ways in Which Blockchain Technology Can Facilitate, Improve IoT Security

Press Release Published: 02/13/2018

Report offers high-level overview, use-case examples of blockchain for IoT security SEATTLE, WA – Feb. 13, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment,...

Spotlight on Enterprise Grade Cloud Security at Cloud Security Alliance’s Annual CSA Summit at RSA Conference 2018

Press Release Published: 02/12/2018

Chief Executives from Leading Global Companies Talk Cloud as the New Dominant IT System; Registration Now Open San Francisco, CA – February 7, 2018 – RSA Conference 2018 -- The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best pra...

Cloud Security Alliance Issues State of ERP Security in the Cloud Report

Press Release Published: 02/12/2018

Newest research paper examines security, privacy challenges of migrating ERP systems to the cloud SEATTLE, WA – February 12 - 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud c...

Volunteers Needed: Blockchain/Distributed Ledger Working Group

Press Release Published: 02/12/2018

The CSA Blockchain and Distributed Ledger Working Group is searching for volunteers to participate in the development of whitepapers on blockchain use cases and guidance for implementing blockchain technology. The working group is looking for volunteers who have expertise in the financial sector ...

Saturday Security Spotlight: Military, Apps, and Threats

Blog Published: 02/12/2018

By Jacob Serpa, Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—Fitness app exposes military bases—Soldiers' names revealed by app—Google Play filled with fake apps—Medical devices easily hacked—The internet of things creates risk for the enterprise Fitness app...

Why Next-Gen Firewalls Can't Replace CASBs

Blog Published: 02/07/2018

By Joe Green, Vice President, /WW Solutions Engineering, Bitglass A security solution is only as good as the data it protects. Some solutions focus on data protection on the corporate network, others focus entirely on cloud data, and a select few enable security at access from any network. Next-...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.