Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
EMV Chip Cards Are Working - That's Good and Bad

Blog Published: 02/02/2018

By Rich Campagna, CEO, BitglassFor many years, credit card companies and retailers ruled the news headlines as victims of breaches. Why? Hackers' profit motives lead them to credit card numbers as the quickest path to monetization. Appropriate data in hand and a working counterfeit card could be ...

Saturday Security Spotlight: Cyberwarfare and Cryptocurrency

Blog Published: 01/29/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —Cyberattacks deemed a top threat to society —Hackers target data around the world —Poor app designs threaten countries' infrastructure —Olympic Committee emails leaked by hackers ...

Cloud Security Alliance Releases Quantum-Safe Security Awareness Survey Report

Press Release Published: 01/26/2018

Newest paper finds that despite awareness of threat posed by quantum computing, little is being done to prepare SEATTLE, WA – January 26, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secu...

Nine Myths of Account Takeover

Blog Published: 01/25/2018

By Dylan Press, Director of Marketing, AvananAccount takeover attacks are a nearly invisible tactic for conducting cyber espionage. Because these breaches can take months or years to detect, we are slowly discovering that this attack vector is much more common than we thought. The more we learn a...

Cloud App Encryption and CASB

Blog Published: 01/19/2018

By Kyle Watson, Partner/Information Security, Cedrus DigitalMany organizations are implementing Cloud Access Security Broker (CASB) technology to protect critical corporate data stored within cloud apps. Amongst many other preventative and detective controls, a key feature of CASBs is the ability...

Saturday Morning Security Spotlight: Breaches and Intel

Blog Published: 01/15/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks: —Data on 123 million US households leaked —Tech giants investing in healthcare technology —Intel chips contain security vulnerability —DHS suffers breach of over 247,000 records —Forever 21...

Your Top Three Cloud Security Resolutions for 2018 Categories: Blog, Cloud Security

Blog Published: 01/11/2018

By Doug Lane, Vice President/Product Marketing, VaultiveWith 2017 behind us, it’s time to prepare your IT strategy and goals for the new year. There is a good chance that, if you aren’t using the cloud already, there’s a cloud services migration in store for your organization this year. No matte...

Cloud Access Security Brokers: Past, Present, and Future

Blog Published: 01/09/2018

By Jacob Serpa, Product Marketing Manager, BitglassLeading cloud access security brokers (CASBs) currently provide data protection, threat protection, identity management, and visibility. However, this has not always been the case. Since the inception of the CASB market, cloud access security br...

Launching of Application Containers and Microservices

Press Release Published: 01/05/2018

The Cloud Security Alliance is launching the Application Containers and Microservices (ACM) Working Group. The CSA ACM Working Group previously work with the National Institute of Standards and Technology (NIST) ACM Working Group to provide research, guidance, and best practices for the secure us...

The Stakes for Protecting Personally Identifiable Information Will Be Higher in 2018

Blog Published: 01/04/2018

By Doug Lane, Vice President/Product Marketing, VaultiveWhile it’s tough to predict what the most significant single threat of 2018 will be, it’s safe to say that 2017 was certainly a wake-up call for both businesses and consumers when it comes to data breaches. From the rampant misconfiguration...

Saturday Morning Security Spotlight: Jail Breaks and Cyberattacks

Blog Published: 12/29/2017

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:— Man attempts prison break through cyberattacks— Mailsploit allows for perfect phishing attacks— 1.4 billion credentials found in dark web database— Starbucks WiFi hijacks connected devices—...

Adding Value to Native Cloud Application Security with CASB

Blog Published: 12/27/2017

By Paul Ilechko, Senior Security Architect, CedrusMany companies are starting to look at the Cloud Access Security Broker (CASB) technology as an extra layer of protection for critical corporate data as more and more business processes move to the cloud.CASB technologies protect critical corporat...

It Could Happen To You

Blog Published: 12/20/2017

By Yael Nishry, Vice President/Business Development, Vaultive; Arthur van der Wees LLM, Arthur’s Legal; and Jiri Svorc LLM, Arthur’s LegalFor organizations around the world, implementing state-of-the-art security and personal data protection (using both technical and organizational measures) is ...

Avoid a Breach: Five Tips to Secure Data Access

Blog Published: 12/18/2017

By Jacob Serpa, Product Marketing Manager, BitglassAlthough the cloud is a boon to productivity, flexibility, and cost savings, it can also be a confusing tool to utilize properly. When organizations misunderstand how to use it, they often expose themselves to threats. While there aren’t necessar...

MSP: Is Your New Digital Service Compliant?

Blog Published: 12/15/2017

By Eitan Bremler, VP Marketing and Product Management, Safe-T DataOffering managed services seems like an easy proposition. You offer IT services for companies that don't have the infrastructure to support their own, bundle in services like cloud storage or remote desktop access, then sit back an...

Decoding NYCRR Part 500: What Finance Institutions Need to Know

Blog Published: 12/13/2017

By Kyle Watson, Identity and Access Management and Cloud Access Security Broker Expert, CedrusFor those of you in organizations subject to NYDFS oversight, you are probably aware of 23 NYCRR 500, a new set of cybersecurity requirements that went into effect this past March for financial services ...

AWS Cloud: Proactive Security and Forensic Readiness – Part 1

Blog Published: 12/11/2017

By Neha Thethi, Information Security Analyst, BH Consulting Part 1 – Identity and Access Management in AWS This is the first in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to identity and access ma...

What Will Software Defined Perimeter Mean for Compliance?

Blog Published: 12/08/2017

By Eitan Bremler, VP Marketing and Product Management, Safe-T DataYour network isn't really your network anymore. More specifically, the things you thought of as your network — the boxes with blinking lights, the antennae, the switches, the miles of Cat 5 cable — no longer represent the physical ...

Your Morning Security Spotlight: Apple, Breaches, and Leaks

Blog Published: 12/07/2017

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:–Apple's High Sierra has massive vulnerability–Survey says all firms suffered a mobile cyberattack–Morrisons liable for ex-employee leaking data–S3 misconfiguration leaks NCF customer data–Im...

Electrify Your Digital Transformation with the Cloud

Blog Published: 12/05/2017

By Tori Ballantine, Product Marketing, HylandTaking your organization on a digital transformation journey isn’t just a whimsical idea; or something fun to daydream about; or an initiative that “other” companies probably have time to implement. It’s something that every organization needs to serio...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
136
137
138
140
142
143
144
Last »