Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

All Articles
Learning from Delta: The High Cost of Outdated Backup Systems

Blog Published: 08/30/2016

By Susan Richardson, Manager/Content Strategy, Code42Chances are you know someone whose travel plans were snafued by the Delta system outage that cancelled 1,800 flights and delayed thousands more in August. IT experts are now pointing to Delta’s outdated disaster recovery technology as the culpr...

Cloud Security Alliance and SAFECode to Host Inaugural Developer Day Training Event in Bay Area as Part of Privacy.Security.Risk 2016 Conference Event

Press Release Published: 08/29/2016

Leading Industry Experts to Demonstrate and Discuss the Latest Techniques and Case Studies in Software Assurance and New Frontiers in Software Security Seattle, WA – August 29, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness ...

Cloud Security Alliance Big Data Working Group Releases ‘100 Best Practices in Big Data’ Report

Press Release Published: 08/26/2016

New Effort to Help Organizations Reduce Security and Privacy Threats in Big Data The Cloud Security Alliance (CSA), today announced the release of the new handbook from the CSA Big Data Working Group, outlining the 100 best practices in big data security. The Big Data Security and Privacy Handbo...

100 Best Practices in Big Data Security and Privacy

Blog Published: 08/26/2016

By Ryan Bergsma, Research Intern, CSA‘Big data’ refers to the massive amounts of digital information companies and governments collect about human beings and our environment. Experts anticipate that the amount of data generated will double every two years, from 2500 exabytes in 2012 to 40,000 exa...

Information Security Promises Are Made To Be Broken

Blog Published: 08/25/2016

By Mark Wojtasiak, Director of Product Marketing, Code42Morality insists that people will abide by the law and do the right thing; those promises have and will always be broken.Code42, along with almost every other major player in the information security space attended Black Hat 2016 in Las Vega...

Which Approach Is Better When Choosing a CASB? API or Proxy? How About Both?

Blog Published: 08/22/2016

By Bob Gilbert, Vice President/Product Marketing, Netskope There have been recent articles and blog posts arguing that the API approach is better than the proxy approach when it comes to selecting a cloud access security broker (CASB). The argument doesn’t really make sense at all. Both surely ha...

Five Scenarios Where Data Visibility Matters—A Lot

Blog Published: 08/19/2016

By Charles Green, Systems Engineer, Code42In case you were off enjoying a well-deserved summer holiday and are, like I am, a firm believer in disconnecting from the world while on holiday, you might have missed the recent hacker document dump of the U.S. Democratic National Committee (DNC) emails...

CISOs: Do You Have the Five Critical Skills of a DRO?

Blog Published: 08/11/2016

By Mark Wojtasiak, Director of Product Marketing, Code42CISOs exploring career advancement opportunities have a new consideration, according to Gartner VP and Distinguished Analyst Paul Proctor. At a Gartner Security & Risk Management Summit presentation in June, Proctor talked about the evol...

API vs. Proxy: How to Get the Best Protection from Your CASB

Blog Published: 08/11/2016

By Ganesh Kirti, Founder and CTO, PalerraCloud Access Security Broker (CASB) software has emerged to help IT get its arms around the full cloud security situation. CASBs are security policy enforcement points between cloud service users and one or more cloud service providers. They can reside on ...

Cloud Security Alliance Announces Strong Line Up of Trainings and Working Group Sessions Scheduled for Privacy. Security. Risk. 2016 Conference

Press Release Published: 08/08/2016

Presented by CSA Congress and IAPP Privacy Academy, Event to Provide Forum for Professionals to Expand Education and Collaborative Work in IoT, Containerization, Privacy Audits, Threat Intelligence and Privacy Risk Analysis San Jose, CA – August 8, 2016 – The Cloud Security Alliance (CSA), the w...

Ransomware Growing More Common, More Complex; Modern Endpoint Backup Isn’t Scared

Blog Published: 08/05/2016

By Susan Richardson, Manager/Content Strategy, Code42The growing ransomware threat isn’t just about more cybercriminals using the same cryptoware tools. The tools themselves are rapidly growing more sophisticated—and more dangerous.Ransomware growing exponentially, with no signs of slowing A new ...

Take-aways from the 2016 Gartner Magic Quadrant for Secure Web Gateways

Blog Published: 08/03/2016

By Atri Chatterjee, CMO, ZscalerToday's smart enterprises, regardless of size, should be looking at a Secure Web Gateway (SWG) as part of their defense-in-depth security strategy. In Gartner’s opinion, if you aren’t using an SWG, you are in all likelihood leaving a hole in your enterprise securit...

Research Brief: Cloud Security Alliance Mobile Working Group Releases Mobile Application Testing Initiative Report

Press Release Published: 07/28/2016

New Effort to Help Organizations and Individuals Reduce Possible Risk Exposure and Security Threats in Using Mobile Applications Seattle, WA – July 28, 2016 – The Cloud Security Alliance (CSA) today announced the release of a new whitepaper from the CSA Mobile Working Group on a new initiative t...

A Game of Pwns: A Storm of (Pas)swords

Blog Published: 07/25/2016

By Jacob Ansari, Manager, SchellmanDespite their perpetual status as old news, passwords and their security weaknesses continue to make headlines and disrupt security in ever-expanding ways, and the usual advice about better protection continues to go unheeded or, more worryingly, fails to addres...

Modern Endpoint Backup Sees Data Leak Before It Hurts

Blog Published: 07/22/2016

By Ann Fellman, Vice President/Marketing and Enterprise Product Marketing Director, Code42Picture this: You’re enjoying a beautiful summer Saturday, watching your kid on the soccer field, when your phone rings. It’s work. Bummer. “Hi, this is Ben from the InfoSec team. It appears that John Doe, w...

An Enterprise View of Software Defined Perimeter

Blog Published: 07/15/2016

By Jim Reavis, Co-founder and CEO, Cloud Security Alliance As cloud computing and unmanaged endpoints continue to gain traction, it is a foregone conclusion that information security technical controls must become more virtual - that is to say, software-based. Rapidly disappearing are the days o...

How Do We Stack Up to Gartner’s Five Steps for Ransomware Protection?

Blog Published: 07/15/2016

By Mark Wojtasiak, Director of Product Marketing, Code42Gartner’s June 2016 article, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware,” outlines five steps for mitigating the threat and/or risk of being hit with ransomware. I will spare you the market stats and dol...

What You Need to Know: Navigating EU Data Protection Changes – EU-US Privacy Shield and EU General Data Protection Regulation

Blog Published: 07/12/2016

By Marshall England, Industry Marketing Director, Technology & Cloud, CoalfireIf you’re an organization with trans-Atlantic presence that transmits and stores European citizen data (e.g. employee payroll & HR data, client & prospect data) in the U.S. you will want to pay attention. Wh...

An In-House Security Approach for Cloud Services That Won’t Drive Your IT Department Insane

Blog Published: 07/11/2016

By Jane Melia, VP/Strategic Business Development, QuintessenceLabs “If your security sucks now, you’ll be pleasantly surprised by the lack of change when you move to cloud.” -- Chris Hoff, Former CTO of Security, Jupiter Networks The chances are, almost everyone in your organization loves the con...

Mobile Application Security Testing releases its white paper.

Press Release Published: 07/07/2016

The Mobile Application Security Testing (MAST) Initiative is a research which aims to help organizations and individuals reduce the possible risk exposures and security threat in using mobile applications. MAST aims define a framework for secure mobile application development, achieving privacy a...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.