Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Panama Papers Expose Data Security Deficiencies in Law Firms

Blog Published: 04/12/2016

By Rick Orloff, Chief Security Officer, Code42The unprecedented leak of 11.5 million files from the database of the world’s fourth biggest offshore law firm is riveting. As details continue to emerge about the Panama Papers leak, the money laundering and secretive tax regimes and high-profile cli...

CSA Releases New White Paper on Current Cloud Certification Challenges Ahead and Proposed Solutions

Blog Published: 04/11/2016

By Daniele Catteddu, Chief Technology Officer, Cloud Security AllianceToday, the Cloud Security Alliance has released the CSA STAR Program & Open Certification Framework in 2016 and Beyond, an important new whitepaper that has been created to provide the security community with a description ...

How CASB Is Different from Web Proxy / Firewall

Blog Published: 04/08/2016

By Cameron Coles, Sr. Product Marketing Manager, Skyhigh Networks A common question that arises as IT teams begin to look at cloud access security broker (CASB) products goes something like, “we already have a web proxy and/or firewall, how is this different?” or “does CASB replace my web proxy /...

How to Get C-suite Support for Insider Threat Prevention

Blog Published: 04/06/2016

By Susan Richardson, Manager/Content Strategy, Code42If you’re not getting support and adequate funding from the C-suite to address insider threats, a recent report highlights a powerful persuasive tool you may have overlooked: money—as in fines (cha-ching), lawsuits (cha-ching) and credit monito...

Don’t Let Your Cloud Security Strategy Get Railroaded by Old Thinking

Blog Published: 04/04/2016

By Player Pate, Senior Manager/Product Marketing, Cisco Security Business GroupThe standard gauge used for railroads (that is the distance between the rails) in the U.S. is four feet, eight and a half inches, which is an odd number however you look at it. The history behind it is even stranger an...

Cloud Security Alliance Releases Results of Software-Defined Perimeter Hackathon

Press Release Published: 03/31/2016

CSA, The World’s Leading Cloud Organization Collaborated with Verizon and Vidder To Validate Security and Feasibility of High Availability Public Cloud Architecture at Fourth Annual CSA Hackathon at the RSA Conference 2016 SEATTLE, WA – March 31, 2016 – The Cloud Security Alliance (CSA), today r...

Four Security Solutions Not Stopping Third-Party Data Breaches

Blog Published: 03/31/2016

By Philip Marshall, Director of Product Marketing, CryptzoneA new breed of cyberattack is on the rise. Although it was practically unheard of a few years ago, the third-party data breach is rapidly becoming one of the most infamous IT security trends of modern times: Target, Home Depot, Goodwill,...

Kicking Tires on World Backup Day: A Five-Point Inspection for Endpoint Backup

Blog Published: 03/29/2016

By Rachel Holdgrafer, Business Content Strategist, Code42Living with the constant threat of data breach or loss, large organizations have comprehensive remediation plans designed to guarantee speedy data recovery and business continuity. March 31, 2016 is World Backup Day—the perfect time to eval...

April CloudByte Webinars

Press Release Published: 03/28/2016

We have a ton of CloudBytes coming up in April! Click the links below each description to learn more or save your seat. If you want to see all upcoming and past CloudBytes click here: https://cloudsecurityalliance.org/research/cloudbytes/ Best Practices for Protecting Your Data in a Multi- and H...

Top 3 Malware Bogeymen Keeping CISOs Up at Night

Blog Published: 03/22/2016

By Susan Richardson, Manager/Content Strategy, Code42What keeps CISOs up at night? Of all the cyberthreats, malware sends chills down a CISO’s spine, according to The CyberEdge Group’s recently released 2016 Cyberthreat Defense Report. Malware bogeymen come in many shapes and sizes. Here are thre...

CIO, CISO and IT Practitioners Worry They Will Face a Datastrophe!

Blog Published: 03/18/2016

By Rick Orloff, Chief Security Officer, Code42We are not lacking choices: whether it’s in the information we consume, the things we can buy or the ability to express ourselves through multimedia channels. It’s therefore no surprise that our most valuable asset, human capital, is finding ways to w...

EU Safe Harbor and Privacy Shield: Timelines, Deadlines and Red Lines

Blog Published: 03/16/2016

What has happened since safe harbor was declared invalid and what’s next? By Nigel Hawthorne, EMEA Marketing Director, Skyhigh Networks As a quick reminder, Safe Harbor was the primary legal mechanism that allowed US-based companies and cloud providers to transfer data on European ind...

CSA Summit San Francisco 2016 Recap

Blog Published: 03/11/2016

By Frank Guanco, Research Project Manager, CSA Global At the end of February, the Cloud Security Alliance (CSA) concluded its CSA Summit San Francisco 2016 with a full slate of presentations, releases, and announcements. CSA Summit kicked off the week with a full day of speakers and panels on ...

Between SSL-cylla and Charib-TLS

Blog Published: 03/11/2016

By Jacob Ansari, Manager, Schellman & Company, Inc.Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not simple. Despite the fact that well-established protocols, namely Secure Sockets Layer (SSL) and Transport Layer Security (...

15 Data Security Policies Ignored by Modern Workers

Blog Published: 03/09/2016

By Rachel Holdgrafer, Business Content Strategist, Code42IT isn’t the only department stretched thin. In the past 20 years the economy has grown nearly 60 percent. Corporate profits have increased 20 percent. And wages have stagnated for most Americans. The workday goes from 9 to 7 and the U.S. i...

Security Versus Privacy in Today’s Enterprise

Blog Published: 03/03/2016

By Rachel Holdgrafer, Business Content Strategist, Code42Whether enterprise security or personal data privacy should prevail in the enterprise is the debate of the century. With internal actors responsible for 43 percent of enterprise data loss and 62 percent of respondents to the2016 Cyber Defen...

Cloud Security Alliance Software Defined Perimeter Working Group Announces New SDP for IaaS Initiative

Press Release Published: 03/03/2016

New Initiative To Address How SDP Can Solve Security, Compliance and Administration Challenges for Infrastructure as a Service (IaaS) San Francisco, CA – March 2, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practi...

Listen to “Locked down at RSAC Podcast Episode 6” featuring Jim Reavis, Co-founder and CEO, CSA

Press Release Published: 03/03/2016

Jim Reavis, CEO of the Cloud Security Alliance, provides a 2-minute update on the state of the industry and highlights of the day-long Cloud Security Summit held at RSA 2016. The current state of security in cloud computing is strong, but uneven. Many issues remain to be addressed, including as s...

The Software-Defined Perimeter and IaaS: A New Initiative

Blog Published: 03/02/2016

By Kurt Glazemakers, CTO, CryptzoneAs enterprises embrace infrastructure as a service (IaaS) platforms, shifting new development and production into these environments, they face some challenges due to the dynamic nature of IaaS. Security, compliance and business & IT efficiency – specificall...

SecaaS Working Group Releases Preview of Security as a Service Functional Domain Definitions – Including Continuous Monitoring

Blog Published: 02/29/2016

By John Yeoh, Senior Research Analyst, Global, Cloud Security AllianceNumerous security vendors are now leveraging cloud-based Security as a Service (SecaaS) models to deliver security solutions. This shift has occurred for a variety of reasons including greater economies of scale and streamlined...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
147
148
149
151
153
154
155
Last »