Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Info security: an eggshell defense or a layer cake strategy

Blog Published: 09/02/2015

By Susan Richardson, Manager/Content Strategy, Code42Eggshell security describes a practice in which organizations depend on a traditional model of a “hardened outer layer of defenses and a network that is essentially wide open, once the attacker has made it past perimeter defenses.”In an article...

M&A Concern: Is your data walking out the door with employees?

Blog Published: 08/25/2015

By Susan Richardson, Manager/Content Strategy, Code42 If you’re at one of the 40,000+ companies a year worldwide that announce a merger or acquisition, your biggest worry may not be combining IT systems. It may be all those employees walking out the door with your data.Layoffs and voluntary d...

The Cloud and Cybersecurity

Blog Published: 08/20/2015

By Vibhav Agarwal, Senior Manager of Product Marketing, MetricStreamTomorrow’s digital enterprise is at war today. War not only with external cybersecurity hackers and viruses, but also within the organization itself – a conclusion based on my discussions with information security managers and cl...

MITRE Matrix: Going on the ATT&CK

Blog Published: 08/19/2015

By TK Keanini, Chief Technology Officer, LancopeMost cybersecurity work is geared towards finding ways to prevent intrusions – passwords, two-factor authentication, firewalls, to name a few – and to identify the “chinks in the armor” that need to be sealed. The characteristics of malware are shar...

How to create the perfect climate for endpoint data migration

Blog Published: 08/18/2015

By Andy Hardy, EMEA Managing Director, Code42Today’s enterprise organizations face an escalating problem. As the use of laptops, tablets and smartphones continues to grow, the amount of data created and stored on these endpoint devices is increasing at pace.In fact, typically half of an organizat...

Trusting the Cloud: A Deeper Look at Cloud Computing Market Maturity

Blog Published: 08/12/2015

By Frank Guanco, Research Project Manager, CSADue to its exponential growth in recent years, cloud computing is no longer considered an emerging technology. Cloud computing, however, cannot yet be considered a mature and stable technology. Cloud computing comes with both the benefits and the draw...

What is Quantum Key Distribution?

Blog Published: 08/11/2015

By Frank Guanco, Research Project Manager, CSAFollowing this year’s RSA Conference, the Cloud Security Alliance formed a new working group called the Quantum-Safe Security Working Group (QSSWG). The QSSWG working group recently published a follow-up paper entitled “What is Quantum-Safe Computing”...

What is Quantum Key Distribution?

Press Release Published: 08/11/2015

“What is Quantum Key Distribution” addresses the issues around sharing and securing encryption keys in a quantum world. The position paper provides an overview of key distribution in general, examines some of current approaches and existing challenges of key distribution, and provides a brief ove...

Are endpoints the axis of evil or the catalyst of creation?

Blog Published: 08/11/2015

By Dave Payne, Vice President of Systems Engineering, Code42 If security pros had their way, they’d make laptops so secure they’d be virtually unusable. Protecting against every imaginable attack–not to mention the fallibility of the human connected to the laptop–is a battle we keep losing. S...

Private cloud deployments don’t own the monopoly on data security

Blog Published: 08/04/2015

By Aimee Simpson, Integrated Marketing Manager, Code42A recent Cloud Security Alliance (CSA) survey shows 73 percent of respondents cited security as a top challenge to cloud adoption for the enterprise.For this reason, the enterprise majority still requires on-premises, private cloud deployments...

IT and the Line of Business – Security vs Usability Survey

Press Release Published: 07/31/2015

The undeniable benefits of the cloud – better functionality, scalability, availability, and innovation at lower cost – is driving a secular move to cloud services. These benefits have made the cloud an executive-level and board-level conversation at many companies. As a result, IT is looking to t...

Effective Access Control with Active Segmentation

Blog Published: 07/30/2015

By Scott Block, Senior Product Marketing Manager, LancopeAs the threat landscape has evolved to include adversaries with deep pockets, immense resources and plenty of time to compromise their intended target, security professionals have been struggling to stave off data breaches. We’ve all heard ...

Why 87.3% of Companies Use Office 365

Blog Published: 07/29/2015

The Surprising Numbers Behind Office 365 Benefits and RisksBy Cameron Coles, ‎Senior Product Marketing Manager, Skyhigh NetworksBy all accounts, Office 365 is a huge success for Microsoft and its customers. In the quarter that ended June 30, 2015, Microsoft’s commercial cloud revenue grew 88% to ...

Evaluate Cloud Security Like Other Outsourced IT

Blog Published: 07/28/2015

By Susan Richardson, Manager/Content Strategy, Code42Now that business cloud usage is ubiquitous, you’d think we could get past all the hype around cloud security, and just start treating the cloud like any other IT platform that needs a rigorous, well-rounded security strategy with appropriate a...

Cloud Security Alliance EMEA to Host Fourth Annual Congress

Press Release Published: 07/28/2015

Agenda and Keynote Speakers Announced for Premiere European Cloud Security Event Berlin, Germany – July 28, 2015 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment...

Who knew? The Internet is not infinite

Blog Published: 07/22/2015

By Susan Richardson, Manager/Content Strategy, Code42 In January 2011, the world ran out of Internet addresses. Every device on the Internet—including routers, phones, laptops, game consoles, TVs, thermostats and coffeemakers—needs its own IP address to move data over the Net.When it began, i...

CISO role ranges from beat cop to boardroom

Blog Published: 07/17/2015

By Adam Best, Social Media Manager, Code42Every executive role has changed in the past decade or so, but none more than the chief information security officer. Ten years ago, if you asked someone to describe his CISO, he’d probably answer, “You mean my CIO?”Out of the server roomIn a globally-con...

The Art of (Cyber) War

Blog Published: 07/15/2015

By Chris Hines, Product Marketing Manager, Bitglass“If you know the enemy and know yourself, you need not fear the results of a hundred battles.” – Sun TzuWe are at war. Cyber criminals vs. enterprises and their security counterparts. Black Hatters vs. White Hatters. If you don’t believe it, do a...

Cloud Security Alliance Unveils Project STRATUS Research Results

Press Release Published: 07/15/2015

CSA together with elite team of researchers and practitioners demonstrate prototype tool that automates the auditing process of cloud data governance Hamilton, New Zealand, July 15, 2015 – Cloud Security Alliance® (CSA) participated in the third quarterly meeting of the STRATUS project, a six-ye...

FedRAMP and PCI – A Comparison of Scanning and Penetration Testing Requirements

Blog Published: 07/13/2015

By Matt Wilgus, Director of Security Assessment Services, BrightLineIn the last 30 days, the FedRAMP Program Management Office (PMO) has published guidance for both vulnerability scanning and penetration testing. The updated guidance comes on the heels of PCI mandating the enhanced penetration te...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
153
154
155
157
159
160
161
Last »