Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Cloud Security Alliance Welcomes TÜV Rheinland as Global Corporate Member

Press Release Published: 11/03/2014

TÜV Rheinland Singapore to Become First CSA STAR Certifying Body in Southeast Asia Suntec, Singapore -- October 30, 2014 -- TÜV Rheinland, a global leader in independent inspection services, and Cloud Security Alliance (CSA), a not-for-profit organization that promotes the use of best practice...

Mobile and Cloud: BFFs 4Ever

Blog Published: 10/29/2014

By Krishna Narayanaswamy, Chief Scientist, NetskopeWe released the Netskope Cloud Report for October today. In it, we analyze the aggregated, anonymized data collected from tens of billions of events across millions of users in the Netskope Active Platform, and highlight key findings about cloud ...

In Plain Sight: How Hackers Exfiltrate Corporate Data Using Video

Blog Published: 10/29/2014

By Kaushik Narayan, Chief Technology Officer, Skyhigh NetworksConsumers and companies are embracing cloud services because they offer capabilities simply not available with traditional software. Cyber criminals are also beginning to use the cloud because it offers scalability and speed for delive...

CSA Seeks Input on Open Peer Review: CSA Quantum-Safe Security Working Group Charter

Press Release Published: 10/24/2014

The Cloud Security Alliance would like to invite you to review and comment on a proposed Quantum-Safe Security Working Group Charter. The focus of the Quantum‐Safe Security working group is on cryptographic methods that will remain safe after the widespread availability of the quantum computer. T...

Mobile Working Group IoT Kickoff Call!

Press Release Published: 10/23/2014

You are invited to participate in the first call for the Mobile Working Group Internet of Things (IoT) Security subgroup. Details are below: Dial in information: DIN: +1.213.226.1066, ID: 674-823-196#, https://join.me/cloudsecurityalliance.org OVERVIEW We'll work through getting us all on the s...

Cloud Security Alliance Software Hackathon Closed. Software Defined Perimeter Prevails Again

Press Release Published: 10/21/2014

Protocol Proves to be Intrinsically Secure Against Network-based Attacks; Full Attack Analysis Coming Soon! Seattle, WA – October 22, 2014 - The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud c...

CSA Congress US Presentations Available

Press Release Published: 10/20/2014

A message from Jim Reavis, Chief Executive Officer of Cloud Security Alliance: Dear CSA Membership, As we enter into our 6th year of operation, we are seeing tremendous growth in enterprise usage of cloud computing. When we started CSA, cloud was often being used as a pilot or prototype for fu...

Poodle – How Bad Is Its Bite? (Here’s the Data)

Blog Published: 10/17/2014

By Sekhar Sarukkai, VP of Engineering, Skyhigh NetworksA major vulnerability affecting the security of cloud services dubbed POODLE (Padding Oracle on Downgraded Legacy Encryption) was reported on October 14th by three Google security researchers—Bodo Moller, Thai Duong, and Krzysztof Kotowicz. T...

Malicious Security—Can You Trust Your Security Technology?

Blog Published: 10/16/2014

By Gavin Hill, Director, Product Marketing And Threat Intelligence, VenafiEncryption and cryptography have long been thought of as the exemplars of Internet security. Unfortunately, this is not the case anymore. Encryption keys and digital certificates have become the weakest link in most organiz...

Trust Is a Necessity, Not a Luxury

Blog Published: 10/13/2014

By Tammy Moskites, Chief Information Security Officer, VenafiMapping Certificate and Key Security to Critical Security ControlsI travel all over the world to meet with CIOs and CISOs and discuss their top-of-mind concerns. Our discussions inevitably return to the unrelenting barrage of trust-base...

The 7 Deadly Sins of Cloud Data Loss Prevention

Blog Published: 10/10/2014

By Chau Mai, Senior Product Marketing Manager, Skyhigh NetworksIt’s good to learn from your mistakes. It’s even better to learn from the mistakes of others. Skyhigh has some of the security world’s most seasoned data loss prevention (DLP) experts who’ve spent the last decade building DLP solution...

PCI Business-as-Usual Security—Best Practice or Requirement?

Blog Published: 10/08/2014

By Christine Drake, Senior Product Marketing Manager, VenafiWhen attending the 2014 PCI Community Meetings in Orlando in early September, the PCI SSC kicked off the conference with a presentation by Jake Marcinko, Standards Manager, on Business-as-Usual (BAU) compliance practices. The PCI DSS v3,...

The Ability to Inspect What You Didn’t See

Blog Published: 10/07/2014

By Scott Hogrefe, Senior Director, NetskopeContent inspection has come a long way in the past several years. Whether it is our knowledge and understanding of different file types (from video to even the most obscure) or the reduction of false positives through proximity matching, the industry has...

4 Lessons Learned From High Profile Credit Card Breaches

Blog Published: 10/07/2014

By Eric Sampson, Manager and QSA Lead, BrightLineThe media has been filled with stories of high profile credit card breaches, including those from Target, Neiman Marcus, P.F. Chang’s and most recently Home Depot. Details on the Home Depot breach are still emerging, but the details around the Targ...

Was the Cloud ShellShocked?

Blog Published: 10/06/2014

By Pathik Patel, Senior Security Engineer, Skyhigh NetworksInternet security has reached the highest defcon level. Another day, another hack – the new bug on the scene known as “Shellshock” blew up headlines and Twitter feeds.Shellshock exposes a vulnerability in Bourne Again Shell (Bash), the wi...

2015 PCI SIG Presentations—Rallying the Vote for Securing Keys and Certificates

Blog Published: 10/03/2014

By Christine Drake, Senior Product Marketing Manager, VenafiAt the 2014 PCI Community Meetings in Orlando, the 2014 PCI Special Interest Groups (SIGs) provided updates on their progress and presentations were given on the 2015 PCI SIG proposals in hopes of getting votes to become 2015 PCI SIG pro...

Software Defined Perimeter (SDP) Prevailing after Hackathon Kickoff at Cloud Security Alliance Congress 2014

Press Release Published: 10/02/2014

14 Days Left to Attempt Breach of SDP Protected Public Cloud and Earn a Prize of $10,000 San Jose, CA – October 2, 2014 - The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today ann...

CSA Congress Recap Roundup

Blog Published: 10/01/2014

Last week the CSA Congress and IAPP Privacy Academy in San Jose, California. It was the Cloud Security Alliance's first time to partner with IAPP for their respective events. It was a successful event where cloud security and privacy professionals were able to rub elbows and learn best practices ...

The Shared Burden of Cloud Data Security & Compliance

Blog Published: 10/01/2014

By Gerry Grealish, Chief Marketing Officer, PerspecsysData security remains a top concern for enterprises deploying popular cloud applications. While most will instinctively think of cloud data security and compliance as being handled only by IT departments, many enterprises are realizing that al...

Why Dyre Is Different and What It Means for Enterprises

Blog Published: 09/30/2014

By Bob West, Chief Trust Officer, CipherCloudThe Dyre Trojan, which salesforce.com warned its customers about earlier this month, shows that cyber criminals have found a brand new way to target cloud applications.It is the first known malware tool to deliberately target an enterprise cloud provid...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
159
160
161
163
165
166
167
Last »