Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Cloud Security Alliance Opens Registration for CSA Congress 2014

Press Release Published: 05/19/2014

Special Pricing Offered for Early Registration to Event Covering All Aspects of Privacy and Cloud Security Seattle, WA – May 19, 2014 – The Cloud Security Alliance (CSA) today announced the opening of registration for its annual CSA Congress 2014 scheduled to take place September 17-19, 2014, a...

Cloud Security Alliance Announces China Representative Office, Forms Strategic Partnership With China Government-Academia-Industry Partners, And Expands Its Chinese Corporate Members.

Press Release Published: 05/19/2014

CSA Makes Strong Long-Term Commitments in China Beijing – May 19, 2014 – The Cloud Security Alliance (CSA) today held a special event to announce the establishment of the new CSA China Representative Office in Beijing. The CSA also signed a total of seven strategic partnership agreements with m...

Have You Budgeted for the Next Heartbleed?

Blog Published: 05/15/2014

By Gavin Hill, Director/Product Marketing and Threat Intelligence, Venafi Last month the Heartbleed vulnerability took the world by storm. IT groups across the globe scrambled to patch systems that were susceptible to the OpenSSL vulnerability known as Heartbleed. Y2K—the millennium bug—has been ...

SOC in 5 Simple Steps

Blog Published: 05/09/2014

By Ryan Dean, Senior AssociateBrightLineAs an audit firm, we are frequently contacted by service organizations that know they need a SOC report (usually by way of a client request), but don’t know where to begin. With that in mind, I have broken down the process of obtaining a SOC report into fiv...

CLOUD SECURITY INNOVATORS – Q+A WITH GEORGE DO, CISO, EQUINIX

Blog Published: 05/07/2014

April 30, 2014 By Brandon Cook, director of product marketing (@BCookshow) Skyhigh Networks We are incredibly excited to feature a Q+A session with George Do, CISO of Equinix, as the first in our new monthly Skyhigh Networks Cloud Security Innovators blog series. Every month we will interview...

Heartbleed Changed the Security Landscape, but Few Organizations Realize It

Blog Published: 05/01/2014

With the media no longer focusing on the Heartbleed vulnerability, most people think that organizations have adequately addressed the problem, and the threat has passed. Because most people don’t understand the full impact of Heartbleed, however, they don’t realize that the fallout from this one ...

Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP)

Press Release Published: 05/01/2014

Version 1.0 of Implementation Specification Released Along with SDP Hackathon Results Report London – Infosecurity Europe – May 1, 2014 – The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud co...

Cloud Security Alliance (CSA) Announces EMC Has Joined CSA as an Executive Corporate Member

Press Release Published: 05/01/2014

Longstanding Member to Help CSA Promote Best Practices and Standards in EMEA London – Infosecurity Europe – April 29, 2014 – The Cloud Security Alliance (CSA) today announced that EMC Corporation (NYSE: EMC) has joined the CSA as an executive corporate member and has become a member of the CSA ...

Heartbleed Remediation: Replace ALL Keys and Certificates

Blog Published: 04/30/2014

By Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi. Response is not complete until trust is re-establishedBy now most organizations have responded to the Heartbleed vulnerability by patching vulnerable systems. Good. The next step must be to replace ALL keys and certificates....

Exception Sprawl

Blog Published: 04/28/2014

By Krishna Narayanaswamy, Chief Scientist at NetskopeWe released the Netskope Cloud Report today. One of the key findings of the report is that 90 percent of cloud app usage is in apps blocked by perimeter technology.How can this be the case? Are all the firewalls broken?That usage is the excepti...

The World is Failing to Remediate the Heartbleed Vulnerability

Blog Published: 04/28/2014

By Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi. Time is running out to change keys and certificates or else…The world appears to be failing to respond to the Heartbleed vulnerability. In fact well under 16% of vulnerable keys and certificates have been replaced. Experts B...

Responding to New SSL Cybersecurity Threats—Gartner Featured Research

Blog Published: 04/25/2014

By Gavin Hill, Director, Product Marketing and Threat Intelligence, VenafiWhen it comes to defending against advanced threats that take advantage of keys and certificates, most organizations have a gaping hole in their security strategy. Cyber criminals on the other hand know all too well how lit...

Remediating Heartbleed with Next-Generation Trust Protection

Blog Published: 04/24/2014

By Gavin Hill, Director, Product Marketing and Threat Intelligence, Venafi. Heartbleed ImpactThe Heartbleed vulnerability unequivocally demonstrates the impact a single vulnerability has on all organizations when keys and certificates are exposed. Cyber-criminals have unfettered access to the key...

Featured Research: CIRRUS

Press Release Published: 04/24/2014

Stakeholders in cloud computing have varying expectations and requirements related to security in the cloud. Consumers of cloud products are concerned with data portability and cloud interoperability, which ensures privacy and security when migrating data from one cloud to another.Security concer...

CSA Seeks Input on Cloud Data Protection Cert

Press Release Published: 04/24/2014

The Cloud Security Alliance invites you to review the Cloud Data Protection Cert, a new candidate project proposed for inclusion in the CSA Research Portfolio. The Cloud Data Protection Cert will be a web-based tool that presents cloud providers and cloud consumers with a tiered data-sensitivity...

Volunteer Spotlight: David Lingenfelter

Press Release Published: 04/24/2014

David Lingenfelter is a seasoned security professional with nearly 20 years of experience in risk management, information security, compliance and policy development. He is responsible for oversight of all security and compliance aspects of Fiberlink, an IBM company, including physical, applicati...

CSA Responds to President Obama's “Big Data” Initiative Request for Information

Press Release Published: 04/24/2014

On January 17, 2014, President Obama called for senior government officials to lead a comprehensive review of the ways in which “big data” will affect how Americans live and work, and the implications of collecting, analyzing and using such data for privacy, the economy, and public policy. The Pr...

Dropbox joins the Cloud Security Alliance

Blog Published: 04/23/2014

Here at Dropbox, keeping your stuff safe isn’t just part of our mission; it’s our top priority. As part of that, we’ve been engaging with the Cloud Security Alliance (CSA), a not-for-profit organization that promotes and provides education around cloud security best practices. Today, we’re excite...

Don’t Be Blinded by the Next Heartbleed

Blog Published: 04/22/2014

Organizations—from service providers, banks, and retailers to government agencies—were recently blindsided by the Heartbleed bug, a critical vulnerability in the OpenSSL cryptographic software library, which underlies trust for secure transactions worldwide. Attackers wasted no time exploiting th...

ALMOST 90% OF CLOUD PROVIDERS STILL HAVEN’T UPDATED CERTIFICATES 1 WEEK AFTER HEARTBLEED

Blog Published: 04/17/2014

By Harold Byun, Senior director, Product Management, Skyhigh Networks http://blog.skyhighnetworks.com/almost-90-of-cloud-providers-still-havent-updated-certificates-1-week-after-heartbleed/#sthash.FD2ttd1o.dpuf hundreds of cloud providers were vulnerable to the Heartbleed bug in OpenSSL even d...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
163
164
165
167
169
170
171
Last »