Cloud 101CircleEventsBlog
The CCSK v5 and Security Guidance v5 are now available!

All Articles

All Articles
What NetFlix Can Teach Us About Security in the Cloud

Blog Published: 03/29/2011

By Eric BaizeFor years, the security industry has been complacent, using complex concepts to keep security discussions isolated from mainstream IT infrastructure conversation. The cloud revolution is bringing an end to this security apartheid. The emergence of an integrated IT infrastructure sta...

[How to] Be Confident Storing Information in the Cloud

Blog Published: 03/29/2011

By Anil Chakravarthy and Deepak MohanOver the past few years, information explosion has inhibited organizations’ ability to effectively secure, manage and recover data. This complexity is only increasing as organizations try to manage the data growth by moving it to the cloud. It’s clear that sto...

Hey, You, Get off of My Cloud

Blog Published: 03/22/2011

By Allen AllisonThe emerging Public Cloud versus Private Cloud debate is not just about which solution is best. It extends to the very definition of cloud. I won’t pretend that my definitions of public cloud and private cloud match everybody elses, but I would like to begin by establishing my po...

Three Cloud-Computing Data Security Risks That Can’t be Overlooked

Blog Published: 03/21/2011

By Slavik Markovich, CTO of SentrigoThe move to Cloud Computing brings with it a number of attributes that require special consideration when it comes to securing data. And since in nearly every organization, their most sensitive data will be stored either directly in a relational database, or u...

Cloud Security: The Identity Factor

Blog Published: 03/10/2011

The Problem with Passwordsby Patrick Harding, CTO, Ping IdentityThe average enterprise employee uses 12 userid/password pairs for accessing the many applications required to perform his or her job (Osterman Research 2009). It is unreasonable to expect anyone to create, regularly change (also a p...

Navigating Cloud Application Security: Myths vs. Realities

Blog Published: 03/08/2011

Chris Wysopal, CTO, VeracodeDevelopers and IT departments are being told they need to move applications to the cloud and are often left on their own to navigate the challenges related to developing and managing the security of applications in those environments. Because no one should have to fly...

Trusted Client to Cloud Access

Blog Published: 03/02/2011

Cloud computing has become an integral part of all IT decision making today across industries and geographies. This market is growing at a rapid pace. By 2014, IDC expects public cloud spending to rise to $29.5 billion growing at 21.6 percent per year. At the same time, Forrester predicts the clo...

And the Thunder Rolls: All the Noise about Cloud and What that Means When Lightning Strikes

Blog Published: 02/23/2011

Disaster Recovery (DR) and Business Continuity Planning (BCP) continue to be driving factors for some organizations looking to move to cloud. Many are looking to manage their Disaster Recovery planning through extensive use of managed cloud services – and for good reasons. These are the most co...

Top Six Security Questions Every CIO Should Ask a Cloud Vendor

Blog Published: 02/23/2011

By Ian Huynh, Vice President of Engineering, Hubspan Cloud computing has become an integrated part of IT strategy for companies in every sector of our economy. By 2012, IDC predicts that IT spending on cloud services will grow almost threefold to $42 billion. So it’s no surprise that decision m...

Cloud Security Alliance unveils 2011 initiatives at CSA Summit at RSA

Press Release Published: 02/15/2011

Building on Two Years of Tremendous Work, CSA Continues to Lead Industry-Wide Efforts to Educate on Best Practices for Secure Cloud Computing San Francisco, Calif. – CSASummit at RSA – February 15, 2011 – At the CSA Summit at RSA yesterday, the Cloud Security Alliance (CSA) unveiled its 2011...

Cloud Security Alliance welcomes White House CIO Vivek Kundra as special guest keynote for CSA Summit at RSA

Press Release Published: 02/07/2011

Kundra to Unveil Vision for Federal Cloud Strategy at Highly Anticipated Event San Francisco, Calif. – CSASummit at RSA – February 7, 2011 – The Cloud Security Alliance (CSA) today announced the addition of Vivek Kundra, US Chief Information Officer (CIO) at the White House, as a keynote speak...

Extend the Enterprise into the Cloud with Single Sign-On to Cloud-Based services

Blog Published: 02/01/2011

by Mark O’Neill, CTO, VordelIn this blog post we examine how Single Sign-On from the enterprise to Cloud-based services is enabled. Single Sign-On is a critical component for any organization wishing to leverage Cloud services. In fact, an organization accessing Cloud-based services without Singl...

Moving to a “Show Me” State – Gaining Control and Visibility in Cloud Services

Blog Published: 01/27/2011

Survey after survey, security and more specifically the lack of control and visibility around what is happening to your information on cloud provider premises, is listed as the number one barrier to cloud adoption.So far, there have been two approaches to solving the problem:1 – The “Trust Me” ap...

Building a Secure Future in the Cloud

Blog Published: 01/27/2011

By Mark BregmanExecutive Vice President and Chief Technology Officer, SymantecCloud computing offers clear and powerful benefits to IT organizations of all sizes, but the path to cloud computing – please excuse the pun – is often cloudy.With cloud computing, IT resources can scale almost immediat...

Moving to the Cloud? Take Your Application Security With You

Blog Published: 01/27/2011

By Bill Pennington, Chief Strategy Officer, WhiteHat SecurityCloud computing is becoming a fundamental part of information technology. Nearly every enterprise is evaluating or deploying cloud solutions. Even as business managers turn to the cloud to reduce costs, streamline staff, and increase ef...

Neuroprivilogy: The New Frontier of Cyber Crime

Blog Published: 01/21/2011

By Shlomi Dinoor, vice president, emerging technologies, Cyber-Ark SoftwareIs your Neuroprivilogy vulnerable? The answer is most probably yes, you simply have no clue what Neuroprivilogy is (yet)…The first step of this discussion is defining a fancy term to help educate and describe this new phen...

Will the Cloud Cause the Reemergence of Security Silos?

Blog Published: 01/19/2011

by: Matthew GardinerGenerally in the world silos relate to things that are beneficial, such as silos for grain or corn. However in the world of IT security, silos are very bad. In many forensic investigations application silos turn up as a key culprit that enabled data leakage of one sort or an...

Certifiable in the Cloud

Blog Published: 01/13/2011

Author: Pamela Fusco, VP of Industry Solutions for SolutionaryCloud computing remains as much a mystery to some as it is a part of others’ daily lexicon. I spend a lot of time working with people who have connections to various offices of the U.S. government and I find that regardless of the topi...

Cloud Security Alliance launches Cloud Controls Matrix (CCM) 1.1

Press Release Published: 12/17/2010

Holistic Information Security Practitioner Institute (HISPI) community of mapping experts with years of relevant mapping and integration experience provides QA and validation of CSA CCM 1.1 prior to launch. Orlando, FL – December 17, 2010 – The Cloud Security Alliance (CSA) today announced t...

Cloud Security Alliance Unveils Governance, Risk Management and Compliance (GRC) Stack

Press Release Published: 11/17/2010

GRC Stack Provides Toolkit for Key Stakeholders to Implement and Assess Security of Cloud Environments Orlando, FL – CSA Congress – November 17, 2010 ** – The Cloud Security Alliance (CSA) today announced the availability of the CSA Governance, Risk Management and Compliance (GRC) Stack, a s...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.