Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
The Battle of the Titans: What it all means for IT managers caught in the middle

Blog Published: 10/31/2012

Adapt, accept and manage: a BYOD mantra for corporate ITRIM and Apple: two firms with more contrasting current fortunes you could not wish to imagine. The once high-flying Canadian BlackBerry-maker, for so long the darling of IT managers and beloved of time-starved execs the world over, has lo...

Assurance for Tomorrow’s Cloud

Blog Published: 11/27/2012

Cloud computing, and Big Data are natural bedfellows. Add to that mix, Critical infrastructure, and consumers and all of a sudden the need for greater assurance only increases. We will soon witness convergence of these technological advancements on a monumental scale, with previously disconn...

Towards a “Permanent Certified Cloud”: Monitoring Compliance in the Cloud with CTP 3.0

Blog Published: 01/29/2013

Cloud services can be monitored for system performance but can they also be monitored for compliance? That’s one of the main questions that the Cloud Trust Protocol aims to address in 2013.Compliance and transparency go hand in hand.The Cloud Trust Protocol (CTP) is designed to allow cloud cus...

Critical Infrastructure and the Cloud

Blog Published: 02/01/2013

Cloud computing continues to be a hot topic. But so what if people are talking about it, who is actually adopting it? One of the questions I have been asking myself is, ‘Will cloud be adopted for critical infrastructure? And what is the security perspective on this?Naturally a blog to answer t...

When Good Is Not Good Enough: NIST Raises the Bar for Cloud Data Protection Vendors

Blog Published: 02/21/2013

Earlier this year, the National Institute of Standards and Technology (NIST) released a publication titled Cloud Computing Synopsis & Recommendations (Special Publication 800-146) describing in detail the current cloud computing environment, explaining the economic opportunities and risks ...

CSA Drafts New SOC Position Paper

Blog Published: 02/25/2013

Phil Agcaoili, Founding Member, Cloud Security AllianceDavid Barton, Principal, UHY AdvisorsIn June 2011, the American Institute of Certified Public Accountants (AICPA) eliminated SAS 70 which had been a commonly used reporting standard within the information technology industry for providing ...

CSA Releases CCM v 3.0

Blog Published: 02/25/2013

The Cloud Security Alliance (CSA) today has released a draft of the latest version of the Cloud Control Matrix, CCM v3.0. This latest revision to the industry standard for cloud computing security controls realigns the CCM control domains to achieve tighter integration with the CSA’s “Security...

The Dark Side of Big Data: CSA Opens Peer Review Period for the “Top Ten Big Data and Privacy Challenges” Report

Blog Published: 02/25/2013

Big Data seems to be on the lips of every organization’s CXO these days. By exploiting Big Data, enterprises are able to gain valuable new insights into customer behavior via advanced analytics. However, what often gets lost amidst all the excitement are the very real and many security and pri...

Upcoming Cloud Security Training in EMEA - sign up today!

Blog Published: 03/14/2013

Securosis has recently updated the CCSK training curriculum to be in alignment with the Cloud Security Alliance Guidance V3.0, and the training class is much improved. Many of the hands-on exercises have been overhauled, and if you are looking to get familiar with cloud security you will ...

The Shrinking Security Model: Micro-perimeters

Blog Published: 03/20/2013

By Ed King, VP Product Marketing – Emerging Technologies, Axway (following acquisition of Vordel)As Cloud and mobile computing make enterprise IT ever more extended, the traditional security model of keeping the bad guys out and allowing only the good guys in no longer works well. While the r...

Three Critical Features That Define an Enterprise-Grade Cloud Service

Blog Published: 03/22/2013

By David Baker, CSO at OktaThe line between enterprise and consumer is fading as employees work from all manner of devices to access the on-premises, cloud and even consumer applications needed to get work done. But it’s important to not confuse enterprise and consumer services from a security...

How to Harden Your APIs

Blog Published: 03/26/2013

The market for APIs has experienced explosive growth in recent years, yet the major issues that providers still face are protection and hardening of the APIs that they expose to users. In particular, when you are exposing APIs from a cloud based platform, this becomes very difficult to achieve...

Going up? Safety first, then send your data to the cloud

Blog Published: 03/28/2013

By: Joe Sturonas, CTO, PKWAREAs the proliferation of data continues to plague businesses, the pressure is on for companies to migrate away from their physical data centers. Cloud computing is being adopted at a rapid rate because it addresses not only the costs for physical space, but also ris...

Cloud APIs - the Next Battleground for Denial-of-Service Attacks

Blog Published: 04/13/2013

by Mark O'Neill In recent months, there have been a number of highly publicized cyberattacks on U.S. banks. These attacks took the form of Distributed Denial of Service (DDoS) attacks, involving enormous amounts of traffic being sent to Internet-facing banking services, rendering them unusab...

How secure is Mobile Device Management anyway?

Blog Published: 04/25/2013

Researchers have successfully breached the Good Technology container. MDM software can only be as secure as the underlying operating system.As the adoption of smartphones and tablets grows exponentially, one of the biggest challenges facing corporate IT organizations is not the threat of losi...

Cloud-Based Identity Management: Best Practices for Rapid End-User Adoption

Blog Published: 04/26/2013

By Glenn Choquette, Director of Product Management, Fischer International Identity.Executive SummaryIdentity Management (IdM) is not new. Yet after all this time on the market, organizations still have mixed results for end-user adoption, as many organizations that rolled-out IdM years ago sti...

How to Adopt the Public Cloud While Attaining Private Cloud Control and Security

Blog Published: 04/26/2013

Earlier this year, McKinsey & Company released an article titled “Protecting information in the cloud,” discussing the increased use of cloud computing by enterprises across several industries and the benefits and risks associated with cloud usage. The article recognizes that many organiza...

Identity Management Plays a Key Role in Mobile Device Management (MDM)

Blog Published: 04/30/2013

By: Dan Dagnall, Chief Technology Strategist, Fischer International IdentityAs BYOD and other mobile device related initiatives take hold, sooner rather than later, identity management will once again be considered as an enforcement mechanism; and rightly it should.Identity and access manageme...

Security Check List: An Ounce of Prevention is Better than a Pound of Cure

Blog Published: 04/30/2013

By Wolfgang KandekIt is common belief that buying more robust and expensive security products will offer the best protection from computer-based attacks; that ultimately the expenditure pays off by preventing data theft. According to Gartner, more than $50 billion is spent annually on security...

Cloud-to-Ground, The Last Frontier?

Blog Published: 05/15/2013

Whilst Cloud-to-Cloud service integration is relatively straight forward, Cloud service to on premise integration presents more challenges for the enterprise architect By Ed King, VP Product Marketing – Axway (following acquisition of Vordel) Cloud-to-Cloud security integration is now a fairl...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
27
28
29
31
33
34
35
Last »