Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Align cybersecurity controls with evolving regulations and make a real impact in the industry. Join CSA's Regulatory Analysis and Compliance Engineering Working Group!

All Articles

Home
All Articles
What Is a Trusted Threat?

Blog Published: 01/15/2014

Last month I co-presented a webinar with ISIGHT Partners, a leader in cyber-threat intelligence, to discuss a white paper that exposes how keys and certificates can be used for nefarious intentions. Our purpose was to highlight some of the tactics malicious actors use and outline their profile...

Five Distinguished Security Experts to Keynote SecureCloud 2014

Blog Published: 01/22/2014

SecureCloud 2014 is just around the corner and the CSA is pleased to announce the keynote speaker lineup for this must-attend event, which is taking place in Amsterdam on April 1-2.This year’s event will feature keynote addresses from the following five security experts on a wide range of clou...

6 Prerequisites to Guide a Cloud App Policy Your Employees (and IT Department!) Will Love

Blog Published: 01/23/2014

By Sanjay Beri, Founder and CEO, NetskopeIn today’s cloud-dominated business world, it is difficult for IT departments to get a hold of exactly where their data lies and who has access to it. Enterprise security is and will continue to be a big concern because of this, but a “zero trust” poli...

Almost 400 Cloud Apps in Every Enterprise

Blog Published: 01/28/2014

By Krishna Narayanaswamy, Chief Scientist at Netskope On average, there are 397 cloud apps running in enterprises today. This is one of the findings in the second quarterly Netskope Cloud Report, an account of trends on cloud app adoption and usage. What makes this number interesting is tha...

Contextual Activities and Your Cloud Security Service

Blog Published: 02/05/2014

In this best practices video, Jamie Barnett reviews details of the latest Netskope Cloud Report regarding the most commonly used activities in cloud apps. Jamie discusses why understanding activity context is important when considering a cloud security service. For this reason, the movie line ...

What is the Cloud?

Blog Published: 02/06/2014

The cloud, aka cloud computing, has many different colloquial definitions, all of which seem to be somewhat different depending on who you are talking to. A few of the different terms you may hear are Software as a Service (SaaS), virtual enterprise, carrier (or service provider) cloud, and I ...

Top Security Questions to Ask Your Cloud Provider

Blog Published: 02/06/2014

When considering a move to the cloud, there are a number of security questions that should be considered as you select a potential cloud provider. Almost all analyst and industry surveys list privacy and data security as top concern for CIOs and CISOs. Through our years of moving SMBs and larg...

Cybersecurity absent during the State of the Union Address

Blog Published: 02/06/2014

by John DiMaria, BSII was disappointed that there was only a passing mention to cybersecurity at the recent State of the Union Address. As a matter of fact if you took a bite of your popcorn at the wrong time you missed it.I realize the president's address was focused mainly on the economy, bu...

SecureCloud Update: Neelie Kroes, VP of the European Commission to Give Opening Keynote Address

Blog Published: 02/11/2014

SecureCloud 2014 is now just under two months away and we are excited to announce that Neelie Kroes, Vice President of the European Commission, will be giving the opening keynote address on April 1st.[caption id="attachment_1197" align="alignright" width="307"] Neelie Kroes, VP of the European...

The Launch of the NIST Cybersecurity Framework

Blog Published: 02/13/2014

by John DiMaria, BSII was one of those invited to attended NIST Cybersecurity Framework launch yesterday at the White House. It was a very nice well organized and positive event.“The Framework is a key deliverable from the Executive Order on “Improving Critical Infrastructure Cybersecurity” th...

Hack the SDP - win a trip to DEF CON!

Blog Published: 02/17/2014

Following the CSA Summit at RSA on Monday Feb 24th, the CSA will be hosting a Software Defined Perimeter workshop and a 'virtual hackathon', open to anyone.The workshop will provide a detailed demo and explanation of SDP, and will kick off the ‘virtual hackathon’ contest, which will last until...

Fake SSL Certificates Uncovered: The Tip of the Iceberg and Weaponized Trust

Blog Published: 02/19/2014

KEVIN BOCEK, VP, SECURITY STRATEGY & THREAT INTELLIGENCE, VENAFI Cybercriminals are moving faster than we think to weaponize the core element of trust on the Internet: digital certificates. The many fake certificates identified by Netcraft are just the tip of the iceberg. Cybercriminals ar...

CSA Invites Hackers to Participate in an Insider Attack of a Software Defined Perimeter (SDP)

Blog Published: 02/21/2014

Bob Flores, Former CTO of the CIA and President & CEO at Applicology Incorporated to Serve as Judge The Cloud Security Alliance (CSA) today announced additional details on its upcoming virtual hackathon, open to anyone globally, being held in conjunction with the RSA Conference, kicking of...

Survey Shows: SAAS Vendors Ditch User Names And Passwords, Adopt SAML In Droves

Blog Published: 02/24/2014

by Thomas Pedersen, co-founder and CEO of OneLoginLooks like we were on to something when we open sourced OneLogin’s first SAML Toolkit three years ago — theOneLogin 2014 State of SaaS Identity Management survey that we just completed with CSA shows that SaaS vendors are adopting SAML in drove...

CSA Appoints Leaders to the International Standardization Council

Blog Published: 02/27/2014

Andreas Fuchsberger Eric HibbardThe CSA announced today the re-appointment of Andreas Fuchsberger and Eric Hibbard as the Co-Chairs of the CSA’s International Standardization Council. As Co-Chairs, Fuchsberger and Hibbard wi...

Infographic: New Ponemon SSH Security Vulnerability Report

Blog Published: 03/04/2014

By Gavin Hill Global organizations are under attack, and the attackers are more dangerous and persistent than ever. While the motivations vary, the goal of today’s cybercriminal is to become and remain trusted on targeted networks in order to gain full access to sensitive, regulated and valuab...

You’re Already Compromised: Exposing SSH as an Attack Vector

Blog Published: 03/05/2014

By Gavin Hill, Director of Product Marketing and Threat Research, Venafi Before the Snowden breach, the average person rarely thought about encryption. Last year, however, encryption was at the forefront of everyone’s mind. People wanted to know what Edward Snowden disclosed about the National...

The Mask, Attacks on Trust, and Game Over

Blog Published: 03/06/2014

BY KEVIN BOCEK, VP, SECURITY STRATEGY & THREAT INTELLIGENCE, VENAFI Breached Enterprises Will Be Owned by The Mask operation for Years to ComeFor over a year, Venafi has been charting the course of attacks on the trust established by keys and certificates. The dramatic rise in attacks has ...

The Evolution of Mobile Malware: Digitally Signed Malware Creates an Illusion of Trust

Blog Published: 03/11/2014

By Patriz Regalado, Product Marketing Manager, Venafi Because cyber-criminals always seem to find new ways to circumvent traditional security measures, the threat landscape is constantly changing. A McAfee Labs Threat Report in Q3 2013 revealed an alarming trend: the type of malware proliferat...

RSA Conference 2014: Recap and Attendee Vulnerability Survey

Blog Published: 03/19/2014

BY: GAVIN HILL, DIRECTOR, PRODUCT MARKETING AND THREAT INTELLIGENCE, VENAFI I’ve been attending RSA for many years now, each year it seems to get bigger and better. This year a record breaking 28,500 attendees were in San Francisco to learn how to stop cyber-criminals in their ever increasing ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
30
31
32
34
36
37
38
Last »