Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Share how your organization adapts IAM practices to AI. Take the AI Identify Risk & Readiness Survey today!

All Articles

Home
All Articles
Lessons from Apple iCloud Data Leak

Blog Published: 11/19/2014

By Paul Skokowski, Chief Marketing Officer, AccellionThe theft of celebrity photos from Apple iCloud is a stark reminder of the need to think twice before storing data. For many people using a Mac the default behavior is to automatically back up and save data to iCloud. It's wonderfully appeal...

Shared Responsibilities for Security in the Cloud, Part 1

Blog Published: 11/24/2014

By Alexander Anoufriev, CISO, ThousandEyesIntroduction: Security Responsibilities in the Cloud EraWhen businesses owned their applications and all underlying infrastructure, they also owned their security. Now this is changing with a shift in ownership and operational responsibilities over man...

Shared Responsibilities for Security in the Cloud, Part 2

Blog Published: 11/25/2014

By Alexander Anoufriev, CISO, ThousandEyesShared Responsibilities for Security in the Cloud continues...Infrastructure Protection ServicesThis domain uses a traditional defense in depth approach to make sure that the data containers and communications channels are secure. For infrastructure pr...

The Apple-IBM Alliance: Illuminating the Future of BYOD

Blog Published: 11/26/2014

By Yorgen Edholm, CEO, AccellionThe mobile revolution, while firmly embedded in the consumer world, is now beginning to hit its stride in the enterprise world. This can be seen in the recent announcement from Apple and IBM, whose strategic alliance to develop joint solutions leveraging Apple d...

Right to Be Forgotten: Guidelines from WP29

Blog Published: 12/02/2014

Update: The final document regarding the right to be forgotten has been published. A new article, which goes more in depth, and analyzes the details of the Guidelines published by the Article 29 Working Party is available here: http://itlawgroup.com/resources/articles/237-right-to-be-forgotten...

CSA Guide to Cloud Computing – Now Available

Blog Published: 12/04/2014

By Jim Reavis, Executive Director CSA (Twittter @jimreavis); Brian Honan, President CSA Chapter Ireland (Twitter @BrianHonan); and Raj Samani, Chief Innovation Officer CSA & EMEA CTO Intel Security (Twitter @Raj_Samani)We are pleased to announce the availability of “CSA Guide to Computing:...

Zen and the Art of Acing Your Cloud Compliance Audit

Blog Published: 12/09/2014

By Mike Pav, VP of Engineering, Spanning by EMCWe all know cloud adoption is rampant, even though cloud security remains a big concern; a recent study from CloudEntr showed that 89% of IT pros said they were worried about cloud security. While IT admins are busy ensuring compliance for sanctio...

10 Must-Haves from “Cloud Security for Dummies”

Blog Published: 01/06/2015

By Krishna Narayanaswamy, Chief Scientist, NetskopeWe are excited to announce the availability of “Cloud Security for Dummies,” a book that my co-founders and fellow chief architects and I collaborated on based on our interactions with the most forward-thinking CIOs, CISOs, and cloud architect...

Compromised Credentials: A Risk for Your Business-Critical Cloud Apps

Blog Published: 01/08/2015

By Krishna Narayanaswamy, Chief Scientist, NetskopeWe are excited to announce the release of the January Netskope Cloud Report today. In it, we have our standard stuff – the latest cloud adoption numbers (this quarter, we report an average of 613 cloud apps per enterprise), as well as observe...

CSA Survey: Security of Cloud Data Now a Board-Level Concern

Blog Published: 01/12/2015

Security and Skills Gap Hold Back Cloud Projects While Shadow IT GrowsBy Cameron Coles, Sr. Product Marketing Manager, SkyhighA recent Cloud Security Alliance & Skyhigh survey shows that while security and skills gaps remain significant barriers to corporate-sanctioned cloud projects, end ...

The Truth About Encryption

Blog Published: 01/20/2015

By Christopher Hines, Product Marketing Manager, Bitglass“Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties.” – TechTargetEncryption has gotten some much-needed attention over the past fe...

Limit The Damage

Blog Published: 01/23/2015

By Chris Hines, Product Marketing Manager, BitglassDespite investments in security, breaches are still occurring at an alarming rate. Whether the result of the world’s nefarious cyber criminals sending phishing or malware attacks through company emails, or insiders simply misusing sensitive da...

Cutting Out The Security Blind Spots

Blog Published: 01/30/2015

By Chris Hines, Product Marketing Manager, Bitglass When Henry Ford’s Model T was introduced to the world in 1908, with a list price of $850, it revolutionized transportation for the masses at the time. What many folks don’t know is that it had absolutely no mirrors attached to it. Early ...

What The Anthem Breach Means For Healthcare Security

Blog Published: 02/06/2015

By Christopher Hines, Product Marketing Manager, Bitglass"Healthcare orgs oh how we love you so, with your data so un secured no wonder we give it a go. SSNs, birthdays and addresses information galore, we can’t wait until next year when we steal some more.”This is the song that healthcare dat...

Anthem’s Breach and the Ubiquity of Compromised Credentials

Blog Published: 02/09/2015

By Sekhar Sarukkai, Co-Founder and VP of Engineering, Skyhigh NetworksThe year is still young, and we’ve already witnessed a breach of potentially historic proportions. Anthem Inc, the nation’s second largest health insurer, released a statement last week announcing the breach of a database wi...

The Dark Side of the Web: 14 Essential Cloud Usage Facts Every CISO Should Know

Blog Published: 02/12/2015

By Kamal Shah, Vice President, Products and Marketing, SkyHigh NetworksBetween frequent headlines on data breaches and the growth of Shadow IT, it is easy to be captivated with what people are saying, blogging, and tweeting about the state of cloud adoption and security. But the fact is – it’s...

Why Companies Must Adopt the ‘Assume Mentality’ When It Comes to Breaches

Blog Published: 02/27/2015

By Christopher Hines, Product Marketing Manager, BitglassRecently Target announced that the credit card data breach that they suffered back in 2013 ended up costing them $162M. Now, I know some may argue that to a company like Target, that number is a drop in the bucket, and you’re right. But ...

What Does Customer Managed Encryption Keys Really Mean for Cloud Service Providers?

Blog Published: 03/06/2015

By Todd Partridge, Director of Strategy, IntralinksHave you ever leased a safety deposit box from your bank? For years the security and privacy of a safe deposit box has been the standard in the physical world. People have put their most important and their most valued information in bank vaul...

24 Hours After FREAK, 766 Cloud Providers Still Vulnerable

Blog Published: 03/06/2015

The Average Company Uses 122 FREAK-vulnerable servicesBy Sekhar Sarukkai, Co-founder and VP of Engineering, Skyhigh NetworksThis week a group of researchers at INRA, Microsoft Reseach, and IMDEA discovered a widespread vulnerability in OpenSSL that has rendered millions of Apple and Android de...

A Few Lessons from Recent Adware Insecurities

Blog Published: 03/11/2015

<strong>Recent adware has made significant waves in some information security </strong><strong>circles for its security vulnerabilities and </strong><strong>for its potential larger </strong><strong>impact on one of the essential systems of trust that ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
35
36
37
39
41
42
43
Last »