Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Get Free Early Access to TAISE Module 3! Sample the Certificate Experience Today!

All Articles

Home
All Articles
Seven Reasons Why Proxy-based CASBs Are Required for Office 365

Blog Published: 11/08/2018

By Rich Campagna, Chief Marketing Officer, Bitglass A competing CASB vendor blogged recently on why proxy-based Cloud Access Security Brokers (CASBs) shouldn't be used for Office 365.The post cites "7 reasons," all of which are variations of just one reason: their CASB breaks each time Microso...

Cloud Security Alliance Announces the Release of the Spanish Translation of Guidance 4.0

Blog Published: 11/09/2018

By JR Santos, Executive Vice President of Research, Cloud Security Alliance.The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the release of Guid...

Cloud Security Alliance Releases Minor Update to CCM v3.0.1

Blog Published: 11/12/2018

By the CSA Research TeamThe Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) Working Group has released a minor update for the CCM v3.0.1. This update incorporates mappings to IEC 62443-3-3 and BSI Compliance Controls Catalogue (C5).The CCM is specifically designed to provide fundamen...

Data Breaches on the Rise in Financial Services

Blog Published: 11/14/2018

By Jacob Serpa, Product Marketing Manager, BitglassFinancial services organizations are a prime target for hackers looking to steal and sell valuable data. This is because these firms handle sensitive information known as PII, personally identifiable information, as well as other financial dat...

AWS Cloud: Proactive Security and Forensic Readiness – Part 4

Blog Published: 11/16/2018

Part 4: Detective Controls in AWSBy Neha Thethi, Information Security Analyst, BH Consulting Security controls can be either technical or administrative. A layered security approach to protecting an organization’s information assets and infrastructure should include preventative controls, dete...

CCSK Success Stories: Cloud Security Training from a CTO’s Perspective

Blog Published: 11/19/2018

By the CSA Education TeamWe’re kicking off a series on cloud security training today with a Q&A with the Vice President and CTO of Fusion Risk Management, Cory Cowgill. With a background in enterprise software development spanning multiple industries, Cowgill has multiple certifications in...

Weigh in on the Cloud Control Matrix Addenda

Blog Published: 11/20/2018

Dear Colleagues,The Cloud Security Alliance would like to invite you to review and comment on the Cloud Control Matrix (CCM) addenda for the following standards:—German Federal Office for Information Security (BSI) Cloud Computing Compliance Controls Catalogue (C5). (Add your comments to CCM-C...

Fixing Your Mis-Deployed NGFW

Blog Published: 11/23/2018

By Rich Campagna, Chief Marketing Officer, BitglassThe Firewall/Next-Gen Firewall has been the cornerstone of information security strategy for decades now. The thing is, changes in network traffic patterns have resulted in most firewalls protecting a smaller and smaller percentage of enterpri...

How to Do the Impossible and Secure BYOD

Blog Published: 11/26/2018

By Will Houcheime, Product Marketing Manager, BitglassThe use of cloud tools in the enterprise is becoming increasingly common, enabling employees to collaborate and work incredibly efficiently. On top of this, when employees are allowed to work from their personal devices (known as bring your...

Documentation of Distributed Ledger Technology and Blockchain Use

Blog Published: 11/27/2018

By Ashish Mehta, Co-chair, CSA Blockchain/Distributed Ledger Working GroupCSA’s newest white paper, Beyond Cryptocurrency: Nine Relevant Blockchain and Distributed Ledger Technology (DLT) Use Cases, aims to identify wider use cases for both technologies beyond just cryptocurrency, an area with...

Bitglass Security Spotlight: US Government Breaches Abound

Blog Published: 11/30/2018

By Jacob Serpa, Product Manager, BitglassHere are the top cybersecurity headlines of recent weeks:—Healthcare.gov breached—US weapons systems contain cybersecurity gaps—Over 35 million US voter records for sale—National Guard faces ransomware attack Healthcare.gov breached 75,000 people had ...

Typical Challenges in Understanding CCSK and CCSP: Technology Architecture

Blog Published: 12/03/2018

By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.comAs cloud computing is becoming increasingly mainstream, more people are seeking cloud computing security certification. Because I teach prep courses for the two most popular certifications—the Certificate of Cloud Secu...

OneTrust and Cloud Security Alliance Partner to Launch Free Vendor Risk Tool for CSA Members

Blog Published: 12/04/2018

By Gabrielle Ferree, Public Relations and Marketing Manager, OneTrustOneTrust is excited to announce that we have partnered with Cloud Security Alliance to launch a free Vendor Risk Management (VRM) tool.The tool, available to CSA members today, automates the vendor risk lifecycle for complia...

Development of Cloud Security Guidance, with Mapping MY PDPA Standard to CCM Control Domains, Jointly Developed by MDEC and CSA

Blog Published: 12/06/2018

By Ekta Mishra, Research Analyst/APAC, Cloud Security AllianceThe Cloud Security Alliance Cloud Controls Matrix (CCM) provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains. The ...

Keeping Your Boat Afloat with a Cloud Access Security Broker

Blog Published: 12/07/2018

By Prasidh Srikanth, Senior Product Manager, BitglassIf you were on a sinking ship that was full of holes of various sizes, which ones would you patch first? Probably the big ones. Now, consider this: As an enterprise, you’ve been successfully sailing and securing your corporate data on premis...

Addressing the Skills Gap in Cloud Security Professionals

Blog Published: 12/17/2018

One of the math lessons that has always stuck with me from childhood is that if you took a penny and doubled it every day for a month, it would make you a millionaire. In fact, it wouldn’t even take the whole month, you would be a millionaire on the 28th day. Of course, most of us realize thi...

CCM Addenda Updates for Two Additional Standards

Blog Published: 01/21/2019

By the CSA CCM Working GroupWe're happy to announce the publication of the updated Cloud Controls Matrix (CCM) Addenda for the following standards: — German Federal Office for Information Security (BSI) Cloud Computing Compliance Controls Catalogue (C5) — ISO/IEC 27002, ISO/IEC 27017 and ISO/I...

CCSK Success Stories: From the Financial Sector

Blog Published: 01/24/2019

By the CSA Education TeamThis is the second part in a blog series on Cloud Security Training. Today we will be interviewing an infosecurity professional working in the financial sector. John C Checco is President Emeritus for the New York Metro InfraGard Members Alliance, as well as an Informa...

Security Risks and Continuous Development Drive Push for DevSecOps

Blog Published: 01/31/2019

How the need to speed application creation and subsequent iterations has catalyzed the adoption of the DevOps philosophyBy Dwight B. Davis, Writer, SymantecThe sharp rise in cyber security attacks and damaging breaches in recent years has driven a new mantra among both application developers a...

Bitglass Security Spotlight: Breaches Expose Millions of Emails, Texts, and Call Logs

Blog Published: 02/05/2019

By Will Houcheime, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks: —773 million email accounts published on hacking forum— Unprotected FBI data and Social Security numbers found online — Millions of texts and call logs exposed on unlocked server—South...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
54
55
56
58
60
61
62
Last »