Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Get Free Early Access to TAISE Module 3! Sample the Certificate Experience Today!

All Articles

Home
All Articles
Prying Eyes Inside the Enterprise: Bitglass' Insider Threat Report

Blog Published: 04/12/2019

By Jacob Serpa, Product Marketing Manager, BitglassWhen words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be remedia...

CCSK Success Stories: From a Data Privacy Consultant

Blog Published: 04/16/2019

By the CSA Education Team This is the fourth part in a blog series on cloud security training, in which we will be interviewing Satishkumar Tadapalli a certified and seasoned information security and data privacy consultant. Tadapalli has 12+ years of multi-functional IT experience in pre-sal...

The Many Benefits of a Cloud Access Security Broker

Blog Published: 04/19/2019

By Will Houcheime, Product Marketing Manager, BitglassToday, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organizations’...

CSA on This Millennium Alliance Podcast

Blog Published: 04/26/2019

By Cara Bernstein, Manager/Executive Education Partnerships, The Millennium AllianceThis podcast episode features The Millennium Alliance partner, The Cloud Security Alliance. We sat down with Vince Campitelli, Enterprise Security Specialist, and Jon-Michael C. Brook, Principal, Guide Holdings...

AWS Cloud: Proactive Security and Forensic Readiness – Part 5

Blog Published: 05/02/2019

By Neha Thethi, Information Security Analyst, BH Consulting Part 5: Incident Response in AWS In the event your organization suffers a data breach or a security incident, it’s crucial to be prepared and conduct timely investigations. Preparation involves having a plan or playbook at hand, alo...

Survey Says: Almost Half of Cloud Workloads Not Controlled by Privileged Access

Blog Published: 05/10/2019

By Nate Yocom, Chief Technology Officer, Centrify For the past few years, Centrify has been using a statistic from Forrester to demonstrate the importance of protecting privileged accounts, which estimates that 80 percent of data breaches involve privileged credentials. This first showed up in...

"Collection #1" Data Breach

Blog Published: 05/15/2019

By Paul Sullivan, Software Engineer, BitglassNews of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for enterpri...

Financial Services: Counting on CASBs

Blog Published: 05/20/2019

By Will Houcheime, Product Marketing Manager, BitglassFinancial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to embr...

New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Blog Published: 05/21/2019

By Hillary Baron, Research Analyst, Cloud Security AllianceCSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the survey of 700 I...

Happy Birthday GDPR! – Defending Against Illegitimate Complaints

Blog Published: 05/22/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going to ...

What Will Happen If Encryption Used to Protect Data in Corporations Can Be Broken?

Blog Published: 05/23/2019

By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching using quantu...

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)

Blog Published: 11/24/2020

Updated on 7/15/24 to align with CCSK v5.   In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials to the details of the exam. If you’re considering earning your CCSK, or just exploring the possibility, this will giv...

Security Spotlight: G Suite User Passwords Stored in Plaintext

Blog Published: 06/06/2019

By Will Houcheime, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks: G Suite User Passwords Stored in Plaintext Since 2005Contact Data of Millions of Instagram Influencers ExposedRogue Iframe Phishing Used to Steal Payment Card InformationLondon Commut...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Blog Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security AllianceCloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (E...

Will Hybrid Cryptography Protect Us from the Quantum Threat?

Blog Published: 06/17/2019

By Roberta Faux, Director of Advance Cryptography, BlackHorse SolutionsOur new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybrid Cry...

How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?

Blog Published: 06/24/2019

By Jim de Haas, cloud security expert, ABN AMRO BankThis paper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it easier for o...

What is a CASB and How Do You Even Say It?

Blog Published: 06/26/2019

Caleb Mast, Regional Sales Director, BitglassThese are some of the questions that I asked as I went through the recruiting process with Bitglass. My goal was to understand the product completely before going out and pitching it to prospective clients. So, what exactly is a Cloud Access Securit...

Using The CAIQ-Lite to Assess Third Party Vendors

Blog Published: 07/01/2019

By Dave Christiansen, Marketing Director, WhisticThe mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t di...

The State of SDP Survey: A Summary

Blog Published: 07/02/2019

The CSA recently completed its first annual “State of Software-Defined Perimeter” Survey, gauging market awareness and adoption of this modern security architecture – summarized in this infographic. The survey indicates it is still early for SDP market adoption and awareness, with only 24% of ...

Highlights from the CSA Summit at Cyberweek

Blog Published: 07/03/2019

By Moshe Ferber, Chairman, Cloud Security Alliance, Israel and Damir Savanovic, Senior Innovation Analyst, Cloud Security AllianceThe city of Tel Aviv is crowded throughout the year with a buzzing cybersecurity ecosystem, but in the last week of June, this ecosystem comes to boil when Tel Aviv...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
56
57
58
60
62
63
64
Last »