Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Fake SSL Certificates Uncovered: The Tip of the Iceberg and Weaponized Trust
Published: 02/19/2014

KEVIN BOCEK, VP, SECURITY STRATEGY & THREAT INTELLIGENCE, VENAFI Cybercriminals are moving faster than we think to weaponize the core element of trust on the Internet: digital certificates. The many fake certificates identified by Netcraft are just the tip of the iceberg. Cybercriminals are ampi...

Hack the SDP - win a trip to DEF CON!
Published: 02/17/2014

Following the CSA Summit at RSA on Monday Feb 24th, the CSA will be hosting a Software Defined Perimeter workshop and a 'virtual hackathon', open to anyone.The workshop will provide a detailed demo and explanation of SDP, and will kick off the ‘virtual hackathon’ contest, which will last until 3p...

The Launch of the NIST Cybersecurity Framework
Published: 02/13/2014

by John DiMaria, BSII was one of those invited to attended NIST Cybersecurity Framework launch yesterday at the White House. It was a very nice well organized and positive event.“The Framework is a key deliverable from the Executive Order on “Improving Critical Infrastructure Cybersecurity” that ...

SecureCloud Update: Neelie Kroes, VP of the European Commission to Give Opening Keynote Address
Published: 02/11/2014

SecureCloud 2014 is now just under two months away and we are excited to announce that Neelie Kroes, Vice President of the European Commission, will be giving the opening keynote address on April 1st.[caption id="attachment_1197" align="alignright" width="307"] Neelie Kroes, VP of the European Co...

Cybersecurity absent during the State of the Union Address
Published: 02/06/2014

by John DiMaria, BSII was disappointed that there was only a passing mention to cybersecurity at the recent State of the Union Address. As a matter of fact if you took a bite of your popcorn at the wrong time you missed it.I realize the president's address was focused mainly on the economy, but t...

Top Security Questions to Ask Your Cloud Provider
Published: 02/06/2014

When considering a move to the cloud, there are a number of security questions that should be considered as you select a potential cloud provider. Almost all analyst and industry surveys list privacy and data security as top concern for CIOs and CISOs. Through our years of moving SMBs and large e...

What is the Cloud?
Published: 02/06/2014

The cloud, aka cloud computing, has many different colloquial definitions, all of which seem to be somewhat different depending on who you are talking to. A few of the different terms you may hear are Software as a Service (SaaS), virtual enterprise, carrier (or service provider) cloud, and I am ...

Contextual Activities and Your Cloud Security Service
Published: 02/05/2014

In this best practices video, Jamie Barnett reviews details of the latest Netskope Cloud Report regarding the most commonly used activities in cloud apps. Jamie discusses why understanding activity context is important when considering a cloud security service. For this reason, the movie line for...

Almost 400 Cloud Apps in Every Enterprise
Published: 01/28/2014

By Krishna Narayanaswamy, Chief Scientist at Netskope On average, there are 397 cloud apps running in enterprises today. This is one of the findings in the second quarterly Netskope Cloud Report, an account of trends on cloud app adoption and usage. What makes this number interesting is th...

6 Prerequisites to Guide a Cloud App Policy Your Employees (and IT Department!) Will Love
Published: 01/23/2014

By Sanjay Beri, Founder and CEO, NetskopeIn today’s cloud-dominated business world, it is difficult for IT departments to get a hold of exactly where their data lies and who has access to it. Enterprise security is and will continue to be a big concern because of this, but a “zero trust” policy ...

Five Distinguished Security Experts to Keynote SecureCloud 2014
Published: 01/22/2014

SecureCloud 2014 is just around the corner and the CSA is pleased to announce the keynote speaker lineup for this must-attend event, which is taking place in Amsterdam on April 1-2.This year’s event will feature keynote addresses from the following five security experts on a wide range of cloud s...

What Is a Trusted Threat?
Published: 01/15/2014

Last month I co-presented a webinar with ISIGHT Partners, a leader in cyber-threat intelligence, to discuss a white paper that exposes how keys and certificates can be used for nefarious intentions. Our purpose was to highlight some of the tactics malicious actors use and outline their profiles i...

Health Checking for Cloud Performance
Published: 01/15/2014

Steve Malmskog has more than 15 years of experience as a chief network architect. In this best practices video, Steve provides an in depth look at information you can gather about the health of nodes based on the traffic itself through in-band health checking vs. out-of-band checking which can be...

Why companies are adopting more cloud based IT security solutions
Published: 01/09/2014

We have entered the age of pervasive connectivity.  Regardless of whether we are at home, in the office, or on the road, most of us are almost always connected. This trend is blurring the lines between work time and leisure time, with the same devices used for both contexts interchangeably. To ...

Why Higher Education Institutions NeedCloud-Based Identity Providers
Published: 01/09/2014

By Dan Dagnall, Chief Technology Strategist for Fischer International IdentityFederation is definitely a hot topic these days, with NSTIC attempting to create an identity ecosystem, InCommon continuing to build its service-providerfederation, and state-level initiatives gearing up (some are alrea...

Evolution of Distributed Policy Enforcement in the Cloud
Published: 12/10/2013

By Krishna Narayanaswamy, chief scientist at NetskopeAs computing shifts to the cloud, so too must the way we enforce policy.Until recently, enterprise applications were hosted in private data centers under the strict control of centralized IT. Between firewalls and intrusion prevention systems, ...

What’s New With the Security as a Service Working Group?
Published: 12/09/2013

CSA members are invited to join the Security-as-a-Service Working Group (SecaaS WG) which aims to promote greater clarity in the Security as a Service model. Why a Security as a Service Working Group? Numerous security vendors are now leveraging cloud based models to deliver security solutions....

CloudTrust Protocol (CTP) Working Group Kicks Off at CSA Congress
Published: 12/06/2013

The Cloud Trust Protocol (CTP) aims to provide a protocol to enable Cloud Users to query Cloud Providers in real time about the security level of their service. It aims to foster transparency and trust in the cloud supply chain, bringing greater visibility to cloud users and providing them with d...

Introducing the CSA Financial Services Working Group
Published: 12/04/2013

At our annual CSA Congress today, the CSA is pleased to introduce the new Financial Services Working Group (FSWG), which aims to provide knowledge and guidance on how to deliver and manage secure cloud solutions in the financial industry, and to foster cloud awareness within the sector and relate...

Introducing the CSA’s Anti-Bot Working Group
Published: 12/04/2013

Among the many exciting new working groups being established and meeting at CSA Congress, today we’d like to also introduce our Anti-Bot Working Group. Chaired by Shelbi Rombout from USBank, this group’s mission is to develop and maintain a research portfolio providing capabilities to assist the ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.