Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
It's Time for Security Leadership to Embrace the Cloud-First Future

Published: 07/29/2019

By Arif Kareem, CEO and President at ExtraHop Networks On the campus at Stanford Business School is a plaque engraved with a quote from Phil Knight, graduate of the business school and co-founder of Nike. I've visited the campus many times, and each time the words stop me in my tracks. "Th...

FedSTAR Pilot Program Status

Published: 07/24/2019

As the use of cloud technology has become more widespread, the concern about cloud security has increased. Government agencies and private sector users are concerned with protecting data and ensuring service availability.  Many countries and private entities have designed and implemented securit...

4 Reasons Why IT Supervision is a Must in Content Collaboration

Published: 07/23/2019

By István Molnár, Compliance Specialist, Tresorit For many organizations, workflow supervision is one of the biggest challenges to solve. Ideally users should be properly managed and monitored but sadly, countless organizations suffer from a lack of IT supervision. As a result, there is no te...

Signal vs. Noise: Banker Cloud Stories by Craig Balding

Published: 07/19/2019

A good question to ask any professional in any line of business is: which "industry events" do you attend and why?  Over a few decades of attending a wide variety of events - and skipping many more - my primary driver is "signal to noise" ratio.  In other words, I look for events attended by peo...

“Shift Left” to Harden Your Cloud Security Posture

Published: 07/18/2019

This article was originally published on Fugue's blog here. By Josh Stella, Co-founder & Chief Technology Officer, Fugue After a decade-long uneasy courtship with cloud computing, enterprises are migrating their IT systems to platforms like AWS and Azure as fast as they can. This means...

How Traffic Mirroring in the Cloud Works

Published: 07/08/2019

By Tyson Supasatit, Sr. Product Marketing Manage, ExtraHop Learn how Amazon traffic mirroring and the Azure vTAP fulfill the SOC visibility triad After years of traffic mirroring not being available in the cloud, between Amazon VPC traffic mirroring and the Azure vTAP, it's finally here! ...

Highlights from the CSA Summit at Cyberweek

Published: 07/03/2019

By Moshe Ferber, Chairman, Cloud Security Alliance, Israel and Damir Savanovic, Senior Innovation Analyst, Cloud Security Alliance The city of Tel Aviv is crowded throughout the year with a buzzing cybersecurity ecosystem, but in the last week of June, this ecosystem comes to boil when Tel Av...

The State of SDP Survey: A Summary

Published: 07/02/2019

The CSA recently completed its first annual “State of Software-Defined Perimeter” Survey, gauging market awareness and adoption of this modern security architecture – summarized in this infographic. The survey indicates it is still early for SDP market adoption and awareness, with only 2...

Using The CAIQ-Lite to Assess Third Party Vendors

Published: 07/01/2019

By Dave Christiansen, Marketing Director, Whistic The mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t ...

What is a CASB and How Do You Even Say It?

Published: 06/26/2019

Caleb Mast, Regional Sales Director, Bitglass These are some of the questions that I asked as I went through the recruiting process with Bitglass. My goal was to understand the product completely before going out and pitching it to prospective clients. So, what exactly is a Cloud Access S...

How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?

Published: 06/24/2019

By Jim de Haas, cloud security expert, ABN AMRO Bank This whitepaper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it ...

Will Hybrid Cryptography Protect Us from the Quantum Threat?

Published: 06/17/2019

By Roberta Faux, Director of Advance Cryptography, BlackHorse Solutions Our new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybr...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security Alliance Cloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource plann...

Security Spotlight: G Suite User Passwords Stored in Plaintext

Published: 06/06/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:   G Suite User Passwords Stored in Plaintext Since 2005Contact Data of Millions of Instagram Influencers ExposedRogue Iframe Phishing Used to Steal Payment Card InformationLon...

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)

Published: 05/28/2019

By Ryan Bergsma, Training Program Director, Cloud Security Alliance In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials, to how to prepare, to the details of the exam, including a module breakdown, passing rates, form...

What Will Happen If Encryption Used to Protect Data in Corporations Can Be Broken?

Published: 05/23/2019

By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching us...

Happy Birthday GDPR! – Defending Against Illegitimate Complaints

Published: 05/22/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going t...

New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Published: 05/21/2019

By Hillary Baron, Research Analyst, Cloud Security Alliance CSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the surve...

Financial Services: Counting on CASBs

Published: 05/20/2019

By Will Houcheime, Product Marketing Manager, Bitglass Financial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to em...

"Collection #1" Data Breach

Published: 05/15/2019

By Paul Sullivan, Software Engineer, Bitglass News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for en...

Browse by Topic