Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Cloud Security Alliance's D.C. Metro Area Chapter announces the event of the year: the Cybersecurity Cruise!

Published: 08/12/2019

By: Anil Karmel, President, CSA-DC Chapter & Co-Founder and CEO of C2 Labs, Inc. About a year ago, CSA recognized the need to establish a local chapter serving the unique needs of the Washington D.C. Metro Area. It's been my honor and privilege to serve as the President of this new ...

A Technical Analysis of the Capital One Cloud Misconfiguration Breach

Published: 08/09/2019

This article was originally published on Fugue's blog here. By Josh Stella, Co-founder & Chief Technology Officer, Fugue This is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint. I want to start by say...

Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis

Published: 08/08/2019

By Greg Jensen, Sr. Principal Director - Security Cloud Business Group, Oracle For the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on h...

Challenges & Best Practices in Securing Application Containers and Microservices

Published: 08/08/2019

By Anil Karmel, Co-Chair, CSA Application Containers and Microservices (ACM) Working GroupApplication Containers have a long and storied history, dating back to the early 1960s with virtualization on mainframes up to the 2000s with the release of Solaris and Linux Containers (LXC). The rise of Do...

The Cloud in the Fight Against Cyber-Bullying

Published: 08/07/2019

By the Cybersecurity International Institute (CSI) Learn about the upcoming innovative social project on Cyber-bullying using a cloud platform. The CSI Institute (Cybersecurity International Institute) is a non-governmental and not-for-profit organization. Our goal is to contribute to ...

Facebook Project Libra - the good, the bad, the ugly and why you should care

Published: 08/05/2019

By Kurt Seifried, Chief Blockchain Officer, CSA So you’ve probably heard by now that Facebook will be creating a crypto-currency called “Project Libra” and if you haven’t well, now you know. So first let’s cover what is good about this. Facebook has announced Project Libra as a Stablec...

CCM v3.0.1. Update for AICPA, NIST and FedRAMP Mappings

Published: 08/02/2019

Victor Chin and Lefteris Skoutaris, Research Analysts, CSA The CSA Cloud Controls Matrix (CCM) Working Group is glad to announce the new update to the CCM v3.0.1. This minor update will incorporate the following mappings: Association of International Certified Professional Accountants (AI...

Quantum Technology Captures Headlines in the Wall Street Journal

Published: 08/01/2019

By the Quantum-Safe Security Working GroupLast month, we celebrated the 50th anniversary of the Apollo 11 moon landing. Apollo, which captured the imagination of the whole world, epitomizes the necessity for government involvement in long term, big science projects. What started as a fierce race ...

Use Cases for Blockchain Beyond Cryptocurrency

Published: 07/31/2019

CSA’s newest white paper, Documentation of Relevant Distributed Ledger Technology and Blockchain Use Cases v2 is a continuation of the efforts made in v1. The purpose of this publication is to describe relevant use cases beyond cryptocurrency for the application of these technologies.In the proce...

Organizations Must Realign to Face New Cloud Realities

Published: 07/30/2019

Jim Reavis, Co-founder and Chief Executive Officer, CSAWhile cloud adoption is moving fast, many enterprises still underestimate the scale and complexity of cloud threatsTechnology advancements often present benefits to humanity while simultaneously opening up new fronts in the on-going and incre...

It's Time for Security Leadership to Embrace the Cloud-First Future

Published: 07/29/2019

By Arif Kareem, CEO and President at ExtraHop NetworksOn the campus at Stanford Business School is a plaque engraved with a quote from Phil Knight, graduate of the business school and co-founder of Nike. I've visited the campus many times, and each time the words stop me in my tracks."There comes...

FedSTAR Pilot Program Status

Published: 07/24/2019

As the use of cloud technology has become more widespread, the concern about cloud security has increased. Government agencies and private sector users are concerned with protecting data and ensuring service availability.  Many countries and private entities have designed and implemented securit...

4 Reasons Why IT Supervision is a Must in Content Collaboration

Published: 07/23/2019

By István Molnár, Compliance Specialist, TresoritFor many organizations, workflow supervision is one of the biggest challenges to solve. Ideally users should be properly managed and monitored but sadly, countless organizations suffer from a lack of IT supervision. As a result, there is no telling...

Signal vs. Noise: Banker Cloud Stories by Craig Balding

Published: 07/19/2019

A good question to ask any professional in any line of business is: which "industry events" do you attend and why?  Over a few decades of attending a wide variety of events - and skipping many more - my primary driver is "signal to noise" ratio.  In other words, I look for events attended by peo...

“Shift Left” to Harden Your Cloud Security Posture

Published: 07/18/2019

This article was originally published on Fugue's blog here. By Josh Stella, Co-founder & Chief Technology Officer, Fugue After a decade-long uneasy courtship with cloud computing, enterprises are migrating their IT systems to platforms like AWS and Azure as fast as they can. This means...

How Traffic Mirroring in the Cloud Works

Published: 07/08/2019

By Tyson Supasatit, Sr. Product Marketing Manage, ExtraHop Learn how Amazon traffic mirroring and the Azure vTAP fulfill the SOC visibility triad After years of traffic mirroring not being available in the cloud, between Amazon VPC traffic mirroring and the Azure vTAP, it's finally here! ...

Highlights from the CSA Summit at Cyberweek

Published: 07/03/2019

By Moshe Ferber, Chairman, Cloud Security Alliance, Israel and Damir Savanovic, Senior Innovation Analyst, Cloud Security AllianceThe city of Tel Aviv is crowded throughout the year with a buzzing cybersecurity ecosystem, but in the last week of June, this ecosystem comes to boil when Tel Aviv Un...

The State of SDP Survey: A Summary

Published: 07/02/2019

The CSA recently completed its first annual “State of Software-Defined Perimeter” Survey, gauging market awareness and adoption of this modern security architecture – summarized in this infographic. The survey indicates it is still early for SDP market adoption and awareness, with only 24% of re...

Using The CAIQ-Lite to Assess Third Party Vendors

Published: 07/01/2019

By Dave Christiansen, Marketing Director, WhisticThe mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t disag...

What is a CASB and How Do You Even Say It?

Published: 06/26/2019

Caleb Mast, Regional Sales Director, Bitglass These are some of the questions that I asked as I went through the recruiting process with Bitglass. My goal was to understand the product completely before going out and pitching it to prospective clients. So, what exactly is a Cloud Access S...

Browse by Topic