Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Survey Says: Almost Half of Cloud Workloads Not Controlled by Privileged Access

Published: 05/10/2019

By Nate Yocom, Chief Technology Officer, Centrify For the past few years, Centrify has been using a statistic from Forrester to demonstrate the importance of protecting privileged accounts, which estimates that 80 percent of data breaches involve privileged credentials. This first showed up ...

AWS Cloud: Proactive Security and Forensic Readiness – Part 5

Published: 05/02/2019

By Neha Thethi, Information Security Analyst, BH Consulting Part 5: Incident Response in AWS In the event your organization suffers a data breach or a security incident, it’s crucial to be prepared and conduct timely investigations. Preparation involves having a plan or playbook at han...

CSA on This Millennium Alliance Podcast

Published: 04/26/2019

By Cara Bernstein, Manager/Executive Education Partnerships, The Millennium Alliance This podcast episode features The Millennium Alliance partner, The Cloud Security Alliance. We sat down with Vince Campitelli, Enterprise Security Specialist, and Jon-Michael C. Brook, Principal, Guide Ho...

The Many Benefits of a Cloud Access Security Broker

Published: 04/19/2019

By Will Houcheime, Product Marketing Manager, Bitglass Today, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organiza...

CCSK Success Stories: From a Data Privacy Consultant

Published: 04/16/2019

By the CSA Education Team This is the fourth part in a blog series on cloud security training, in which we will be interviewing Satishkumar Tadapalli a certified and seasoned information security and data privacy consultant. Tadapalli has 12+ years of multi-functional IT experience in p...

Prying Eyes Inside the Enterprise: Bitglass' Insider Threat Report

Published: 04/12/2019

By Jacob Serpa, Product Marketing Manager, Bitglass When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be r...

CSA STAR – The Answer to Less Complexity, Higher Level of Compliance, Data Governance, Reduced Risk and More Cost-Effective Management of Your Security and Privacy System

Published: 03/28/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance We just launched a major refresh of the CSA STAR (Security, Trust and Assurance Risk) program, and if you were at the CSA Summit at RSA, you got preview of what’s in store. So let me put things in a bit more context...

Healthcare Breaches and the Rise of Hacking and IT Incidents

Published: 03/27/2019

By Jacob Serpa, Product Marketing Manager, Bitglass In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details a...

12 Ways Cloud Upended IT Security (And What You Can Do About It)

Published: 03/25/2019

This article was originally published on Fugue's blog here. By Andrew Wright, Co-founder & Vice President of Communications, Fugue The cloud represents the most disruptive trend in enterprise IT over the past decade, and security teams have not escaped turmoil during the transitio...

Better Vulnerability Management: How to Master Container Security in Three Steps

Published: 03/21/2019

By Nate Dyer, Product Marketing Director, Tenable Application containers like Docker have exploded in popularity among IT and development teams across the world. Since its inception in 2013, Docker software has been downloaded 80 billion times and more than 3.5 million applications have ...

Continuous Auditing - STAR Continuous - Increasing Trust and Integrity

Published: 03/19/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance As a SixSigma Black Belt I was brought up over the years with the philosophy of continual monitoring and improvement, moving from a reactive state to a preventive state. Actually, I wrote a white paper a couple of years ...

Are Cryptographic Keys Safe in the Cloud?

Published: 03/18/2019

By Istvan Lam, CEO, Tresorit By migrating data to the cloud, businesses can enjoy scalability, ease of use, enhanced collaboration and mobility, together with significant cost savings. The cloud can be especially appealing to subject-matter experts as they no longer have to invest in bui...

Webinar: The Ever Changing Paradigm of Trust in the Cloud

Published: 03/12/2019

By CSA Staff The CSA closed its 10th annual Summit at RSA on Monday, and the consensus was that the cloud has come to dominate the technology landscape and revolutionize the market, creating a tectonic shift in accepted practice. The advent of the cloud has been a huge advancement in ...

CSA Summit Recap Part 2: CSP & CISO Perspective

Published: 03/12/2019

By Elisa Morrison, Marketing Intern, Cloud Security Alliance When CSA was started in 2009, Uber was just a German word for 'Super' and all CSA stood for was Community Supported Agriculture. Now in 2019, spending on cloud infrastructure has finally exceeded on-premises, and CSA is celebrating ...

CSA Summit Recap Part 1: Enterprise Perspective

Published: 03/08/2019

By Elisa Morrison, Marketing Intern, Cloud Security Alliance CSA’s 10th anniversary, coupled with the bestowal of the Decade of Excellence Awards gave a sense of accomplishment to this Summit that bodes well yet also challenges the CSA community to continue its pursuit of excellence. The ...

CCSK Success Stories: From an Information Systems Security Manager

Published: 03/07/2019

By the CSA Education Team This is the third part in a blog series on Cloud Security Training. Today, we will be interviewing Paul McAleer. Paul is a Marine Corps veteran and currently works as an Information Systems Security Manager (ISSM) at Novetta Solutions, an advanced data analytics ...

A Decade of Vision

Published: 03/05/2019

By Jim Reavis, Co-founder and CEO, Cloud Security Alliance Developing a successful and sustainable organization is dependent upon a lot of factors: quality services, a market vision, focus, execution, timing and maybe a little luck. For Cloud Security Alliance, now celebrating our 10th an...

Education: A Cloud Security Investigation (CSI)

Published: 03/05/2019

By Will Houcheime, Product Marketing Manager, Bitglass Cloud computing is now widely used in higher education. It has become an indispensable tool for both the institutions themselves and their students. This is mainly because cloud applications, such as such as G Suite and Microsoft Offi...

Introducing CAIQ-Lite

Published: 03/01/2019

By Dave Christiansen, Marketing Director, Whistic The Cloud Security Alliance and Whistic are pleased to release CAIQ-Lite beta, a new framework for cloud vendor assessment. CSA and Whistic identified the need for a lighter-weight assessment questionnaire in order to accommodate the sh...

Five Years of the GitHub Bug Bounty Program

Published: 02/28/2019

By Philip Turnbull, Senior Application Security Engineer, GitHub Image credit: GitHub, This article was originally published by the GitHub team. GitHub launched our Security Bug Bounty program in 2014, allowing us to reward independent security researchers for their help in keeping GitHub ...

Browse by Topic