Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Using The CAIQ-Lite to Assess Third Party Vendors

Published: 07/01/2019

By Dave Christiansen, Marketing Director, WhisticThe mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t disag...

What is a CASB and How Do You Even Say It?

Published: 06/26/2019

Caleb Mast, Regional Sales Director, Bitglass These are some of the questions that I asked as I went through the recruiting process with Bitglass. My goal was to understand the product completely before going out and pitching it to prospective clients. So, what exactly is a Cloud Access S...

How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?

Published: 06/24/2019

By Jim de Haas, cloud security expert, ABN AMRO Bank This whitepaper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it ...

Will Hybrid Cryptography Protect Us from the Quantum Threat?

Published: 06/17/2019

By Roberta Faux, Director of Advance Cryptography, BlackHorse SolutionsOur new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybrid Crypto...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security AllianceCloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP)...

Security Spotlight: G Suite User Passwords Stored in Plaintext

Published: 06/06/2019

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:   G Suite User Passwords Stored in Plaintext Since 2005Contact Data of Millions of Instagram Influencers ExposedRogue Iframe Phishing Used to Steal Payment Card InformationLon...

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)

Published: 05/28/2019

In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials, to how to prepare, to the details of the exam, including a module breakdown, passing rates, format etc. Below is an infographic highlighting the main topics we'll be discu...

What Will Happen If Encryption Used to Protect Data in Corporations Can Be Broken?

Published: 05/23/2019

By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching using quantum...

Happy Birthday GDPR! – Defending Against Illegitimate Complaints

Published: 05/22/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going t...

New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Published: 05/21/2019

By Hillary Baron, Research Analyst, Cloud Security AllianceCSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the survey of 700 IT a...

Financial Services: Counting on CASBs

Published: 05/20/2019

By Will Houcheime, Product Marketing Manager, Bitglass Financial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to em...

"Collection #1" Data Breach

Published: 05/15/2019

By Paul Sullivan, Software Engineer, Bitglass News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for en...

Survey Says: Almost Half of Cloud Workloads Not Controlled by Privileged Access

Published: 05/10/2019

By Nate Yocom, Chief Technology Officer, Centrify For the past few years, Centrify has been using a statistic from Forrester to demonstrate the importance of protecting privileged accounts, which estimates that 80 percent of data breaches involve privileged credentials. This first showed up ...

AWS Cloud: Proactive Security and Forensic Readiness – Part 5

Published: 05/02/2019

By Neha Thethi, Information Security Analyst, BH Consulting Part 5: Incident Response in AWS In the event your organization suffers a data breach or a security incident, it’s crucial to be prepared and conduct timely investigations. Preparation involves having a plan or playbook at han...

CSA on This Millennium Alliance Podcast

Published: 04/26/2019

By Cara Bernstein, Manager/Executive Education Partnerships, The Millennium Alliance This podcast episode features The Millennium Alliance partner, The Cloud Security Alliance. We sat down with Vince Campitelli, Enterprise Security Specialist, and Jon-Michael C. Brook, Principal, Guide Ho...

The Many Benefits of a Cloud Access Security Broker

Published: 04/19/2019

By Will Houcheime, Product Marketing Manager, Bitglass Today, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organiza...

CCSK Success Stories: From a Data Privacy Consultant

Published: 04/16/2019

By the CSA Education Team This is the fourth part in a blog series on cloud security training, in which we will be interviewing Satishkumar Tadapalli a certified and seasoned information security and data privacy consultant. Tadapalli has 12+ years of multi-functional IT experience in pre-sales,...

Prying Eyes Inside the Enterprise: Bitglass' Insider Threat Report

Published: 04/12/2019

By Jacob Serpa, Product Marketing Manager, Bitglass When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be r...

CSA STAR – The Answer to Less Complexity, Higher Level of Compliance, Data Governance, Reduced Risk and More Cost-Effective Management of Your Security and Privacy System

Published: 03/28/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance We just launched a major refresh of the CSA STAR (Security, Trust and Assurance Risk) program, and if you were at the CSA Summit at RSA, you got preview of what’s in store. So let me put things in a bit more context regardin...

Healthcare Breaches and the Rise of Hacking and IT Incidents

Published: 03/27/2019

By Jacob Serpa, Product Marketing Manager, Bitglass In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details a...

Browse by Topic