Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
The Ability to Inspect What You Didn’t See
Published: 10/07/2014

By Scott Hogrefe, Senior Director, NetskopeContent inspection has come a long way in the past several years. Whether it is our knowledge and understanding of different file types (from video to even the most obscure) or the reduction of false positives through proximity matching, the industry has...

4 Lessons Learned From High Profile Credit Card Breaches
Published: 10/07/2014

By Eric Sampson, Manager and QSA Lead, BrightLineThe media has been filled with stories of high profile credit card breaches, including those from Target, Neiman Marcus, P.F. Chang’s and most recently Home Depot. Details on the Home Depot breach are still emerging, but the details around the Targ...

Was the Cloud ShellShocked?
Published: 10/06/2014

By Pathik Patel, Senior Security Engineer, Skyhigh NetworksInternet security has reached the highest defcon level. Another day, another hack – the new bug on the scene known as “Shellshock” blew up headlines and Twitter feeds.Shellshock exposes a vulnerability in Bourne Again Shell (Bash), the wi...

2015 PCI SIG Presentations—Rallying the Vote for Securing Keys and Certificates
Published: 10/03/2014

By Christine Drake, Senior Product Marketing Manager, VenafiAt the 2014 PCI Community Meetings in Orlando, the 2014 PCI Special Interest Groups (SIGs) provided updates on their progress and presentations were given on the 2015 PCI SIG proposals in hopes of getting votes to become 2015 PCI SIG pro...

CSA Congress Recap Roundup
Published: 10/01/2014

Last week the CSA Congress and IAPP Privacy Academy in San Jose, California. It was the Cloud Security Alliance's first time to partner with IAPP for their respective events. It was a successful event where cloud security and privacy professionals were able to rub elbows and learn best practices ...

The Shared Burden of Cloud Data Security & Compliance
Published: 10/01/2014

By Gerry Grealish, Chief Marketing Officer, PerspecsysData security remains a top concern for enterprises deploying popular cloud applications. While most will instinctively think of cloud data security and compliance as being handled only by IT departments, many enterprises are realizing that al...

Why Dyre Is Different and What It Means for Enterprises
Published: 09/30/2014

By Bob West, Chief Trust Officer, CipherCloudThe Dyre Trojan, which salesforce.com warned its customers about earlier this month, shows that cyber criminals have found a brand new way to target cloud applications.It is the first known malware tool to deliberately target an enterprise cloud provid...

SSL Vulnerabilities in Your Mobile Apps: What Could Possibly Go Wrong?
Published: 09/29/2014

By Patriz Regalado, Product Marketing Manager, VenafiThe majority of people and consumers don’t usually think about security and data privacy when they log into their mobile banking app, take a photo of the check, and make a mobile deposit directly into their account. Nor do they think about secu...

Enabling Secure Collaboration and Compliance by Mitigating Increasing Information Risks (Part 2 of 2)
Published: 09/25/2014

By Robert F. Brammer, Ph.D., Chief Strategy Officer at Brainloop, Inc.In my previous post, I addressed three major trends that play an immense role in cybersecurity initiatives. These trends include the growth of digital business, information risks, and regulatory requirements. In this post, I’ll...

Worse than Heartbleed?
Published: 09/24/2014

Jim Reavis, Cloud Security AllianceToday at 10am EST a vulnerability in the command shell Bash was announced (http://seclists.org/oss-sec/2014/q3/649 and http://seclists.org/oss-sec/2014/q3/650). Bash is a local shell, it doesn't handle data supplied from remote users, so no big deal right? Wrong...

Enabling Secure Collaboration and Compliance by Mitigating Increasing Information Risks (Part 1 of 2)
Published: 09/24/2014

By Robert F. Brammer, Ph.D., Chief Strategy Officer at Brainloop, Inc.The growth of digital business, information risks, and regulatory requirements are major global business trends that have an immense impact on cybersecurity. These trends are prevalent throughout a broad range of industries – i...

New CSA Survey Reveals Emerging International Data Privacy Challenges; Discrepancies Illustrate the Demand for Data Protection Harmonization
Published: 09/23/2014

By Evelyn de Souza,Data Privacy and Compliance Leader, Cisco SystemsAccording to a new survey from Cloud Security Alliance sponsored by Cisco, there is a growing and strong interest in harmonizing privacy laws towards a universal set of principles. Findings include overwhelming support for a glob...

The Cloud Perception-Reality Gap Lives On in CSA Survey
Published: 09/22/2014

by Krishna Narayanaswamy, Netskope Chief ScientistI thought we had moved beyond the cloud app perception-reality gap.Shadow IT has been a topic of much conversation in the media, at conferences, and among our customer and partner communities for the past several years. Gartner highlighted the iss...

Call for Volunteers: Critical Areas of Focus in Cloud Computing/Guidance v4
Published: 09/19/2014

By J.R. Santos, CSA Global Research DirectorToday at our annual CSA Congress in San Jose, we are announcing a formal recruitment effort for volunteers to help develop the next Critical Areas of Focus in Cloud Computing Guidance, version 4.This is among the most important guidance documents the CS...

CSA Hackathon On! Launches Today at CSA Congress 2014
Published: 09/18/2014

Today at 9 am PT, we officially kicked off our second Hackathon, where we are inviting the most determined of hackers to break CSA’s Software Defined Perimeter.As background, the Software Defined Perimeter (SDP) is a new security concept being standardized by the Cloud Security Alliance (CSA). SD...

Financial Survey Now Open: How Cloud Is Being Used in Financial Sector
Published: 09/18/2014

By J.R. Santos, Global Research Director Today at CSA Congress 2014 here in San Jose, we are announcing the opening of an important survey we hope that you will take part in. The ‘How Cloud is Being Used in the Financial Sector’ survey aims to accelerate the adoption of secure cloud services in ...

Data Breaches and the Multiplier Effect of Cloud Services
Published: 09/17/2014

By Eduard Meelhuysen, Managing Director, EMEA, NetskopeWe have had a number of conversations lately with our customers and partners about cloud security, with a particular focus on data protection in light of a growing number of data breaches. Against a backdrop of the iCloud hack and data breach...

Call for Volunteers:  Antibot Working Group Seeks Experts to Help Develop Botnet Essential Practices Guide for Cloud Providers
Published: 09/17/2014

By J.R. Santos, Global Research DirectorToday at the CSA Congress 2014, we have announced a call for volunteers to help create the first CSA Botnet Essential Practices Guide for Cloud Providers. Botnets have long been a favored attack mechanism of malicious actors, with server-based bot activity ...

Learning to Love Your Security Audit
Published: 09/16/2014

By Mike Pav, VP of Engineering, SpanningMost folks treat a security or compliance audit like a visit from the storm troopers: a big uncomfortable disruption to your daily life (if a visit from the Empire can indeed be considered “uncomfortable”). But it does not need to feel that way.At Spanning,...

Gartner Predicts Rise of the Digital Risk Officer
Published: 09/15/2014

By Michael Piramoon, Director of Analyst Relations, AccellionThe number of devices connected to enterprise networks is skyrocketing. One reason is mobile computing. Mobile workers in the US now carry on average 3 mobile devices, according to a recent survey by Sophos. Fifteen years ago, each of t...

Browse by Topic
Write for the CSA blog
Submit your blog proposal