Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
CipherCloud Risk Lab Details Logjam TLS Vulnerability and Other Diffie-Hellman Weakness
Published: 06/01/2015

CipherCloud Lab notifies customers that 1006 cloud applications are vulnerable to logjam and other DH weaknesses, 181 cloud applications move from a low/medium risk score to high risk category, 946 cloud applications risk scores increase.By David Berman, Director of Cloud Visibility and Security ...

CSA Establishes Quantum-Safe Security Working Group and Releases What is Quantum-Safe Security Position Paper
Published: 05/28/2015

By Frank Guanco, Research Analyst, CSAConsider this scenario: A CIO at a Fortune 500 company receives a call from a reporter asking how the company is responding to the announcement of the new commercially available quantum computer that can “break” RSA and Elliptic Curve Cryptography (ECC). This...

Governance, Risk, Compliance and Cloud: A Fresh Look at Benefits, Value Proposition
Published: 05/22/2015

By Nanda Ramanujam, Director of GRC Solutions/PS-North America, MetricStreamToday’s world is undergoing phenomenal and unprecedented change. From political chaos and economic volatility, to great strides in the fields of science and technology, to an increasingly savvy and global workforce. All o...

LogJam Exposed: 575 Cloud Services Potentially Vulnerable to Man-in-the-Middle Attacks
Published: 05/21/2015

By Sekhar Sarukkai, VP of Engineering, Skyhigh NetworksLogJam, the latest in a spate of web vulnerabilities, was exposed on Tuesday evening by a team including Mathew Green, assistant research professor at Johns Hopkins University, experts from University of Michigan and the University of Pennsyl...

Lifehack: 4 Things to Stop Doing When It Comes to O365 Security
Published: 05/20/2015

By Chris Hines, Product Marketing Manager, BitglassI’m sure you have read a million blogs about what you should be doing when it comes to achieving security for cloud applications like Office 365. I know because admittedly I have written some of them myself. But an idea came to me yesterday as I ...

Balancing IT Risk and Opportunity
Published: 05/13/2015

By David Williamson, CISSP, CGEIT, CRISC, Vice President - Professional Services, MetricStreamFor business managers, moving portions of our company’s most valued information assets into the public cloud, while compelling economically, raises a thicket of difficult risk and compliance questions. ...

HIPAA-Compliant BYOD After the Honeymoon
Published: 05/11/2015

By Nat Kausik, CEO, BitglassWe met with the head of compliance of a large state healthcare organization last week. They were struggling with achieving HIPAA compliant mobility and shared their experiences and insights with us.To start, mobile technologies are changing so rapidly that any attempt ...

The Top 10 Cloud Services in Government That Don’t Encrypt Data at Rest
Published: 05/07/2015

By Cameron Coles, Sr. Product Marketing Manager, Skyhigh NetworksSensitive data in the cloud is more widespread than you may think. Analyzing cloud usage for 15 million users, Skyhigh found that 22% of documents uploaded to file sharing services contained sensitive data such as personally identif...

3 Things Startups Need to Know to Move to the Cloud
Published: 05/05/2015

By Shellye Archambeau, CEO, MetricStreamDespite concerns around data security, businesses are optimistic about the cloud. In fact, software-as-a-service adoption has more than quintupled from 13 percent in 2011 to 72 percent in 2014, according to a cloud computing survey conducted by North Bridge...

CSA to Hold Inaugural Federal Summit on May 5th in Washington DC
Published: 05/04/2015

The CSA is excited to announce that it will be holding its inaugural Federal Summit 2015 on May 5th in Washington DC. The Cloud Security Alliance Federal Summit is a free for government event, comprised of information security professionals from civilian and defense agencies to share experiences ...

CLOUD SECURITY: HOW CAN GRC HELP?
Published: 05/01/2015

By Vibhav Agarwal, Senior Manager of Product Marketing, MetricStreamAn integrated GRC approach to cloud acceptance, adoption and scale includes the risk perspective from the beginning. Harnessing the power of cloud security with a GRC framework can promote and improve information security practic...

White-Hat Malware
Published: 04/29/2015

By Chris Hines, Product Marketing Manager, Bitglass As many of you know, we recently released the results of the first ever data tracking experiment in the Dark Web. In the “Where’s Your Data?“ experiment, we used our patent-pending watermarking technology to embed invisible trackers withi...

Banking on the Cloud: How to Enable File Sharing in Financial Services
Published: 04/27/2015

By Chau Mai, Sr. Product Marketing Manager, Skyhigh NetworksAccording to Gartner, CISOs face a “double-edged sword” as they are tasked with combating the growth of shadow IT while enabling secure access to approved cloud services. Cloud file sharing and collaboration services can be an area of ri...

Compromised Accounts and Cloud Activity
Published: 04/23/2015

By Krishna Narayanaswamy, Founder and Chief Scientist, NetskopeLast week, we released our Netskope Cloud Report for this quarter – global as well as Europe, Middle East and Africa versions.This report builds on our January Netskope Cloud Report in which we highlighted research on compromised user...

The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Other Via the Cloud
Published: 04/21/2015

By Kamal Shah, VP, Products and Marketing at Skyhigh NetworksThe cloud is having a measurable impact on business – IT departments are migrating to cloud services in order to take advantage of faster time-to-market, reduced operational costs, and reduced IT spending and maintenance costs. In addit...

The Cloud Guide to RSA
Published: 04/10/2015

By Sam Bleiberg, Communications Associate, SkyHigh NetworksSan Francisco hosts more than its share of conferences and festivals, and residents know the best way to maximize your time at events is to go in with a plan. With that in mind, we created a Skyhigh guide to RSA. Planning your agenda from...

The Bitglass "Where's Your Data?" Experiment
Published: 04/07/2015

By Chris Hines, Product Marketing Manager, Bitglass783. That's the total number of reported breaches involving stolen data that occured in 2014 alone.When the story first broke about the Morgan Stanley breach, where an ex-employee stole corporate data and pasted it on a file-sharing site called P...

Top 3 Reasons Enterprises Hesitate to Adopt the Cloud
Published: 04/02/2015

By Stephanie Bailey, Senior Director/Product Marketing, PerspecsysDespite the clear benefits of the cloud, many enterprises still hesitate to fully adopt or capitalize on all the advantages. There are a few key reasons for hesitation, including the prevalence of data breaches and hacks in recent ...

Cloud Computing – It’s a Question of Trust
Published: 03/27/2015

By Raj Samani, Vice President and CTO, McAfee EMEACan we really trust cloud computing? Or perhaps more importantly do you trust the cloud? And does the perceived lack of transparency, combined with recent negative headlines, impact future investments in cloud computing?In conjunction with the Clo...

Securing the Intersection of Sanctioned and Unsanctioned Apps in Cloud Ecosystems
Published: 03/23/2015

If you are in charge of deploying a cloud app or suite like Box, Office 365, or Google Apps in your environment, you need to read this:by Krishna Narayanaswamy, Chief Scientist, NetskopeWe just completed a piece of research here at Netskope on cloud app ecosystems. In it, we highlight an importan...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.