Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Seeing Through the Clouds
Published: 11/20/2013

By TK Keanini, CTO, LancopeThe economics of cyber-attacks have changed over the years. Fifteen years ago, it was all about network penetration, but today advanced attackers are more concerned about being detected. Similarly, good bank robbers are concerned about breaking into the bank, but great ...

Cloud Collaboration: Maintaining Zero Knowledge across International Boundaries
Published: 11/20/2013

The increasingly global nature of business requires companies to collaborate more and more across borders, exchanging all manner of documents: contracts, engineering documents and other intellectual property, customer lists, marketing programs and materials, and so on. Unfortunately, the combinat...

Protecting Your Company from Backdoor Attacks – What You Need to Know
Published: 11/20/2013

November 14th, 2013By Sekhar Sarukkai “We often get in quicker by the back door than the front” — Napoleon Bonaparte A rare example of a backdoor planted in a core industry security standard has recently come to light. It is now widely believed that the NSA compromised trust in NIST’s encr...

Thoughts and key takeaway: Cloud Security Alliance CEE summit
Published: 11/18/2013

The Cloud Security Alliance Central Eastern Europe Summit gave a good opportunity to learn about the Cloud Computing market in areas of Europe that are less reviewed. The congress, held in the center of the old city of Ljubljana, provided interesting mixture of Information Security professionals ...

What should cloud enabled data security protections look like in the future?
Published: 11/18/2013

While listening to one of my favorite podcasts about two months ago, I heard a quote from a man named William Gibson that really resonated with me. He said, "The future is here already, it's just not evenly distributed". As I was driving along continuing to listen, it really started the synapses ...

A New Business Case for “Why IT Matters” in the Cloud Era
Published: 10/30/2013

October 23rd, 2013Author: Kamal Shah @kdshah Knowledge workers know that cloud services make our work lives easier, drive business agility and increase productivity. For instance, when colleagues need to share a file that’s too large to attach to an email message, they simply toss it into a c...

SSH – Does Your “Cloud Neighbor” Have an Open Backdoor to Your Cloud App?
Published: 10/30/2013

October 22, 2013By Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiSecure Shell (SSH) is the de facto protocol used by millions to authenticate to workloads running in the cloud and transfer data securely. Even more SSH sessions are established automatically between syst...

Patching the Perpetual MD5 Vulnerability
Published: 10/18/2013

October 17, 2013By Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiEarlier this month, Microsoft updated the security advisory that deprecates the use of MD5 hash algorithms for certificates issued by certification authorities (CA) in the Microsoft root certificate progr...

Safeguarding Cloud Computing One Step at a Time
Published: 10/17/2013

by Manoj Tripathi, PROSThere’ve been a lot of conversations around the concept of “the cloud.” Cloud storage and cloud computing continue to emerge as significant technology and business enablers for organizations. In many cases, cloud computing is a preferred option – it’s fast to set up and aff...

Gone in 60 Months or Less
Published: 10/10/2013

by Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiFor years, cybercriminals have been taking advantage of the blind trust organizations and users place in cryptographic keys and digital certificates. Only now are vendors starting to respond to the use of keys and certif...

The Power of “Yes”
Published: 10/03/2013

by Sanjay Beri, CEO of NetskopeShadow IT is a big deal. The problem is clear: People want their apps so they can go fast. IT needs to attest that the company’s systems and data are secure and compliant.Everybody seems to have a Shadow IT solution these days. The problem is they’re all focused on ...

Watering Hole Attacks: Protecting Yourself from the Latest Craze in Cyber Attacks
Published: 09/23/2013

Author: Harold Byun, Skyhigh NetworksCyber criminals are clever and know how to evolve – you’ve got to give them that. They’ve proven this once again with their latest cyber attack strategy, the Watering Hole Attack, which leverages cloud services to help gain access to even the most secure and s...

The Consumerization of IT, BYOC, and the (New) Role of IT
Published: 09/11/2013

9 September 2013Author: Brandon CookIt has been a decade since Nicolas Carr published his controversial essay “IT Doesn’t Matter” in the Harvard Business Review. Back then, he claimed that companies weren’t really getting a competitive advantage from the technology advances – the bits and bytes –...

Beyond Encryption: The 5 Pillars of Cloud Data Security
Published: 09/03/2013

Author: Kamal Shah, Skyhigh NetworksGiven the recent influx of cyber-security attacks and the hubbub about the National Security Agency’s PRISM program, there is lot of talk about the importance of encryption to protect corporate data in the cloud. (PRISM is a clandestine data mining operation au...

Windows Azure Leads Way with SOC 2 + CSA CCM Attestation
Published: 08/22/2013

by John Howie, COO, Cloud Security AllianceThis week Microsoft announced that Windows Azure had completed an assessment against the Cloud Security Alliance Level 2 Cloud Control Matrix as part of its Service Organization Control (SOC) 2 Type II audit conducted by Deloitte. This combined approach ...

Just What the Doctor Ordered: A Prescription for Cloud Data Security for Healthcare Service Providers
Published: 08/14/2013

by Kamal Shah, VP, Products and Marketing at Skyhigh NetworksCloud services are here to stay, and practically everybody is embracing them. In fact, the cloud computing industry is growing at the torrid pace of nearly 30% per year right now, according to Pike Research.Certainly healthcare service ...

You can Benefit from the Cloud: Choose based on Class of Service
Published: 07/10/2013

In my last blog, I had promised a deeper dive into Choosing a Cloud provider based on Class of Service.It is a very timely topic. In one of very many recent articles on cloud security, Avoiding cloud security pitfalls Telstra enterprise and infrastructure services IT director Lalitha Biddulph adv...

IT Opportunities Surrounding Shadow IT
Published: 06/27/2013

By Kamal Shah Skyhigh Networks VP of Products and Marketing   The magnitude of Shadow IT is significant and growing.Gartner has predicted that a full 35 percent of IT spending will take place outside of IT by 2015 – just 18 months away. By the end of the decade, that figure will hit 90 percent...

Why the Cloud Cannot be treated as a One-size-fits-all when it comes to Security
Published: 06/24/2013

Despite the fact that cloud providers have long since differentiated themselves on very distinct offerings based on cloud platform type, I often see the cloud written about as though it is a single, uniformservice. And, the problem with that is while there are commonalities, it is downright misle...

Leveraging Intel from Hackers to Mitigate Risks
Published: 06/14/2013

Authored by Robert Hansen“Know your enemy and know yourself and you can fight a hundred battles without disaster.” – Sun TzuA few weeks ago, I interviewed “Adam” a self-described ‘blackhat’ hacker about why he started hacking, what motivates him and others in the underground community and why he ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.