Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Upcoming Cloud Security Training in EMEA - sign up today!
Published: 03/14/2013

Securosis has recently updated the CCSK training curriculum to be in alignment with the Cloud Security Alliance Guidance V3.0, and the training class is much improved. Many of the hands-on exercises have been overhauled, and if you are looking to get familiar with cloud security you will want to ...

The Dark Side of Big Data: CSA Opens Peer Review Period for the “Top Ten Big Data and Privacy Challenges” Report
Published: 02/25/2013

Big Data seems to be on the lips of every organization’s CXO these days. By exploiting Big Data, enterprises are able to gain valuable new insights into customer behavior via advanced analytics. However, what often gets lost amidst all the excitement are the very real and many security and privac...

CSA Releases CCM v 3.0
Published: 02/25/2013

The Cloud Security Alliance (CSA) today has released a draft of the latest version of the Cloud Control Matrix, CCM v3.0. This latest revision to the industry standard for cloud computing security controls realigns the CCM control domains to achieve tighter integration with the CSA’s “Security Gu...

CSA Drafts New SOC Position Paper
Published: 02/25/2013

Phil Agcaoili, Founding Member, Cloud Security AllianceDavid Barton, Principal, UHY AdvisorsIn June 2011, the American Institute of Certified Public Accountants (AICPA) eliminated SAS 70 which had been a commonly used reporting standard within the information technology industry for providing thi...

When Good Is Not Good Enough: NIST Raises the Bar for Cloud Data Protection Vendors
Published: 02/21/2013

Earlier this year, the National Institute of Standards and Technology (NIST) released a publication titled Cloud Computing Synopsis & Recommendations (Special Publication 800-146) describing in detail the current cloud computing environment, explaining the economic opportunities and risks associa...

Critical Infrastructure and the Cloud
Published: 02/01/2013

Cloud computing continues to be a hot topic. But so what if people are talking about it, who is actually adopting it? One of the questions I have been asking myself is, ‘Will cloud be adopted for critical infrastructure? And what is the security perspective on this?Naturally a blog to answer that...

Towards a “Permanent Certified Cloud”: Monitoring Compliance in the Cloud with CTP 3.0
Published: 01/29/2013

Cloud services can be monitored for system performance but can they also be monitored for compliance? That’s one of the main questions that the Cloud Trust Protocol aims to address in 2013.Compliance and transparency go hand in hand.The Cloud Trust Protocol (CTP) is designed to allow cloud custom...

Assurance for Tomorrow’s Cloud
Published: 11/27/2012

Cloud computing, and Big Data are natural bedfellows. Add to that mix, Critical infrastructure, and consumers and all of a sudden the need for greater assurance only increases. We will soon witness convergence of these technological advancements on a monumental scale, with previously disconnect...

The Battle of the Titans: What it all means for IT managers caught in the middle
Published: 10/31/2012

Adapt, accept and manage: a BYOD mantra for corporate ITRIM and Apple: two firms with more contrasting current fortunes you could not wish to imagine. The once high-flying Canadian BlackBerry-maker, for so long the darling of IT managers and beloved of time-starved execs the world over, has lost ...

The High Costs of Securing Identities: How to Fix the Problem Using the Cloud
Published: 10/26/2012

Authored by: Dan Dagnall, Chief Technology Strategist at Fischer International Identity Identity Management is well down the path of a mature market space. But I believe there is still one final, fundamental disconnect which is driving up your cost of deploying and maintaining an ide...

Context + Analytics = Good Security
Published: 10/17/2012

Data [dey-tuh] noun: individual facts or statisticsInformation [in-fer-mey-shuhn] noun: knowledge concerning a particular fact or circumstanceWhen does data become consumable information? When we correctly manage security, we integrate security devices into our infrastructure in a manner designed...

Red Hat Joins the Cloud Security Alliance
Published: 10/17/2012

By: Cloud Computing TeamThat user concerns about security and related matters are part and parcel of how and when cloud computing—whether on-premise, in public clouds or a hybrid—gets adopted isn't news. Even if the risks are sometimes more about perception than reality, the fact remains that sur...

Removing Cloud Barriers in Europe
Published: 10/10/2012

No one is immune to the ever-changing technology forecast, but one constant (at least for the near future) appears to be global cloud cover. Cloud computing is arguably the most dominant theme on every enterprise’s IT list, but in Europe, it’s being met with some key challenges. The European Co...

Assessing Your IT Environment and Evaluating Cloud
Published: 10/09/2012

by John Howie, COO, CSAIn many conversations with IT leaders today we discovered a common problem: they need a simple way to understand systems, processes, current policies and procedures and be able to evaluate how the cloud may help them realize lower IT security costs, improve best practice...

Riding the Consumerization Wave
Published: 10/07/2012

Rather than resist it, organizations should embrace Consumerization to unlock its business potential. This requires a strategic approach, flexible policies and appropriate security and management tools.The Consumerization of IT is the single most influential technology trend of this decade. Compa...

The Impact of Computing Power on Cryptography
Published: 09/21/2012

Advanced technology is a beautiful thing. Not only has it enabled the creation of new, more efficient methods of application delivery and data storage (the Cloud is a prime example), but it’s also helped propel the development of more sophisticated solutions for data protection as well (think tok...

Managing consumer technology in the enterprise - Why IT needs to change mindset to better support the business.
Published: 09/19/2012

Talking regularly about the consumerization of IT can often make one sound like a broken record, but the economic, security and management challenges it throws up for enterprises are too important to ignore.The problems boil down to a lack of control, which can be described in two key ways. IT de...

7 Steps to Developing a Cloud Security Plan
Published: 09/10/2012

By David Grimes, Chief Technology Officer, NaviSite In IT, the easiest way to stop a new technology or solution from being implemented is to raise a security red flag. As soon as someone mentions concerns around a new IT solution not being “secure” the project can come to a screeching halt. So as...

Can You Be Sued for Using the Cloud?
Published: 08/29/2012

We all know that adopting the Cloud comes with some risks – security, reliability and scalability have, to-date, been the most popular complaints. But now, we can add a new one to the mix: litigation. Case in point, companies doing business in Australia, known for its strict privacy laws, have be...

Is crypto in the cloud enough?
Published: 08/27/2012, DropBox, iCloud, SkyDrive,Amazon Cloud Drive... the list goes on for convenient cloud storage options. Some have had a security incident; the rest will. All implement some form of protection against accidental exposure with varying degrees of protection. Are these sufficient and, in the ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.