Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
BYOD Stalled? Three Tips to Get It Going
Published: 04/19/2016

By Susan Richardson, Manager/Content Strategy, Code42Despite some surveys that say Bring Your own Device (BYOD) is growing, the CyberEdge Group’s recently released 2016 Cyberthreat Defense Report found that enterprise BYOD programs have stalled. Only one-third of respondents this year had impleme...

Panama Papers Expose Data Security Deficiencies in Law Firms
Published: 04/12/2016

By Rick Orloff, Chief Security Officer, Code42The unprecedented leak of 11.5 million files from the database of the world’s fourth biggest offshore law firm is riveting. As details continue to emerge about the Panama Papers leak, the money laundering and secretive tax regimes and high-profile cli...

CSA Releases New White Paper on Current Cloud Certification Challenges Ahead and Proposed Solutions
Published: 04/11/2016

By Daniele Catteddu, Chief Technology Officer, Cloud Security AllianceToday, the Cloud Security Alliance has released the CSA STAR Program & Open Certification Framework in 2016 and Beyond, an important new whitepaper that has been created to provide the security community with a description of s...

How CASB Is Different from Web Proxy / Firewall
Published: 04/08/2016

By Cameron Coles, Sr. Product Marketing Manager, Skyhigh Networks A common question that arises as IT teams begin to look at cloud access security broker (CASB) products goes something like, “we already have a web proxy and/or firewall, how is this different?” or “does CASB replace my web proxy /...

How to Get C-suite Support for Insider Threat Prevention
Published: 04/06/2016

By Susan Richardson, Manager/Content Strategy, Code42If you’re not getting support and adequate funding from the C-suite to address insider threats, a recent report highlights a powerful persuasive tool you may have overlooked: money—as in fines (cha-ching), lawsuits (cha-ching) and credit monito...

Don’t Let Your Cloud Security Strategy Get Railroaded by Old Thinking
Published: 04/04/2016

By Player Pate, Senior Manager/Product Marketing, Cisco Security Business GroupThe standard gauge used for railroads (that is the distance between the rails) in the U.S. is four feet, eight and a half inches, which is an odd number however you look at it. The history behind it is even stranger an...

Four Security Solutions Not Stopping Third-Party Data Breaches
Published: 03/31/2016

By Philip Marshall, Director of Product Marketing, CryptzoneA new breed of cyberattack is on the rise. Although it was practically unheard of a few years ago, the third-party data breach is rapidly becoming one of the most infamous IT security trends of modern times: Target, Home Depot, Goodwill,...

Kicking Tires on World Backup Day: A Five-Point Inspection for Endpoint Backup
Published: 03/29/2016

By Rachel Holdgrafer, Business Content Strategist, Code42Living with the constant threat of data breach or loss, large organizations have comprehensive remediation plans designed to guarantee speedy data recovery and business continuity. March 31, 2016 is World Backup Day—the perfect time to eval...

Top 3 Malware Bogeymen Keeping CISOs Up at Night
Published: 03/22/2016

By Susan Richardson, Manager/Content Strategy, Code42What keeps CISOs up at night? Of all the cyberthreats, malware sends chills down a CISO’s spine, according to The CyberEdge Group’s recently released 2016 Cyberthreat Defense Report. Malware bogeymen come in many shapes and sizes. Here are thre...

CIO, CISO and IT Practitioners Worry They Will Face a Datastrophe!
Published: 03/18/2016

By Rick Orloff, Chief Security Officer, Code42We are not lacking choices: whether it’s in the information we consume, the things we can buy or the ability to express ourselves through multimedia channels. It’s therefore no surprise that our most valuable asset, human capital, is finding ways to w...

EU Safe Harbor and Privacy Shield: Timelines, Deadlines and Red Lines
Published: 03/16/2016

What has happened since safe harbor was declared invalid and what’s next? By Nigel Hawthorne, EMEA Marketing Director, Skyhigh Networks As a quick reminder, Safe Harbor was the primary legal mechanism that allowed US-based companies and cloud providers to transfer data on European individuals t...

CSA Summit San Francisco 2016 Recap
Published: 03/11/2016

By Frank Guanco, Research Project Manager, CSA Global At the end of February, the Cloud Security Alliance (CSA) concluded its CSA Summit San Francisco 2016 with a full slate of presentations, releases, and announcements. CSA Summit kicked off the week with a full day of speakers and panels...

Between SSL-cylla and Charib-TLS
Published: 03/11/2016

By Jacob Ansari, Manager, Schellman & Company, Inc.Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not simple. Despite the fact that well-established protocols, namely Secure Sockets Layer (SSL) and Transport Layer Security (TLS)...

15 Data Security Policies Ignored by Modern Workers
Published: 03/09/2016

By Rachel Holdgrafer, Business Content Strategist, Code42IT isn’t the only department stretched thin. In the past 20 years the economy has grown nearly 60 percent. Corporate profits have increased 20 percent. And wages have stagnated for most Americans. The workday goes from 9 to 7 and the U.S. i...

Security Versus Privacy in Today’s Enterprise
Published: 03/03/2016

By Rachel Holdgrafer, Business Content Strategist, Code42Whether enterprise security or personal data privacy should prevail in the enterprise is the debate of the century. With internal actors responsible for 43 percent of enterprise data loss and 62 percent of respondents to the2016 Cyber Defen...

The Software-Defined Perimeter and IaaS: A New Initiative
Published: 03/02/2016

By Kurt Glazemakers, CTO, CryptzoneAs enterprises embrace infrastructure as a service (IaaS) platforms, shifting new development and production into these environments, they face some challenges due to the dynamic nature of IaaS. Security, compliance and business & IT efficiency – specifically ar...

SecaaS Working Group Releases Preview of Security as a Service Functional Domain Definitions – Including Continuous Monitoring
Published: 02/29/2016

By John Yeoh, Senior Research Analyst, Global, Cloud Security AllianceNumerous security vendors are now leveraging cloud-based Security as a Service (SecaaS) models to deliver security solutions. This shift has occurred for a variety of reasons including greater economies of scale and streamlined...

CSA’S Virtualization Working Group Publishes New Position Paper on Network Function Virtualization
Published: 02/29/2016

With the broad adoption of virtualized infrastructure, many security teams are now struggling with how to best secure these vital assets from targeted attacks. And because almost anyone can now easily virtualize resources such as compute, storage, networking and applications, the velocity and imp...

CSA’s Consensus Assessments Initiative Releases Minor Update to Version 3.0.1
Published: 02/29/2016

CSA’s Consensus Assessments Initiative Working Group has released an update to version 3.0.1 of the Consensus Assessments Initiative Questionnaire (CAIQ) that included minor updates and corrections.A tab was created in the spreadsheet titled “CAIQ Change Log” to capture the details of each update...

Cloud Data Security Services Just Got Easier to Build and Assess
Published: 02/26/2016

By Alan Eng, Senior Manager/Product Marketing, VormetricIt is well documented that security is the leading concern hindering cloud adoption. However, it is not so clear cut how to build secure cloud services, or how to assess whether cloud services adhere to relevant security requirements. The Cl...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.