Register for CSA’s SECtember conference and trainings today


Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Moving to the Cloud? Take Your Application Security With You
Published: 01/27/2011

By Bill Pennington, Chief Strategy Officer, WhiteHat SecurityCloud computing is becoming a fundamental part of information technology. Nearly every enterprise is evaluating or deploying cloud solutions. Even as business managers turn to the cloud to reduce costs, streamline staff, and increase ef...

Neuroprivilogy: The New Frontier of Cyber Crime
Published: 01/21/2011

By Shlomi Dinoor, vice president, emerging technologies, Cyber-Ark SoftwareIs your Neuroprivilogy vulnerable? The answer is most probably yes, you simply have no clue what Neuroprivilogy is (yet)…The first step of this discussion is defining a fancy term to help educate and describe this new phen...

Will the Cloud Cause the Reemergence of Security Silos?
Published: 01/19/2011

by: Matthew GardinerGenerally in the world silos relate to things that are beneficial, such as silos for grain or corn. However in the world of IT security, silos are very bad. In many forensic investigations application silos turn up as a key culprit that enabled data leakage of one sort or an...

Certifiable in the Cloud
Published: 01/13/2011

Author: Pamela Fusco, VP of Industry Solutions for SolutionaryCloud computing remains as much a mystery to some as it is a part of others’ daily lexicon. I spend a lot of time working with people who have connections to various offices of the U.S. government and I find that regardless of the topi...

Multi-tenancy and bad landlords
Published: 06/13/2010

So there's been a lot of discussion about multi-tenancy recently and what it means for cloud providers and users. To put it simply: multi-tenancy is highly desirable to providers because they can provide a service or a platform (such as WordPress) and cram a kajillion users into it without having...

Backups and security for cloud applications
Published: 06/10/2010

Backups, the thing we all love to hate, and hate to love. Recreating data is rarely cheap, especially if it involves detailed analysis and combination. So we back it up.Take for example this blog, it's based on WordPress; which is about as standard and supported as you can get for a blog. Backing...

Put your chauffeur on the upgrade treadmill
Published: 06/03/2010

I don't know if anyone here remembers the "Billion Dollar Brain" by Len Deighton. One scene that stuck with me is General Midwinter making his minion (a chauffeur or bodyguard, I can't remember which) do his time on the exercise bike for him and asking "how many miles did we bike today?"Wouldn't ...

News roundup for May 28 2010
Published: 05/28/2010

Financial Services Like The Cloud, Provided It's Private - Identity Manager extended to cloud -

Software evaluation 2.0 ?
Published: 05/27/2010

I spend a lot of time evaluating software; for product reviews, to see which versions are vulnerable to various exploits and sometimes just to see if I should be using it. Most often this looks something like: find the software, download it, find the install and configuration documents, walk thro...

Counterfeit gear in the cloud
Published: 05/26/2010

One of the best and worst things about outsourced cloud computing (as opposed to in house efforts) is the ability to spend more time on what is important to you, and leave things like networking infrastructure, hardware support and maintenance and so on to the provider. The thing I remember most ...

Amazon AWS - 11 9's of reliability?
Published: 05/24/2010

Amazon recently added a new redundancy service to their S3 data storage service. Amazon now claims that data stored in the "durable storage" class is 99.999999999% "durable" (not to be confused with availability - more on this later). "If you store 10,000 objects with us, on average we may lose ...

3 Problems Cloud Security Certification Can Solve
Published: 05/17/2010

By Jim ReavisWhat if there were widely accepted standards for cloud security and, better yet, a universally recognized designation for “trusted” cloud providers?The basic promise of cloud computing is undeniably appealing: Increase efficiency and reduce cost by taking advantage of flexibly pooled...

Season’s Greetings from the CSA!
Published: 05/17/2010

By Zenobia Godschalk2009 has been a busy year for the CSA, and 2010 promises to be even more fruitful. The alliance is now 23 corporate members strong, and is affiliated with numerous leading industry groups (such as ISACA, OWASP and the Jericho Forum) to help advance the goal of cloud security. ...

Your Chance to Influence Cloud Security Research!
Published: 05/17/2010

By Zenobia Godschalk The Cloud Security Alliance needs your help! We are conducting a survey to help us better understand users current cloud deployment plans and biggest areas of security and compliance concern. The feedback generated here will assist the CSA in shaping our educational curriculu...

Cloud Security and Privacy book by CSA founding members
Published: 05/17/2010

By Jim Reavis I wanted to let everyone know about the new book release, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. This book was written by three experts, two of whom are CSA founding members. I had the opportunity to read the book prior to its publication and ...

Seemingly basic power problems in state-of-the-art data centers
Published: 05/17/2010

By Wing Ko I came across this "Stress tests rain on Amazon's cloud" article from the itnews for Australian Business about a week ago. A team of researchers in Australia spent 7 months stress tested Amazon's EC2, Google's AppEngine and Microsoft's Azure cloud computing services, and found that the...

CSA Federal Cloud Security Symposium Hosted by MITRE (McLean, VA)
Published: 05/17/2010

By Dov Yoran On August 5th, 2009, Cloud Security Alliance Federal Cloud Security Symposium was hosted by MITRE Corporation. This full day venue provided government personnel with access to leading commercial cloud security experts. Throughout the day perspectives on cloud computing, its benefits ...

Will Silicon Valley Run Out of Data Center Space?
Published: 05/17/2010

By Wing Ko This slashdot posting caught my eyes last night - Judging from the thread, apparently it caught the eyes of quite a few people too.With all the exciting news and press releases during ...

Welcome to the CSA Blog
Published: 05/17/2010

By Jim Reavis Welcome to the Cloud Security Alliance blog. We have initiated this service to allow for more rapid communications between our expert volunteers and the larger community interested in cloud security. We plan to use this venue to comment on the important issues of the day related to ...

Is your Cloud Provider making money?
Published: 05/17/2010

By Jim Reavis At a recent Cloud Security Alliance event, George Reese moderated a panel about Public/Private cloud interoperability and application portability. It was a great discussion, and I hope to be able to publish the proceedings soon.One of the common points that comes up when discussing ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.