Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
What should cloud enabled data security protections look like in the future?
Published: 11/18/2013

While listening to one of my favorite podcasts about two months ago, I heard a quote from a man named William Gibson that really resonated with me. He said, "The future is here already, it's just not evenly distributed". As I was driving along continuing to listen, it really started the synapses ...

A New Business Case for “Why IT Matters” in the Cloud Era
Published: 10/30/2013

October 23rd, 2013Author: Kamal Shah @kdshah Knowledge workers know that cloud services make our work lives easier, drive business agility and increase productivity. For instance, when colleagues need to share a file that’s too large to attach to an email message, they simply toss it into a c...

SSH – Does Your “Cloud Neighbor” Have an Open Backdoor to Your Cloud App?
Published: 10/30/2013

October 22, 2013By Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiSecure Shell (SSH) is the de facto protocol used by millions to authenticate to workloads running in the cloud and transfer data securely. Even more SSH sessions are established automatically between syst...

Patching the Perpetual MD5 Vulnerability
Published: 10/18/2013

October 17, 2013By Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiEarlier this month, Microsoft updated the security advisory that deprecates the use of MD5 hash algorithms for certificates issued by certification authorities (CA) in the Microsoft root certificate progr...

Safeguarding Cloud Computing One Step at a Time
Published: 10/17/2013

by Manoj Tripathi, PROSThere’ve been a lot of conversations around the concept of “the cloud.” Cloud storage and cloud computing continue to emerge as significant technology and business enablers for organizations. In many cases, cloud computing is a preferred option – it’s fast to set up and aff...

Gone in 60 Months or Less
Published: 10/10/2013

by Gavin Hill, Director, Product Marketing & Threat Research Center at VenafiFor years, cybercriminals have been taking advantage of the blind trust organizations and users place in cryptographic keys and digital certificates. Only now are vendors starting to respond to the use of keys and certif...

The Power of “Yes”
Published: 10/03/2013

by Sanjay Beri, CEO of NetskopeShadow IT is a big deal. The problem is clear: People want their apps so they can go fast. IT needs to attest that the company’s systems and data are secure and compliant.Everybody seems to have a Shadow IT solution these days. The problem is they’re all focused on ...

Watering Hole Attacks: Protecting Yourself from the Latest Craze in Cyber Attacks
Published: 09/23/2013

Author: Harold Byun, Skyhigh NetworksCyber criminals are clever and know how to evolve – you’ve got to give them that. They’ve proven this once again with their latest cyber attack strategy, the Watering Hole Attack, which leverages cloud services to help gain access to even the most secure and s...

The Consumerization of IT, BYOC, and the (New) Role of IT
Published: 09/11/2013

9 September 2013Author: Brandon CookIt has been a decade since Nicolas Carr published his controversial essay “IT Doesn’t Matter” in the Harvard Business Review. Back then, he claimed that companies weren’t really getting a competitive advantage from the technology advances – the bits and bytes –...

Beyond Encryption: The 5 Pillars of Cloud Data Security
Published: 09/03/2013

Author: Kamal Shah, Skyhigh NetworksGiven the recent influx of cyber-security attacks and the hubbub about the National Security Agency’s PRISM program, there is lot of talk about the importance of encryption to protect corporate data in the cloud. (PRISM is a clandestine data mining operation au...

Windows Azure Leads Way with SOC 2 + CSA CCM Attestation
Published: 08/22/2013

by John Howie, COO, Cloud Security AllianceThis week Microsoft announced that Windows Azure had completed an assessment against the Cloud Security Alliance Level 2 Cloud Control Matrix as part of its Service Organization Control (SOC) 2 Type II audit conducted by Deloitte. This combined approach ...

Just What the Doctor Ordered: A Prescription for Cloud Data Security for Healthcare Service Providers
Published: 08/14/2013

by Kamal Shah, VP, Products and Marketing at Skyhigh NetworksCloud services are here to stay, and practically everybody is embracing them. In fact, the cloud computing industry is growing at the torrid pace of nearly 30% per year right now, according to Pike Research.Certainly healthcare service ...

You can Benefit from the Cloud: Choose based on Class of Service
Published: 07/10/2013

In my last blog, I had promised a deeper dive into Choosing a Cloud provider based on Class of Service.It is a very timely topic. In one of very many recent articles on cloud security, Avoiding cloud security pitfalls Telstra enterprise and infrastructure services IT director Lalitha Biddulph adv...

IT Opportunities Surrounding Shadow IT
Published: 06/27/2013

By Kamal Shah Skyhigh Networks VP of Products and Marketing   The magnitude of Shadow IT is significant and growing.Gartner has predicted that a full 35 percent of IT spending will take place outside of IT by 2015 – just 18 months away. By the end of the decade, that figure will hit 90 percent...

Why the Cloud Cannot be treated as a One-size-fits-all when it comes to Security
Published: 06/24/2013

Despite the fact that cloud providers have long since differentiated themselves on very distinct offerings based on cloud platform type, I often see the cloud written about as though it is a single, uniformservice. And, the problem with that is while there are commonalities, it is downright misle...

Leveraging Intel from Hackers to Mitigate Risks
Published: 06/14/2013

Authored by Robert Hansen“Know your enemy and know yourself and you can fight a hundred battles without disaster.” – Sun TzuA few weeks ago, I interviewed “Adam” a self-described ‘blackhat’ hacker about why he started hacking, what motivates him and others in the underground community and why he ...

Cloud Trust Study: Security, Privacy and Reliability in the cloud get high marks with U.S. small to mid-sized businesses
Published: 06/11/2013

Comscore and Microsoft recently commissioned a study to get a pulse on what small to mid-sized businesses (SMB) think about the cloud in terms of security, privacy and reliability.The results tell us that there’s a gap between the perceptions of those not using the cloud, with the real experience...

A Hybrid Approach for Migrating IAM to the Cloud
Published: 06/10/2013

Merritt MaximDirector-Product MarketingCA TechnologiesWe continue to hear about how cloud, mobility and the consumerization of IT has the potential to transform business. However, the ongoing hype around these trends may lead some to believe that these trends require an “all or none” approach. ...

Don’t let a disaster leave your data out in the cold
Published: 06/10/2013

By Andrew Wild, CSO at QualysWhen we see images from natural disasters like Hurricane Sandy of flooded neighborhoods, downed power lines and destroyed homes the first concern, of course, is for the safety of the people. But as a chief security officer I also think about how disasters affect compa...

New York State launches investigation of top insurance companies’ cybersecurity practices. Who’s next?
Published: 06/05/2013

The following blog excerpt on “New York State launches investigation of top insurance companies’ cybersecurity practices. Who’s next?” was written by the external legal counsel of the CSA, Ms. Francoise Gilbert of the IT Law Group. We repost it here with her permission. It can be viewed in its or...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.