Industry Insights
Read the latest cloud security news, trends, and thought leadership from subject matter experts.
Types of Sensitive Data: What Cloud Security Teams Should Know
Originally published by Sentra here. Not all data is created equal. If there’s a breach of your public cloud, but all the hackers access is company photos from your last happy hour… well, no one really cares. It’s not making headlines. On the other hand if they leak a file which contains the paym...
Reversing the Digital Trust Deficit
Originally published by KPMG here. Written by Akhilesh Tuteja, Global Cyber Security Practice Leader, KPMG in India. Our seemingly endless reliance on the power of digital technology continues to transform everything from commerce, work and lifestyle to transportation, education, healthcare and b...
Treading Sensibly - Not Blindly - Into the Metaverse
Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. The metaverse is here. Organizations have the opportunity to leverage the metaverse to engage with customers and to experiment sooner, rather than later, to create a competitiv...
Cyber Resilience – Lessons From Ukraine
Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. Alongside the tragic war in Ukraine, cyber-attacks have played their part, too. This complex and increasingly uncertain situation in cyberspace is driving many countries and or...
CSA and the Cyber Risk Institute: CCM Addendum for the Financial Sector
The CSA Cloud Controls Matrix (CCM) is 11 years old. Almost a teenager! Over time it has evolved and matured and has been a fundamental piece of the cloud journey for several thousands of organizations worldwide. Virtually any organization willing to implement cloud computing in a secure way ha...
Detecting When Ransomware Moves Into Your Cloud
This blog was originally published on Vectra.ai With around 65,000 ransomware attacks expected this year in the US alone according to Yahoo! Finance, let’s just go out on limb here and say that folks are having a rough go at stopping these menacing occurrences. It doesn’t seem to matter which ...
PCI Compliance Checklist: Ensure Compliance
Originally published on TokenEx's blog. You’ve heard about all of the breaches. You know no defense is impenetrable. And you’re likely aware of the risk that comes with storing payment card information.Still, you need to process cardholder data to run your business—that much is unavoidable. So, h...
How to Secure Your CDE and Achieve PCI DSS Compliance
Written by TokenExSuccessfully securing cardholder data should be top of mind as businesses try to keep up with the rise of data regulations and the resulting increased focus on consumer privacy. The process of securing a cardholder data environment (CDE) and ensuring it is compliant with the Pay...
What is 3-D Secure Authentication, and Why Do I Need It?
Written by Dillon Phillips at TokenExThanks to the increasing popularity of ecommerce platforms, many card transactions that previously would have occurred in person can now be made online. The resulting rise in card-not-present (CNP) payments offers greater convenience for those initiating the t...
NACHA Updates | Supplementing Data Security Requirements
Written by TokenExIn late 2019, NACHA supplemented its existing Security Framework for the ACH Network with a new rule applying to all merchants, billers, businesses, governments, and third parties that send 2 million or more ACH payments per year. The rule was expected to roll out in two phases,...
How Does PCI DSS Protect Cardholder Data?
By Branden Marrow from TokenEx The Payment Card Industry Data Security Standard (PCI DSS) is a payment industry security regulation developed, maintained, and enforced by the Payment Card Industry Security Standards Council (PCI SSC) to protect cardholder data (CHD). The council tasks organizati...
Five Actions to Mitigate the Financial Damage of Ransomware
By Eran Farajun, Executive Vice President at Asigra, Inc.Ransomware attacks have become a regular occurrence for organizations today, with events that are increasingly targeted, sophisticated, and costly. According to recent reports by the Federal Bureau of Investigation[1], cybercriminals are ta...
CCM Addendum for Associated Banks of Singapore
Written by: Co-chair - Arun VIVEK, Head of Cloud & Container Security – Cyber Security Services, Standard Chartered BankCSA CCM & Association of Banks in Singapore Cloud Computing Implementation Guide 2.0 Controls This week CSA released a Cloud Controls Matrix (CCM) addendum and Gap Analysis Repo...
Understanding the Complexities of Securing a Remote Workforce
By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however there ...
Signal vs. Noise: Banker Cloud Stories by Craig Balding
A good question to ask any professional in any line of business is: which "industry events" do you attend and why? Over a few decades of attending a wide variety of events - and skipping many more - my primary driver is "signal to noise" ratio. In other words, I look for events attended by peop...
How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?
By Jim de Haas, cloud security expert, ABN AMRO BankThis paper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it easier for orga...
Security Spotlight: Financial Services Facing Cyberattacks
By Will Houcheime, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent months:—Customer information exposed in Bankers Life hack—American Express India leaves customers defenseless—Online HSBC accounts breached—Millions of dollars taken from major Pakistani banks—U...
CCSK Success Stories: From the Financial Sector
By the CSA Education TeamThis is the second part in a blog series on Cloud Security Training. Today we will be interviewing an infosecurity professional working in the financial sector. John C Checco is President Emeritus for the New York Metro InfraGard Members Alliance, as well as an Informatio...
How Can the Financial Industry Innovate Faster?
By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.comHow can the financial industry innovate faster? Why do non-technical people need to have a basic understanding of cloud technology?Imagine this scenario. Davinci is a company providing a SaaS solution to banks to process ...
Banking on the Cloud: How to Enable File Sharing in Financial Services
By Chau Mai, Sr. Product Marketing Manager, Skyhigh NetworksAccording to Gartner, CISOs face a “double-edged sword” as they are tasked with combating the growth of shadow IT while enabling secure access to approved cloud services. Cloud file sharing and collaboration services can be an area of ri...
Browse by Topic
Write for the CSA blog
Submit your blog proposalSign up to receive CSA's latest blogs
This list receives 1-2 emails a month.