Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
166 Cybersecurity Statistics and Trends
Published: 07/29/2022

Originally published by Varonis here. Written by Rob Sobers, Varonis. Cybersecurity is a day-to-day operation for many businesses. A lack of data protection, side effects of a global pandemic, and an increase in exploit sophistication have led to a huge incline in hacked and breached data fr...

What is CSA STAR Certification and Why it is Important for ISO/IEC 27001 Certified Organizations?
Published: 07/27/2022

This blog was originally published by MSECB here. What is CSA STAR Certification? Building security and data protection into the DNA of an organization’s management system and operations is very important considering the intensive use of cloud computing by all organizations nowadays. CSA STAR...

How the Cloud Security Alliance Addresses Privacy
Published: 07/14/2022

This blog was originally published by Pivot Point Security here. These days cloud service providers (CSPs) don’t just need to prove to customers and other stakeholders that they are secure—they also need to demonstrate that they have a strong privacy program. But how can CSPs make a convincing at...

A Thumbprint Almost Ended our Vacation, or GDPR and the Cloud
Published: 02/24/2022

A version of this blog was originally published by ShardSecure here. By Marc Blackmer, ShardSecure. A few years ago, we surprised our youngest with a trip to Florida. We did the whole pickup-from-school-with-our-luggage-in-the-car bit and drove straight to the airport. And there was much rejoic...

A Data Privacy Day Call to Arms: The Shared Responsibility to Protect Customer Data
Published: 02/22/2022

This blog was originally published by JupiterOne here.Written by Melissa Pereira, JupiterOne. Today, millions of people worldwide are becoming aware of how their personal data is collected, shared, and monetized in our modern digital economy. Studies show that Americans are becoming increasingly ...

Step up Your GDPR Compliance Program
Published: 01/12/2022

This blog was originally published by CAS Assurance here. Overview The General Data Protection Regulation (GDPR) lays down rules relating to the protection of natural persons regarding the processing of personal data and rules relating to the free movement of personal data. The GDPR protects fund...

Understanding Compliance
Published: 09/28/2021

This blog was originally published by CyberCrypt here.Tip: Don’t treat compliance merely as a checklist. Use the process as an audit of your security controls. Put security first: Build security around your threat model and then confirm that you are compliant.As regulators demand stricter securit...

Final Versions of Standard Contractual Clauses Adopted!
Published: 06/07/2021

Three years after the General Data Protection Regulation (GDPR) came into effect, the European Commission has issued the much-awaited final version of two new sets of Standard Contractual Clauses that are expected to enable data controllers and processors to address some of the thorny issues in t...

Data Privacy vs. Data Security: What is the Core Difference?
Published: 10/20/2020

This blog was originally published on TokenEx.Written by Dillon Phillips from TokenExFor organizations that collect or manage data—and individuals who own it—private data and the security of that data should not be taken lightly. They are primary concerns when undertaking the process of protectin...

What is Third Party Risk and Why Does It Matter?
Published: 09/14/2020

Written by WhisticIn the world of information security, third party risk is a topic that comes up often. As more and more organizations turn to SaaS-based vendors and move their operations to a cloud-driven environment, third party risk has become one of the most critical topics for an organizati...

What Schrems 2 Means for your Privacy Shield Program
Published: 08/10/2020

By Francoise Gilbert, CEO, DataMinding, Inc.The publication of the EU Court of Justice decision in the Schrems 2 case has left many organizations, worldwide, facing a difficult dilemma. What to do next to ensure the continuity of personal data flows from the European Union or European Economic Ar...

​Schrems 2 – 12 FAQs Published by the EDPB but Little Practical Guidance
Published: 07/24/2020

By Francoise Gilbert, CEO, DataMinding, Inc.Since the publication of the European Court of Justice (EUCJ) decision in the Schrems 2 case, businesses located on both sides of the Atlantic, and around the world, have been attempting to determine how they should interpret and act upon the decision. ...

EU Court of Justice Decision - Privacy Shield Invalidated; Standard Clauses Challenged​​
Published: 07/16/2020

European Court of Justice Schrems 2 Decision Creates Havoc in Global Digital Exchanges: Significant Challenges to Privacy Shield and Standard Contractual Clauses UsersBy Francoise Gilbert, CEO, DataMinding, Inc.For months, the global digital trade community has been awaiting the decision of the E...

How CSA is Working to Address Privacy
Published: 02/25/2020

By John DiMaria, Assurance Investigatory Fellow, CSAThe European Data Protection Board (EDPB) published an infographic on compliance and enforcement of the GDPR from May 2018 to January 2019. It shows that 95,180 complaints have been made to EU national data protection authorities by individuals ...

Joint Controllership: A Collection of Recent Guidance
Published: 01/03/2020

This blog was originally published By Paolo Balboni, Top-tier ICT, privacy & data protection lawyer and Founding Partner of ICT Legal Consulting.Article 26 GDPR on Joint controllers determines that, “Where two or more controllers jointly determine the purposes and means of pr...

Happy Birthday GDPR! – Defending Against Illegitimate Complaints
Published: 05/22/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, Assurance Investigatory Fellow – Cloud Security Alliance On May 25th we will celebrate the first birthday of GDPR. Yes, one year ago GDPR was sort of a four-letter word (or acronym if you will). People were in a panic of how they were going to ...

EU GDPR vs US: What Is Personal Data?
Published: 08/20/2018

By Rich Campagna, Chief Marketing Officer, BitglassMay 25, 2018—GDPR enforcement day,—has come and gone with little fan fare (and about 6 quadrillion privacy policy updates), but that doesn't mean we all know what to do to get into compliance. In fact, some measures put only one third of organiza...

GDPR Is Coming: Will the Industry Be Ready?
Published: 04/20/2018

By Jervis Hui, Senior Product Marketing Manager, NetskopeWith the impending May 25, 2018, date for GDPR compliance coming up, Netskope worked with the Cloud Security Alliance (CSA) to survey IT and security professionals for a recently released report covering GDPR preparation and challenges. Acc...

Cloud Security and Compliance Is a Shared Responsibility
Published: 04/12/2018

By Gail Coury, Chief Information Security Officer, Oracle CloudOrganizations around the world are ramping up to comply with the European Union’s General Data Protection Regulation (GDPR), which will be enforced beginning on May 25, 2018, and each must have the right people, processes and technolo...

Australia's First OAIC Breach Forecasts Grim GDPR Outcome
Published: 04/04/2018

By Rich Campagna, Chief Marketing Officer, BitglassThe first breach under the Office of the Australian Information Commissioner's (OAIC) Privacy Amendment Bill was made public on March 16. While this breach means bad press for the offending party, shipping company Svitzer Australia, more frighten...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.