Help us improve our website. Provide feedback to [email protected]
 

CloudBytes

Webinars by Subject Matter Experts

Previous Recordings

Previous Recordings

Using User Behavior Analytics to Detect Authentication Anomalies

Using User Behavior Analytics to Detect Authentication Anomalies

July 16, 2019, Aron Anderson, Senior Security Engineer & Ashwini Cheerla, Security Engineer at Adobe

In modern cyber battlefield, we face new threats daily where signatures are not necessarily known. Identifying these anomalies in regular behavior is the core of User Behavior Analysis (UBA). Commo...

Accelerating Your Journey to Zero Trust

Accelerating Your Journey to Zero Trust

July 11, 2019, Christopher Scheels, Director of Product Marketing, Cyxtera

Zero Trust is trending. Every expo show floor is inundated with this concept that promises to transform of corporate security from a well-known failed perimeter-centric model. In this session, we w...

Does WebAuthn Signal the End of Passwords for Browsers?

Does WebAuthn Signal the End of Passwords for Browsers?

June 27, 2019, Pay-al Pan, Senior Solutions Engineer, Okta & James Fang, Director of Product Marketing, Okta

Passwords have been the de-facto standard for authentication in the last 40 years, but end users hate them. Not to mention they aren't considered safe anymore - 81% of hacking-related account breac...

The Nexus of Organized Cyber Crime and Cyber Terrorism

The Nexus of Organized Cyber Crime and Cyber Terrorism

June 26, 2019, Dr. Florian Huber, Research Manager at SYNYO & Mag. Bernhard Jäger, Research Manager and Department Lead at SYNYO

New Services and Tools for Supporting First-line-practitioners and Law Enforcement Agencies. In recent years, Europe has been at increased risk of extremist violence and terrorism – from Islamic f...

2019 Trends Report: The Zero Trust Journey

2019 Trends Report: The Zero Trust Journey

June 20, 2019, Kelsey Nelson, Product Marketing, Okta

As your workforce becomes more distributed, security is even more critical. Protecting the network is important but it’s no longer enough to secure applications and data. That’s why adoption of a Z...

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

June 13, 2019, Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope

The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for ...

Securing Cloud Infrastructure with Cyber Exposure

Securing Cloud Infrastructure with Cyber Exposure

June 6, 2019, Nate Dyer, Product Marketing Director, Tenable

Cloud is dramatically expanding your attack surface and introducing new visibility challenges into infrastructure security. Without foundational visibility, it’s nearly impossible to execute other ...

CSA Study: Cloud Security Complexity

CSA Study: Cloud Security Complexity

June 4, 2019, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

Cloud computing provides improved security, agility and flexibility. However, integrating this new service into legacy IT environments comes with great concern. The Cloud Security Alliance has rec...

Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error

Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error

May 30, 2019, Aaron Zander, Head of IT, HackerOne & Gen Buckley, Senior Analyst, Security, and Compliance, Okta

It's easy blame employees for poor password and email hygiene, but in reality, human error isn't going to go away. Every organization will always have a "Kanye" with poor operational security and w...

GDPR: Data breach prevention & mitigation - Lessons learned in the past year

GDPR: Data breach prevention & mitigation - Lessons learned in the past year

May 28, 2019, Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance

Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Pr...

Scaling Cloud Forensics & Incident Response with OSQuery

Scaling Cloud Forensics & Incident Response with OSQuery

May 23, 2019, Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, Adobe

An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly an...

Eliminate Vulnerability Overload – take Nessus Scan data to the next level

Eliminate Vulnerability Overload – take Nessus Scan data to the next level

May 21, 2019, Robert Healey | Senior Director Marketing, Asia Pacific

Nessus has been around for 21 years now and with over 109,000 vulnerabilities in its scan database, is the undisputed global standard tool for Vulnerability Management, that everyone uses, knows an...

The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat

The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat

May 9, 2019, Steve Manzuik, Director of Security Research at Duo Labs & Keith Brautigam, Director of IAM at Penn State

In this webinar you will learn: - Real examples from Penn State of how network topology has gotten exponentially more complicated - Why attackers have shifted from systems-focused to data-focused a...

Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits

Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits

May 2, 2019, John Kindervag from Palo Alto Networks & Rob LaMagna-Reiter from FNTS

Much has been written and spoken about Zero Trust and the principles of “never trust, always verify” as a means for enterprises to implement effective network segmentation. As the model has been em...

The Rise of Privacy in the Cloud Era

The Rise of Privacy in the Cloud Era

April 25, 2019, Neil Thacker, CISO, Netskope

In a globally connected world where the number of cloud applications consumed by organisations rises daily, the challenges associated with protecting data and individual’s privacy are therefore als...

Top “Must Do” Steps for Securing Your Public Clouds

Top “Must Do” Steps for Securing Your Public Clouds

April 18, 2019, Greg Mayfield, Sr. Director, Product Marketing & Michael Koyfman, Principal Global Solution Architect at Netskope

Many enterprises have inadvertently exposed proprietary information by failing to properly secure data stored in public cloud environments like Amazon Web Services, Microsoft Azure and Google Cloud...

Organisational Behavior for Cyber Risk Governance Using Security Ratings

Organisational Behavior for Cyber Risk Governance Using Security Ratings

April 10, 2019, Matthew McKenna, Vice President, International Operations, SecurityScorecard

This webinar will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structur...

Preventing AWS Misconfiguration and the Risk of Data Breaches

Preventing AWS Misconfiguration and the Risk of Data Breaches

March 28, 2019, Josh Stella, Co-Founder and Chief Technology Officer, Fugue

Today’s enterprise needs to move fast at scale in the cloud, but the dynamic and complex nature of the cloud has introduced a significant new risk: a data breach due to misconfiguration and human e...

Cloud Security Top Threats:How to Secure the Future While Learning from the Past

Cloud Security Top Threats:How to Secure the Future While Learning from the Past

March 27, 2019, Dan Hubbard, Chief Product Officer, Lacework & John Yeoh, Director of Research, CSA

IaaS/PaaS providers like AWS, Azure, and GCP are increasing the productivity of our developers-- making our organizations extraordinarily agile. That same agility must be matched with security and ...

BigID, AWS, & Cloud Security Alliance Webinar

BigID, AWS, & Cloud Security Alliance Webinar

March 14, 2019, Nimrod Vax, BigID Head of Product & Bill Reid, AWS Senior Manager, Leader, Security and Compliance Solution Architecture

Protection & Privacy in the Cloud: Operationalizing Privacy in AWS Environments New privacy regulations like GDPR and CCPA make finding and protecting personal information more critical than ever....

Third-Party Cloud Management

Third-Party Cloud Management

February 28, 2019, Sam Abadir, Vice President of Industry Solutions, Lockpath

Cloud computing offers massive scalability, availability and low-cost services as major benefits, but as with most new technologies, it introduces new risks. Because there is so much opportunity in...

CSA Summit at RSA Conference 2019 Preview (Part 2)

CSA Summit at RSA Conference 2019 Preview (Part 2)

February 26, 2019, McAfee and IBM

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of.... Case Study: Behind the Scenes of MGM Resorts’ Digital Transformation As a leader i...

Is multi-cloud a cost-cutter or complexity adder?

Is multi-cloud a cost-cutter or complexity adder?

February 21, 2019, Petri Kallberg, CTO at Nordcloud Finland & Markku Rossi CTO at SSH.COM

The cloud promises to bring savings, agility and scalability. All of this is attainable provided that you know which services to choose for which purpose and how to set up your environment properly...

CSA Summit at RSA Conference 2019 Preview (Part 1)

CSA Summit at RSA Conference 2019 Preview (Part 1)

February 19, 2019, OneTrust and Cyxtera

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of... - From GDPR to California Privacy: Managing Cloud Vendor Risk Managing vendor risk i...

Avoid the Breach with Effective Application Security Testing

Avoid the Breach with Effective Application Security Testing

February 13, 2019, Andrew Dunbar, VP of Security Engineering and IT at Shopify and Luke Tucker, Senior Director of Marketing at HackerOne

Security is a top priority for e-commerce giant Shopify, with over 800,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Join Shopify's Vice President of Sec...

The Top 10 Things I Learned by Phishing my Company

The Top 10 Things I Learned by Phishing my Company

February 7, 2019, Steve Edwards, Manager - Corporate Security Engineering, Duo

Ninety-one percent of organizations in a recent TechValidate survey say they have seen phishing attacks on their organization in the past year. What’s more, 42% report more than 10 phishing attacks...

Want Better Management of Cloud Security Risk? Live Where Your People Live

Want Better Management of Cloud Security Risk? Live Where Your People Live

January 31, 2019, Julia Knecht, Manager for Security and Privacy Architecture, Adobe

Expecting your (relatively) small staff of security specialists we all have to handle security, risk management, and good governance entirely on their own is a recipe for disaster. While specialist...

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

January 17, 2019, Jasson Casey - CTO at SecurityScorecard

Please join us on the 17th of January as Jasson Casey, CTO at SecurityScorecard, describes the state of cybersecurity in the modern world, and what best practices are for measuring it - differentl...

Vendor Risk Management from the GDPR to California Privacy (CCPA)

Vendor Risk Management from the GDPR to California Privacy (CCPA)

January 10, 2019, Blake Brannon, VP of Products, OneTrust

In this webinar, we will deep dive into managing the vendor lifecycle under the GDPR, California Privacy (CCPA), and other global regulations. As organizations continue to improve their privacy and...

Container Security Best Practices: A How-To Discussion

Container Security Best Practices: A How-To Discussion

December 18, 2018, Nate Dyer, Sr. Product Marketing Manager, Tenable

Application containers like Docker help DevOps work faster and quicken time-to-market, but they also create a major Cyber Exposure gap. Traditional vulnerability management approaches can’t easily ...

2018: The Year in Data Security Panel Discussion

2018: The Year in Data Security Panel Discussion

December 12, 2018, Todd Thorsen, Sr Mgr, Security; Michelle Killian, Sr Mgr, Security Risk and Compliance; and Nathan Hunstad, Dir, Security

The data security world changes so quickly it can be hard to keep up with the latest threats to corporate data. With countless stories of breaches, phishing scams, insider threats, government whist...

Zero Trust in Practice: Why Identity Drives Next-Gen Access

Zero Trust in Practice: Why Identity Drives Next-Gen Access

December 6, 2018, Nick Fisher, Solutions Marketing at Okta

Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. As a model with many mov...

Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env

Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env

December 4, 2018, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

As the network estate grows in size and complexity, the enterprise security team is responsible for ensuring a unified, comprehensive network security policy. But how can the team be sure about app...

2018 Data Exposure Report

2018 Data Exposure Report

November 28, 2018, Molly Quinlan, Market Research Manager, Code42

Are your C-suiters putting valuable company IP at risk through careless data practices? If they're like most business leaders, they are. Nearly three-quarters of CEOs admit they’ve taken IP, ideas,...

Ready for Liftoff? Planning a Safe and Secure Cloud Migration

Ready for Liftoff? Planning a Safe and Secure Cloud Migration

November 20, 2018, Jason Garbis of Cyxtera

Want to transition on-premises workloads to the cloud, but are concerned about consistently securing access? Join us for a webinar where we discuss how you can easily and effectively apply secure a...

Using Machine Learning to Detect Command Line Anomalies

Using Machine Learning to Detect Command Line Anomalies

November 13, 2018, Andrei Cotaie and Tiberiu Boros of Adobe

As we all know, cybersecurity is often a game of cat and mouse - attackers are always trying to outsmart us defenders. At Adobe, we face the same issues and concerns as all the other major companie...

Protecting What’s Left: Cloud Security in the Serverless Age

Protecting What’s Left: Cloud Security in the Serverless Age

November 8, 2018, Edward Smith of Cloud Passage

Serverless architectures and FaaS services such as AWS Lambda make application development scalable, easy, and cheap. Plus, there’s no server to maintain or patch! But just because there’s no serve...

Data Breach Myths vs. Reality

Data Breach Myths vs. Reality

October 25, 2018, Sami Laine of Okta

Data breaches can happen to any organization, so it's important to understand your organization's risk of a data breach. But where should you start your assessment? What practical and pragmatic ste...

How to Phish Your Employees For Functional Security

How to Phish Your Employees For Functional Security

October 18, 2018, Josh Green of Duo Security

More than 90% of reported data breaches and security incidents in 2016 involved a successful phishing attack*. Attackers rely on phishing as a primary strategy because it continues to be both effec...

Discovering a Competitive Advantage with ISO 27001 Certification

Discovering a Competitive Advantage with ISO 27001 Certification

October 11, 2018, Jason Eubanks, CRISC, ISO 27001 Lead Auditor, Principal Consultant, Lockpath

Organizations with mature, enterprise-wide information security risk management programs enjoy a competitive advantage, thanks to ISO 27001 certification that signifies an international standard fo...

Crypto Conflagration and Securing the Cryptocurrency Ecosystem

Crypto Conflagration and Securing the Cryptocurrency Ecosystem

October 4, 2018, Chris Wysopal, Co-Founder and Chief Technology Officer at CA Veracode

Not only do cryptocurrencies rely on blockchain for their security, but they also rely on an ecosystem of software that runs exchanges, wallets, smart contracts and more. This software ecosystem, ...

Past the Perimeter: Earned Access Through A Zero-Trust Model

Past the Perimeter: Earned Access Through A Zero-Trust Model

September 27, 2018, Zoe Lindsey of Duo Security

Users whose digital lives are increasingly mobile don’t want to be tied to their desks, and an effective security strategy must be flexible enough to protect access from boardrooms and bars, cubicl...

Cloud–delivered Security: Why It’s Your Best Bet

Cloud–delivered Security: Why It’s Your Best Bet

September 20, 2018, Greg Mayfield of Tenable

On-prem vs Cloud-based security? It’s an ongoing debate that SecOps teams face daily. With cloud adoption continuing to be a top business initiative, SecOps teams must adapt or risk falling behind...

Can the Maturity of Your Cloud Security Strategy Make or Break Your Organization

Can the Maturity of Your Cloud Security Strategy Make or Break Your Organization

September 13, 2018, Scott Hogrefe, VP of Marketing at Netskope, and Doug Cahill, Senior Analyst at ESG

New research from Enterprise Strategy Group and Netskope shows that there are business ramifications when it comes to your approach to cloud security. Join senior ESG cybersecurity analyst Doug Ca...

Improving Cloud Hygiene

Improving Cloud Hygiene

September 6, 2018, Scott Pack, Lead Cloud Security Engineer, and Dhwaj Agrawal, Computer Scientist at Adobe

As one of the first companies to commit wholly to the cloud, we have learned a lot about how to keep our security hygiene levels up even as we support rapid development and deployment cycles. Part ...

How Identity Fits Into a Security-First Approach

How Identity Fits Into a Security-First Approach

August 29, 2018, Mark Bowker, Senior Analyst at Enterprise Strategy Group and Swaroop Sham, Senior Product Marketing Manager at Okta

Securing your workforce and users, in the cloud, and on the go can be difficult. A recent Enterprise Strategy Group (ESG) survey discovered that for nearly 75% of organizations, a username and pass...

Managing Top 6 Risks with Cloud Service Providers

Managing Top 6 Risks with Cloud Service Providers

August 21, 2018, Cliff Turner, Senior Solutions Architect at CloudPassage

In this webinar, we'll cover the following... •Review top six risks with today’s cloud service providers. •We will analyze these risks, consider the business impact and show you how to proactively...

A Path to Achieving Network Security ZEN

A Path to Achieving Network Security ZEN

August 14, 2018, Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additiona...

Next Step – Securing IaaS (AWS, Azure, GCP)

Next Step – Securing IaaS (AWS, Azure, GCP)

August 9, 2018, Brandon Cook of McAfee

According to Gartner, the IaaS market grew at a blistering 42.8% in 2017 - twice as fast as SaaS. But, despite last year’s AWS data exposures at Verizon, the RNC, and Dow Jones, most cloud security...

Extending Network Security Visibility into the Cloud

Extending Network Security Visibility into the Cloud

August 7, 2018, Anner Kushnir, VP of Technology at AlgoSec

Enterprises are taking advantage of the economies of scale of cloud computing and migrating applications to public and private clouds. The new technology offers many advantages, but also requires t...

Eliminating Security Blind Spots in your AWS Environments

Eliminating Security Blind Spots in your AWS Environments

July 31, 2018, Edward Smith of CloudPassage

As consumption of cloud services increases, security teams struggle to maintain visibility of the cloud assets in use across multiple environments throughout the enterprise. In fact, 43% of securit...

Reducing Risk in Public Cloud Environments

Reducing Risk in Public Cloud Environments

July 24, 2018, Greg Mayfield, Director of Product Marketing, Tenable

As organizations adopt their multi-cloud and hybrid cloud strategies, continuous visibility and protection of these dynamic cloud workloads remains the #1 challenge for security teams. It’s essenti...

Avoiding the Dreaded DNS Hijack

Avoiding the Dreaded DNS Hijack

July 12, 2018, Dhivya Chandramouleeswaran of Adobe

With increasing adoption of cloud services by organizations, there is unfortunately often an absence of decommissioning checks when such services are no longer in use. It is often up to developers ...

A GDPR Compliance & Preparation Report Card

A GDPR Compliance & Preparation Report Card

June 27, 2018, Neil Thacker, CISO, EMEA -- Netskope

With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security...

User Behavior Study Screams the Need for Backup

User Behavior Study Screams the Need for Backup

June 26, 2018, Aimee Simpson of Code42

Digital transformation efforts won’t be successful unless IT accounts for the human element: workforce behavior. What’s the relationship between endpoint devices and employee work habits? We dug in...

A Path to Achieving Network Security ZEN

A Path to Achieving Network Security ZEN

June 21, 2018, Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additiona...

Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy

Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy

June 12, 2018, David Shearer, CEO, (ISC)2; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork ; Rich Mogull, Securosis; B. Dunlap (Mod)

Certain things go together to make the sum of their parts that much better. Peanut Butter and Jelly. Lennon and McCartney. Batman and Robin. In the ever-changing world of the cloud, cyber security ...

The Evolution of Zero Trust Security: Next Gen Access

The Evolution of Zero Trust Security: Next Gen Access

June 7, 2018, Nick Fisher, Security Product Marketing at Okta

As breaches fill the headlines, more organizations are adopting a Zero Trust security model and its key principle of "never trust, always verify." Modern implementations of this model are focusing ...

Secure DevOps: Application Security from Development Through Runtime

Secure DevOps: Application Security from Development Through Runtime

June 5, 2018, Nathan Dyer of Tenable

DevOps has become a competitive advantage for organizations competing in the new digital era. Increased speed, rapid experimentation, and continuous change are now guiding operating tenants to win ...

3 Ways to Speed Up Your Incident Response Time

3 Ways to Speed Up Your Incident Response Time

May 31, 2018, Abik Mitra of Code42

The pace of cyber attacks on business users is increasing, but the time it takes to detect and recover from them is taking longer. In this webinar, Code42's Abhik Mitra will explore the root caus...

Wrangling Those Pesky 3rd-party Software Vulnerabilities

Wrangling Those Pesky 3rd-party Software Vulnerabilities

May 31, 2018, Mayank Goyal, Sr. Security Researcher, Nishtha Behal, Security Researcher, Adobe

Like many large software companies, Adobe makes use of both open source and commercial off-the-shelf software components to deliver solutions to its customers. From time to time, as with any public...

LIVE Cyber Attack Simulation: A Crypto Crime in Action

LIVE Cyber Attack Simulation: A Crypto Crime in Action

May 23, 2018, Hank Schless and Christian Lappin from Threat Stack

Crypto mining and cyber crime are at the top of the list for headline-grabbing attacks. Want to see how it’s actually done? The reality of what happens on a day-to-day basis is the breakdown of pe...

GDPR: Personal Data Protection Compliance is a Business Matter

GDPR: Personal Data Protection Compliance is a Business Matter

May 22, 2018, Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting

Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted app...

5 Steps to Boost Your Security Posture on AWS

5 Steps to Boost Your Security Posture on AWS

May 15, 2018, Neelum Khan, Tajvia Willis, and ​Sudha Iyer from Netskope

Many customers have exposed their data in the cloud without proper security solutions. Securing data in the cloud to prevent exposures can present challenges to all enterprises. Despite the rapidly...

How to Ace Type 2 SOC 2 with Zero Exceptions

How to Ace Type 2 SOC 2 with Zero Exceptions

May 8, 2018, Pete Cheslock and Pat Cable of Threat Stack

Achieving Type 2 SOC 2 compliance with zero exceptions was no easy feat for Threat Stack. However, rather than implementing stringent security protocols at every point of production, they implement...

The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9

The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9

May 3, 2018, Daniele Catteddu of CSA and Marina Segal of Dome9 Security

General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. The requirements of GDPR are substantial and the penalties for non-compliance are severe. The new regulation will re...

True Detective – Autopsy of latest O365 and AWS threats

True Detective – Autopsy of latest O365 and AWS threats

April 25, 2018, Brandon Cook, Thyaga Vasudevan, and Sandeep Chandana of McAfee

How does your organization defend against the latest O365 and AWS threats including KnockKnock and Ghostwriter? Join CSA and McAfee to see an autopsy of two recent cloud threats: KnockKnock (O365)...

Anatomy of a Cyber Security Breach: The Hero's Journey

Anatomy of a Cyber Security Breach: The Hero's Journey

April 11, 2018, Sam Curry of Cybereason; Andrew Hammond and Red Curry of SSH Communications Security; Hector Monsegur of Rhino Security Labs

My mother was washing dishes in the kitchen when the glass window she was looking out shattered in front of her…she was OK but unfortunately my curve ball has never gotten better. The second law of...

Understanding the Status of ERP Security in the Cloud

Understanding the Status of ERP Security in the Cloud

March 21, 2018, JP Perez-Etchegoyen of Onapsis and Shamun Mahmud of CSA

With ERP vendors reporting double-digit growth in cloud revenue year over year, many organizations are faced with the challenging task of planning a cloud migration of their most critical assets. B...

How to Design Successful Internal Bug Hunts: Squashing Security Bugs on a Budget

How to Design Successful Internal Bug Hunts: Squashing Security Bugs on a Budget

March 19, 2018, Pieter Ockers of Adobe

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition...

CSA Summit at RSA Conference Preview

CSA Summit at RSA Conference Preview

March 14, 2018, Jim Reavis of CSA,Wayne Anderson of McAfee, Deena Thomchick of Symantec, Jervis Hui of Netskope, and Chris Steffen of Cyxtera

Want to know what you can expect at this years CSA Summit at RSA Conference? Join this webinar to get a preview of several sessions including:  - Appetite for Destruction – The Cloud Edition Over ...

Making Compliance Count

Making Compliance Count

March 7, 2018, Dave Lenoe and Molly Junck at Adobe

It’s a brave new world, with bug bounties and crowd-sourced penetration tests now an up-and-coming way to augment security programs. But can you do the same with your compliance and certification p...

Are Your Containers Compliant?

Are Your Containers Compliant?

February 28, 2018, Cliff Turner, Cloud Security Evangelist, CloudPassage

If we could call out two things that are growing in importance in 2018, it’s containers and compliance. Penalties for data breaches are on the rise, all the while organizations are under increasing...

Defining the cloud-enabled branch: How cloud apps drive network transformation

Defining the cloud-enabled branch: How cloud apps drive network transformation

February 13, 2018, Dan Shelton of Zscaler

Amazon, Azure and SaaS are already on everyone's mind. When your data center workloads move to cloud, is your corporate backhaul the most efficient way to get to the applications? The migration of ...

Automating Security for Cloud Services

Automating Security for Cloud Services

February 8, 2018, Peleus Uhley, Lead Security Strategist at Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the...

ISO/IEC 19086: An Overview and Application

ISO/IEC 19086: An Overview and Application

February 1, 2018, John Calhoon of Microsoft

In this webinar, we will take a look at ISO/IEC 19086 which is an international standard for cloud service level agreements (SLAs). Specifically, we’ll discuss the impetus for establishing the sta...

Data-driven Cybersecurity Defense for Organizations and their Ecosystems

Data-driven Cybersecurity Defense for Organizations and their Ecosystems

January 25, 2018, Phil Marshall of Security ScoreCard

Many companies rely on staticpoint-in-time security assessments to measure the cybersecurity health of their enterprise and vendor ecosystem. This approach is quickly becoming obsolete in today’s d...

Returning data control to users - the next frontier for cloud security research

Returning data control to users - the next frontier for cloud security research

January 22, 2018, Ryan Ko, Associate Professor, University of Waikato

From the Uber data leakage incident to cases where photographs of young or vulnerable people are stolen and misused on inappropriate websites, there is a fundamental gap: the lack of users' control...

Introducing HubbleStack: a free, open source project to help automate compliance

Introducing HubbleStack: a free, open source project to help automate compliance

January 17, 2018, Christer Edwards of Adobe

Organizations have difficulties handling security auditing and compliance that can be scaled across many teams with varying infrastructure. Adobe found themselves in the same situation and in need...

Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements

Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements

January 11, 2018, Steve House of Zscaler

The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud sec...

Developing a Successful Secure Product Lifecycle (SPLC) Program

Developing a Successful Secure Product Lifecycle (SPLC) Program

January 4, 2018, Julia Knecht and Taylor Lobb of Adobe

A secure product lifecycle (SPLC) is integral to ensuring software is written with security in mind, but companies struggle to create a successful process with limited security resources and minima...

Top 10 Public Cloud Security Recommendations

Top 10 Public Cloud Security Recommendations

December 14, 2017, Matt Keil of Palo Alto Networks

Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the...

Exploring CSA’s Cloud Controls Matrix (CCM) for Cloud Security

Exploring CSA’s Cloud Controls Matrix (CCM) for Cloud Security

December 7, 2017, Neha Thethi, BH Consulting

As a cloud customer, vendor, security auditor or regulator, you may have been involved with ensuring security in the cloud. Although numerous standards, regulations, and controls frameworks exist t...

5 Steps to Prevent AWS Data Exposures

5 Steps to Prevent AWS Data Exposures

December 6, 2017, Brandon Cook and Anant Mahajan of Skyhigh

Amazon Web Services has strong security features, but customer misconfigurations have led to a series of very public data exposures over the last few months from Verizon, Dow Jones, Accenture, and ...

Cloud Security for Startups - From A to E(xit)

Cloud Security for Startups - From A to E(xit)

November 23, 2017, Moshe Ferber of CSA Israel and Shahar Maor of Outbrain

Cloud computing perform amazing things for startups, providing young companies with access to enterprise grade infrastructure . But also act as a double edge sword. Lack of proper security controls...

Security Anthropology: How Do Organizations Differ?

Security Anthropology: How Do Organizations Differ?

November 16, 2017, Wendy Nather with Duo Security

When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and th...

Protecting Corporate Data When an Employee Leaves

Protecting Corporate Data When an Employee Leaves

November 2, 2017, Michael Osterman of Osterman Research and Drew Neilson of Druva

Employees leave organizations each year, but did your sensitive data leave with them? Osterman Research found that 39% of companies are not sure that they have recovered all corporate data assets, ...

CISO Challenges with Cloud Computing

CISO Challenges with Cloud Computing

October 31, 2017, Moshe Ferber of CSA Israel

Cloud computing provides companies with unprecedented access to robust, scalable infrastructure, but on the other hand, cloud adoption is accompanied with various challenges for security profession...

Market State of Cloud Security

Market State of Cloud Security

October 24, 2017, Nick Mendez of Optiv

Optiv will be sharing their insights on the market state of cloud security and how enterprises should bolster their security programs for the evolution of cloud. We will cover what we see in the fi...

CASB 2.0: The Next Frontier for CASB

CASB 2.0: The Next Frontier for CASB

October 17, 2017, Deena Thomchick of Symantec

The rapid adoption of cloud applications and services has fueled the need for new security solutions, such as Cloud Access Security Brokers (CASBs). But how do these systems weave into your overall...

Securing the Open Enterprise - API Security Threats, Risks and Solutions

Securing the Open Enterprise - API Security Threats, Risks and Solutions

October 10, 2017, Ron Speed of TrustedImpact

Enterprises around the globe are rapidly opening up their back-end systems and databases to the outside world using APIs. Drivers for doing this include everything from improving customer service,...

Internal Bug Hunts: Squashing Security Bugs on a Budget

Internal Bug Hunts: Squashing Security Bugs on a Budget

September 19, 2017, Pieter Ockers - Sr Program Manager at Adobe

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition ...

Challenges in Data Privacy

Challenges in Data Privacy

September 14, 2017, Craig Scoon, Consultant in the Risk Advisory Service at Deloitte

There are many challenges for data privacy legislation within a boundary-less cloud computing and World Wide Web environment. Despite its importance, there is limited research around data privacy l...

State of Cloud Adoption in Asia Pacific (APAC)

State of Cloud Adoption in Asia Pacific (APAC)

September 13, 2017, Ekta Mishra, Research Analyst of CSA and David Siah, Country Manager of TrendMicro Singapore

Cloud as the enabler of Internet of Things (IoT) and data analytics, the incorporation of cloud computing is critical for the successful implementation of these leading-edge technologies. Countries...

Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR

Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR

August 17, 2017, Nicola Franchetto of ICT Legal Consulting

Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection L...

Backup & Recovery: Your Get out of Ransomware Free Card

Backup & Recovery: Your Get out of Ransomware Free Card

August 9, 2017, Andrew Nielsen, Chief Trust Officer of Druva and Jim Reavis, CEO of CSA

Ransomware has become a major concern for organizations around the globe. The U.S. Department of Justice reports that an average of 4,000 ransomware attacks occur daily. These ransomware attacks ar...

"Cloud-First" Ransomware - A Technical Analysis

"Cloud-First" Ransomware - A Technical Analysis

July 27, 2017, Bob Gilbert and Sean Hittel of Netskope

Cloud services have emerged as the preferred attack vector of some of the most dangerous and innovative cloud malware exploits of the past six months. Why?  Because many organizations don't inspect...

Cloud Services and Encryption: Facts, Myths, Perceptions

Cloud Services and Encryption: Facts, Myths, Perceptions

July 19, 2017, Paul Rich of Microsoft

Encryption and terms like "BYOK" have surged to the forefront of cloud service discussions. Both security and compliance stakeholders express great interest in encryption and its apparent promises....

How and Why to Build an Insider Threat Program

How and Why to Build an Insider Threat Program

June 20, 2017, Jadee Hanson of Code42

Jadee Hanson, Director of Security at Code42, provides a behind-the-scenes look at what it's really like to run an insider threat program -- a program in which you can take steps to prevent employe...

Security Automation Strategies for Cloud Services

Security Automation Strategies for Cloud Services

June 15, 2017, Peleus Uhley of Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the...

4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup

4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup

June 13, 2017, Aimee Simpson of Code42, Shawn Donovan of F5 Networks, and Kurt Levitan of Harvard University

Today's organizations face complex challenges as a result of exponential data growth and rapidly evolving ​cyberthreats. Furthermore, as companies move to cloud, it's inevitable that technologies w...

How Financial Services can Leverage the Cloud Securely to Drive Business

How Financial Services can Leverage the Cloud Securely to Drive Business

May 25, 2017, Miguel Ramos of Forcepoint

Though one of the most mature industries in cybersecurity, the Financial Services industry has seen some of the largest explosion of innovation and technology. While startups and innovators are foc...

You can stop shaking if you follow this plan for securing your data

You can stop shaking if you follow this plan for securing your data

May 17, 2017, Terence Spies of HPE Security-Data Security and Rich Mogull of Securosis

Data security has a tendency to be intimidating for organizations, users and implementers. Organizations see the value but the challenges of applying a data security solution. Wouldn’t it be great...

Overcoming the Challenges of Securing Hybrid Enterprises

Overcoming the Challenges of Securing Hybrid Enterprises

April 13, 2017, Cryptzone

It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often ...

Leveraging the Power of Threat Intelligence

Leveraging the Power of Threat Intelligence

March 15, 2017, Ray Pompon and Sara Boddy of F5

It's becoming impossible for cyber security to keep up with paradigm-changing technological advancements which provide fertile new hunting ground for the more sophisticated cyber-criminals. You ca...

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

March 6, 2017, John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group

Join this in-depth interview at RSA Conference with John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group. Viewers will learn John's insights around: - ...

Fighting the ‘Gap of Grief’ With Business-Driven Security

Fighting the ‘Gap of Grief’ With Business-Driven Security

March 1, 2017, Peter Beardmore of RSA

Defending against human ingenuity demands a new way of thinking. With countless dollars spent and infinite alerts you still don’t have a true picture of what is going on. So when a breach happens,...

Which CASB Deployment Mode is Right for Me?

Which CASB Deployment Mode is Right for Me?

January 19, 2017, Srini Gurrapu and Brandon Cook of Skyhigh

When kicking off a cloud security project, you'll quickly discover that there are multiple deployment options for a cloud access security broker (CASB) – Log Collection, API, Reverse Proxy, and For...

Cloud First, Now What?

Cloud First, Now What?

January 17, 2017, Palo Alto Networks

Your executive staff has made a strategic decision to move to the cloud, and your team has the seemingly monumental task of executing on this new direction. The journey to the cloud introduces many...

The 2017 Cyberthreat Landscape

The 2017 Cyberthreat Landscape

December 14, 2016, Leo Taddeo, Chief Security Officer, Cryptzone

2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threa...

SIEM for the Cloud? The Essentials You Need to Know

SIEM for the Cloud? The Essentials You Need to Know

December 6, 2016, Chris Collard and Mark Campbell of IBM Security

A cloud-delivered security intelligence platform can help you make sense out of the mountains of data collected from your expanded perimeter of cloud workloads and assets. However, it’s easy to get...

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

November 29, 2016, Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler

The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore differe...

CSA SDP for IaaS Initiative: Research Preview

CSA SDP for IaaS Initiative: Research Preview

November 15, 2016, Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage

Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting f...

Conducting Security Investigations in Minutes (or Less)

Conducting Security Investigations in Minutes (or Less)

November 8, 2016, Doron Shiloach, Senior Product Manager at IBM

Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking...

Developing a Proactive Approach to GDPR Compliance

Developing a Proactive Approach to GDPR Compliance

November 3, 2016, Yael Nishry and Doug Lane of Vaultive

As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that...

Defeating the Insider Threat:  Don't Have Your Head in the Clouds

Defeating the Insider Threat: Don't Have Your Head in the Clouds

October 19, 2016, Evelyn De Souza and Mary Beth Borgwing

Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new res...

IT Security & Privacy Governance in the Cloud

IT Security & Privacy Governance in the Cloud

October 18, 2016, Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE

After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance polic...

Working the Numbers: Learn How to Make the Case for a CASB

Working the Numbers: Learn How to Make the Case for a CASB

October 13, 2016, Palerra

58% of security professionals expect their budgets to stay the same next year. If you’re like them, you’re trying to secure a growing number of cloud services and infrastructure without a bigger bu...

20 Months to a New Global Data Privacy Law – What You Need To Do

20 Months to a New Global Data Privacy Law – What You Need To Do

October 11, 2016, Nigel Hawthorn of Skyhigh

The GDPR Covers Anyone with Data on European Residents In May 2018, a new data privacy law comes into effect and any organisation with data on the 500+ million citizens of the European Union (EU)...

Scared of implementing a data protection solution?

Scared of implementing a data protection solution?

October 6, 2016, Rich Mogul of Securosis and Terence Spies of HPE Security--Data Security

Data protection has a tendency to be intimidating for organizations, users and implementers. Organizations see the value of having a data protection program but the challenges of applying a data p...

CSA Research: Mitigating Top Cloud Threats

CSA Research: Mitigating Top Cloud Threats

August 30, 2016, Salim Hafid and Rich Campagna of Bitglass, and John Yeoh of CSA

With cloud adoption on the rise, IT leaders are looking to peer organizations to understand security best practices in the cloud. Bitglass and CSA surveyed infosec professionals to uncover the top ...

Standardization and visibility of security controls in Hybrid

Standardization and visibility of security controls in Hybrid

August 24, 2016, Avinash Prasad and Munish Gupta of Infosys Ltd

The needs for IT agility for business, is driving adoption of flexible computing environments including IaaS, Private Cloud among others. The challenge associated with this transformation towards t...

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

August 16, 2016, Mat Hamlin of Spanning by EMC and Will McNae of Microsoft

Information theft is the most expensive consequence of cybercrime, according to a recent Ponemon study. Business interruption following a cyberattack exacts a high price in productivity and busines...

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

August 9, 2016, Brandon Cook and Santosh Raghuram of Skyhigh Networks

How does your organization combat insider threats and compromised accounts? Join CSA and Skyhigh Networks to learn about cloud threat findings from the research of CSA and Skyhigh Cloud Security ...

Protect Against New Threats to Safely Enable SaaS

Protect Against New Threats to Safely Enable SaaS

August 4, 2016, Palo Alto Networks

The usage of SaaS applications continues to grow rapidly whether they are enabled by IT or your end users. SaaS-based application usage has grown 46 percent over the past three years as shown in th...

Joining the Cloud Cyber Intelligence Exchange

Joining the Cloud Cyber Intelligence Exchange

August 2, 2016, Patrick Coughlin, TruSTAR

CSA, along with support from key corporate members like Rackspace and Intel, has been incubating a new intelligence exchange within the CloudCISC Working Group. Join CSA and technology partner TruS...

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

August 1, 2016, Jim Reavis of CSA and Atri Chatterjee of Zscaler

According to Gartner, cloud-based security is continuing to grow at a significant rate, spiking at a 35% CAGR compared to 6% for on-premise appliances. Newer and more advanced threats are creating ...

Five Requirements for Securely Adopting Cloud Applications

Five Requirements for Securely Adopting Cloud Applications

July 26, 2016, Mark D. Campbell and Brandon Whichard of IBM Security

The business benefits of cloud applications are undeniable, however security concerns can still slow their adoption. While many mainstream cloud applications offer secure platforms and excellent se...

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

July 13, 2016, Brandon Cook and Srini Gurrapu of Skyhigh Networks

Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level...

Protecting employees on the move with cloud-friendly application segmentation

Protecting employees on the move with cloud-friendly application segmentation

July 13, 2016, Paul German of Certes Networks

Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonl...

Data-centric protection: the future of BYOD security

Data-centric protection: the future of BYOD security

July 12, 2016, Bitglass

Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privac...

Building the Connected Hospital - Securely

Building the Connected Hospital - Securely

June 30, 2016, Chris Frenz, Jennifer Cathcart, Yogi Shaw, and Gib Sorebo

The concept of the Connected Hospital offers full integration with Electronic Health Record (EHR) systems, streamlined operations, and enhanced patient safety. Secure implementation of the capabil...

It's Alive! Automating Security Response in the Cloud

It's Alive! Automating Security Response in the Cloud

June 22, 2016, Tim Prendergast of Evident.io

The challenges facing teams responsible for creating speed and acceleration in the cloud are numerous, but the most dangerous challenge is discerning security signals from infrastructure noise. We ...

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

June 14, 2016, Daniele Catteddu, CTO, CSA & Josh Downs, Community Manager, BrightTALK

- Infosecurity Europe 2016 - BrightTALK were honoured to be joined by the CSA's CTO Daniele Catteddu to get his thoughts on cyber security and cloud defences in particular. Daniele walked throug...

Continuous auditing/assessment of relevant security properties

Continuous auditing/assessment of relevant security properties

June 14, 2016, John DiMaria of BSI

Module 3 in the CSA STAR Series While the Cloud Security Alliance’s (CSA) STAR Certification has certainly raised the bar for cloud providers, any audit is still a snapshot of a point in time. Wha...

The CSA Strategy for Securing IoT via the Cloud

The CSA Strategy for Securing IoT via the Cloud

June 7, 2016, Jim Reavis

Internet of Things will lead to a future where virtually every physical item has a microprocessor and all industries will be disrupted. In this presentation, CSA CEO Jim Reavis discusses key secur...

CSA SDP for IaaS Initiative: Best Practices and a Progress Report

CSA SDP for IaaS Initiative: Best Practices and a Progress Report

June 2, 2016, Jason Garbis of Cryptzone

Enterprise adoption of IaaS environments has brought tremendous benefits, in terms of cost savings and agility, and enabled a more dynamic infrastructure. However, these changes have created new se...

Cloud Trust Protocol (CTP) Demo

Cloud Trust Protocol (CTP) Demo

May 20, 2016, Alain Pannetrat of Cloud Security Alliance

The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, prom...

Mitigating risk with application isolation and cryptographic segmentation

Mitigating risk with application isolation and cryptographic segmentation

May 11, 2016, Adam Boone of Certes Networks

There is a direct correlation between the size of an enterprise’s attack surface and its risk profile. The greater the number of networked applications supported by the enterprise and the greater n...

The Business Value of Operational Risk Management

The Business Value of Operational Risk Management

May 11, 2016, John DiMaria of BSI

Risk Management is not a standalone activity carried out by a company’s risk experts; it is part of the responsibilities of management and a concern to all of the organization’s stakeholders. Risk ...

Risky Business: Key Cloud Security Metrics your Board Needs to See

Risky Business: Key Cloud Security Metrics your Board Needs to See

May 10, 2016, Srini Gurrapu, Skyhigh Networks

A recent study by Ponemon showed that the likelihood of an enterprise data breach of involving more than 10,000 records is approximately 22%. This risk, with an average associated cost of $3.79 mil...

Improve CX, Productivity, Revenues and Security with Identity Coherence

Improve CX, Productivity, Revenues and Security with Identity Coherence

May 5, 2016, Steve Tout of Forte Advisory

Customers expect a seamless experience across services and devices, critical to ensure successful conversions and renewals in e-commerce. At the same time, the impact of disconnected user experien...

Meeting international requirements and leveraging CSA STAR for supply chain mana

Meeting international requirements and leveraging CSA STAR for supply chain mana

May 4, 2016, John DiMaria, BSI

When an organization adopts cloud services, it is in fact expanding its operations from a local or regional presence to a more global one. As a result, the corresponding organizational operations’ ...

Cloud security threats and resolutions: A meeting of the minds

Cloud security threats and resolutions: A meeting of the minds

April 27, 2016, Jim Reavis of CSA, David Baker and Arturo Hinojosa of Okta

According to the 2016 Top Threats report from CSA, the ramifications of poor cloud computing decisions is no longer an IT issue but rather a boardroom issue. Executives at the highest levels are un...

Beyond the Firewall: Securing the Cloud with a CASB

Beyond the Firewall: Securing the Cloud with a CASB

April 26, 2016, Mike Schuricht and Salim Hafid, Bitglass

As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Organizations need the ability to protect d...

Mind the Mobile Gap

Mind the Mobile Gap

April 26, 2016, Dan Wolff, IBM

Throwing a safety net over mobile cloud app usage leaves the enterprise having to balance manageability and security against the user experience. This session covers how you can gain visibility int...

Public, Private, Hybrid…Secure Your Cloud’s Future

Public, Private, Hybrid…Secure Your Cloud’s Future

April 20, 2016, Sai Balabhadrapatruni Palo Alto Networks

The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed, and adopted. The challenge has become bal...

Dramatically Improve Network Security using SDP

Dramatically Improve Network Security using SDP

April 13, 2016, Jason Garbis, Cryptzone

It’s time to recognize that traditional network security tools grant users too much access and therefore create a serious security gap. A typical user may be authorized to access only a few resourc...

Reducing the Enterprise Attack Surface with Cloud-Friendly App Segmentation

Reducing the Enterprise Attack Surface with Cloud-Friendly App Segmentation

April 12, 2016, Satyam Tyagi, Certes Networks

The large volumes of data being stored as well as the multiple siloes, users and applications using the data, means that organizations are constantly under threat of a data breach. Certes Network...

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

April 11, 2016, Jason Wolford of Rackspace and Imam Sheikh of Vormetric

Your business has capitalized on managed cloud services to host many of your IT workloads. Now, you need to expand your cloud IT deployments further with public cloud services using Amazon Web Ser...

Cloud Security: What You Should Be Concerned About

Cloud Security: What You Should Be Concerned About

March 31, 2016, Raji Samani of Intel Security and Jim Reavis of CSA

Intel Security conducted a survey regarding cloud adoption and cloud security. This webcast will discuss the findings and answer questions like... -Is cloud for everyone? -How much are companies i...

2016 Information Security Trends and Cloud Security Alliance Priorities

2016 Information Security Trends and Cloud Security Alliance Priorities

March 22, 2016, Jim Reavis, CEO of Cloud Security Alliance

An informal look at the important security trends identified by CSA experts and the activities initiated by Cloud Security Alliance to address key industry issues.

How to Determine Responsibility for Cloud Security?

How to Determine Responsibility for Cloud Security?

March 21, 2016, Rich Campagna, Bitglass

Rich Campagna of Bitglass explains in this short video the WSJ test -- an easy way to determine the security responsibilities of SaaS vendors and their clients.

Not “If” but “When”: Protecting Your Data with a Cyber Resiliency Plan

Not “If” but “When”: Protecting Your Data with a Cyber Resiliency Plan

March 15, 2016, Santosh Raghuram, Skyhigh Network

In today's security landscape, a security breach is not a matter of "if," but "when." Is your organization prepared to minimize and mitigate the effects of a breach? Join the Cloud Security Allianc...

Data Breaches are Inevitable: Reduce your Risk with Cloud-Friendly Segmentation

Data Breaches are Inevitable: Reduce your Risk with Cloud-Friendly Segmentation

March 15, 2016, Eugen Rusen, Certes Networks

The mass of data breaches that hit the headlines in 2015 show organizations must accept that breaches are inevitable, and breach detection and protection strategies are no longer enough to keep the...

The Borderless World: Bridging the Cloud with On-Prem Systems

The Borderless World: Bridging the Cloud with On-Prem Systems

March 10, 2016, Farshad Ghazi and Chris Griffith, HPE Security

Learn more about the new CSA Top Threats Report and how to protect yourself. In the borderless world of Cloud computing, everything changes. You cannot deliver a cloud enabled business without a f...

Securing IaaS - The Forgotten component of Cloud Access Security Brokers

Securing IaaS - The Forgotten component of Cloud Access Security Brokers

February 25, 2016, Ganesh Kirti, Palerra

ShadowIT Discovery and security of SaaS are often considered key capabilities of Cloud Access Security Broker. There is, however, one critical capability which is often overlooked; security of IaaS...

The State of Office 365 Security

The State of Office 365 Security

February 17, 2016, Doug Lane, Vaultive

Microsoft Office 365 adoption skyrocketed in 2015, but security and compliance questions are still keeping many organizations on the sidelines. What built-in security features does Microsoft provid...

Road Map to CSA Star Certification: Module 1

Road Map to CSA Star Certification: Module 1

February 11, 2016, BSI

ROAD MAP TO CSA STAR CERTIFICATION – OPTIMIZING PROCESSES, REDUCING COST AND MEETING INTERNATIONAL REQUIREMENTS With Japan’s introduction of the quartz wristwatch in 1969, the majority Swiss marke...

Next-Gen Mobile Security: What comes after MDM?

Next-Gen Mobile Security: What comes after MDM?

February 3, 2016, Salim Hafid and Neal Mhaskar, Bitglass

BYOD is an adoption, not a rollout. In fact, 57% of employees refuse MAM or MDM on their personal devices. What are the drawbacks of MDM? How can your organization both drive adoption and effective...

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

January 28, 2016, Anil Karmel, Co-Founder and CEO of C2 Labs

Containers such as Docker and CoreOS Rkt deliver incredible capabilities to developers and operators and are powering the DevOps revolution in application development and deployment. Docker in p...

Making Trusted Decisions to Use the Cloud: A New Model to Succeed

Making Trusted Decisions to Use the Cloud: A New Model to Succeed

January 14, 2016, Jeffrey Ritter

You know that every decision to use the Cloud will be challenged, whether by investors, executives, customers, or members of your own team. Behind every challenge is the same question, "Can we tru...

Cloud Access Security Brokers: Critical Capabilities

Cloud Access Security Brokers: Critical Capabilities

December 9, 2015, TBD

Cloud Access Security Brokers (CASBs) are the hottest security technologies on the market. They provide organizations with much needed visibility and control over corporate data as it moves beyond ...

Can I Still Use The Cloud? Now That Safe Harbor is Dead

Can I Still Use The Cloud? Now That Safe Harbor is Dead

November 24, 2015, Nigel Hawthorn

A webinar for IT Security, Legal and Compliance Managers. The EU-US Safe Harbor agreement for data transfers has been declared invalid. Hear what this means for you, your organization and your d...

Keeping your Data and Applications Safe from the CSA Top Threats

Keeping your Data and Applications Safe from the CSA Top Threats

November 10, 2015, Farshad Ghazi and Chris Griffith--HP Security

The cloud presents all kinds of opportunities for today’s enterprise, from anywhere access to anything-as-a-service. Cloud computing imposes significant security risks on the corporation, network, ...

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

October 21, 2015, Matt Brunsvold of Cargill and Srini Gurrapu of Skyhigh

Skyhigh’s Office 365 Cloud Adoption and Risk report shows that the average enterprise uploads 1.37TB of data across SharePoint, OneDrive, and Yammer each month, 17.4% of which is sensitive.  With O...

Top 3 Reasons Why Growing Organizations are Moving Their Security to the Cloud

Top 3 Reasons Why Growing Organizations are Moving Their Security to the Cloud

September 24, 2015, James Kawamoto, Zscaler Inc.

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have t...

Professionalizing the Cloud Security Workforce

Professionalizing the Cloud Security Workforce

August 20, 2015, Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)²

(ISC)² and CSA recently developed the Certified Cloud Security Professional (CCSP) credential to meet a critical market need to ensure that cloud security professionals have the required knowledge,...

Leveraging Data Control and GRC for Securing Data on the Cloud

Leveraging Data Control and GRC for Securing Data on the Cloud

July 15, 2015, Ryan Ko- CSA APAC Research Advisor, Vibhav Agarwal – Associate Director - Product Marketing, MetricStream

Leveraging Data Control and GRC for Securing Data on the Cloud - A Practical Guide for Immediate Challenges and An Overview of Long-Term Research Challenges Data security for cloud applications is...

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

July 8, 2015, Evelyn de Souza, Data Governance Workgroup Chair, Cloud Security Alliance & Data Privacy and Compliance Leader, Cisco Systems

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach over the next 12 months. While cloud insider threats consistently rank as a top concern, they h...

Cloud Standards - Ready for Prime-time (part 2)

Cloud Standards - Ready for Prime-time (part 2)

June 30, 2015, Michel Drescher, EGI; John Messina, NIST; Peter Deussen, Fraunhofer FOKUS

Cloud computing will not reach its full potential without fully developed and stable management and context standards. Customers indeed expect freedom of choice, increased control and interoperabil...

Lessons Learned From the Biggest Security Breaches

Lessons Learned From the Biggest Security Breaches

June 25, 2015, Jim Reavis, CSA; Michael Sutton, Zscaler

Learn about the biggest security breaches and what it means for your organization. The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest ...

Cloud Standards - Ready for Prime Time

Cloud Standards - Ready for Prime Time

June 9, 2015, Michel Drescher, EGI; Alan Sill, OGF, Texas Tech University; Alex McDonald, NetApp; David Wallom, Oxford e-Research Centre

Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as...

How to Negotiate a Proper SLA

How to Negotiate a Proper SLA

May 19, 2015, Jesus Luna, CSA; Frederic Engel, Market Engal SAS;Daniele Catteddu, CSA; Arthur van der Wees; Arthur's Legal; Said Tabet, EMC

The typical cloud customer easily grasps perceived advantages and user-friendliness in the cloud, but they are not security experts. Matching an customer's security requirements with what is being ...

Preparing for 2015: Internet security best practices from the Global 1000

Preparing for 2015: Internet security best practices from the Global 1000

May 12, 2015, Jim Reavis, CEO at the Cloud Security Alliance & Dan Druker, CMO at Zscaler

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have t...

Platform as a Service: Build Cloud Applications Rapidly and Reliably

Platform as a Service: Build Cloud Applications Rapidly and Reliably

March 19, 2015, Jonathan Sage, IBM; Mike Edwards, IBM; Achille Pinson, PrepMyFuture.com

CloudWATCH webinars aim to evangelise the merits of cloud services to SMEs and governments. This particular session on building cloud applications will explain Platform as a Service. Cloud technolo...

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

February 17, 2015, Peter Wood (moderator); Prof. John Walker, James Brown (Alert Logic), Bernd Jaeger (Cloud Security Alliance)

Join this exciting panel session with some of the industry's leading thought leaders including: Peter Wood, CEO, First Base Technologies Prof. John Walker, Researcher, Writer & Speaker, Cyber-Vaul...

Cloud CISC Virtual Summit

Cloud CISC Virtual Summit

February 5, 2015, Paul Kurtz, Dave Cullinane

The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharin...

An Approach to Cloud Services Risk Management for Today’s Enterprises

An Approach to Cloud Services Risk Management for Today’s Enterprises

February 4, 2015, Deepayan Chanda, Wesley Cheng, Security Solutions Architects, Advanced Services, Cisco Systems

This session provides a methodology and a Business Risk Framework for assessing the risk of an ever-increasing number of cloud services. It builds upon the Cloud Security Alliance Cloud Controls ...

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

February 4, 2015, Derick Fogt, IT Risk Management, Cisco Systems

A great many enterprises leverage the Cloud Security Alliance Cloud Controls Matrix as a primary component for identifying cloud service provider risks. What’s also needed is a way to measure the...

Service Management: What Standards Can Do For Business – The Example of FitSM

Service Management: What Standards Can Do For Business – The Example of FitSM

January 29, 2015, Dr. Thomas Schaaf, Dr. Michael Brenner, Owen Appleton, Sy Holsinger

To meet customer needs and provide valuable services, it is important to maintain a high quality of service, which in itself requires a well-structured approach to IT Service Management (ITSM). Exi...

IoT Security Challenges for Early Adopters

IoT Security Challenges for Early Adopters

December 4, 2014, Brian Russell, Chief Engineer CyberSecurity Solutions at Leidos

The Internet of Things (IoT) offers enhanced technology capabilities in diverse industries. In the health care setting, IoT will bring new connected medical devices that support near real-time mon...

Monitoring in a Cloud Environment

Monitoring in a Cloud Environment

November 26, 2014, Eliot Salant, Dario Bruneo, Avi Miron - Cloud Wave; Kyriakos Kritikos - PaaSage; Michel Drescher - EGI, CloudWatch

Monitoring resource consumption in a Cloud environment is becoming an increasingly important research topic in order to provide optimal management of both the underlying Cloud infrastructure and ex...

Reducing Risk in the Cloud with the CCM

Reducing Risk in the Cloud with the CCM

October 15, 2014, John Yeoh, Sr. Research Analyst, CSA; Sean Cordero, Co-Chair, CSA CCM Working Group

Cloud computing promises to deliver efficiencies through reduced time to market and greater agility for organizations. While the impact of cloud computing is profound, many organizations remain he...

The Role of Certification and Standards for Trusted Cloud Solutions

The Role of Certification and Standards for Trusted Cloud Solutions

October 2, 2014, Daniele Catteddu, CSA; Dr. Michaela Iorga, NIST; Marnix Dekkar, ENISA; Claudio Belloli, GSA

Security and privacy certifications have been identified as one of the most effective means to increase the level of trust in cloud services and stimulate their adoption. Based on this assumption, ...

New Opportunities for Data Privacy and Data Protection Harmonization

New Opportunities for Data Privacy and Data Protection Harmonization

September 24, 2014, Evelyn De Souza, Cisco; Dan Blum, Respect Network; Mary Beth Borgwing, Advisen

This week the CSA and Cisco announced the results of a comprehensive survey of cloud security professionals on data privacy considerations. The survey responses highlight a growing and strong int...

Big, Open, and Properly Protected Data?

Big, Open, and Properly Protected Data?

September 24, 2014, Mariusz Jarzebowski, demosEUROPA; Ratko Mutavdzic, PROJEKTURA; DR. Gwendal Le Grand, CNIL; Patrice Chazerand, DIGITALEUROPE

Big data keeps making the headlines. Open data is high on governments’ agenda. This CloudWATCH webinar will hear contributors to the research paper ‘’Big & Open Data in Europe: A growth engine or a...

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

September 23, 2014, Ilia Tivin- CISSP, CCSK- Senior SIEM consultant and Hiroshi Masuda- HP APJ TSC ITAS(Security) Lead

Cloudbytes is a Webinar/Webcast for the APAC region which would be held monthly for all the CSA chapter members. The CloudBytes program will look to bring the most important topics to the forefront...

Multi-tenancy in Federated Clouds

Multi-tenancy in Federated Clouds

August 28, 2014, Michel Drescher, European Grid Infrastructure; Jesus Luna, CSA; Ian Osborne, Knowledge Transfer Network; Colin Wallis, NZ Gov

However popular multi-tenancy has become in cloud computing, this concept still sounds a bit like a mystery. This CloudWATCH webinar will provide you with a chance to get a crystal-clear take of th...

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

July 24, 2014, John Howie, Cloud Security Alliance; Doug Meier, Pandora; Krishna Narayanaswamy, Netskope

The Cloud Security Alliance’s Cloud Controls Matrix is a rich source of cloud security best practices designed as a framework to provide fundamental security principles to cloud vendors and cloud c...

Legal Issues for Cloud Computing

Legal Issues for Cloud Computing

July 15, 2014, Paolo Balboni, ICT Legal Consulting; Lucio Scudiero, ICT Legal Consulting

Cloud Computing Users increasingly attempt to negotiate contract terms for cloud computing services, in order to make them more suitable for their specific needs. However, despite the efforts they...

2 Minutes on BrightTALK: What are your weak points?

2 Minutes on BrightTALK: What are your weak points?

May 16, 2014, Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance

Hear what Daniele Catteddu recommends to strengthen your IT security posture - from risk assessments to mobile and cloud computing.