CSA Webinars

Webinars by Subject Matter Experts

Previous Recordings

Previous Recordings

Journey to Cloud Adoption

Journey to Cloud Adoption

November 25, 2020, Ou PHANNARITH, Mok KHEMERA, Dr. Hing-Yan LEE , Nipaul LONG

Panel Discussion Moderator: ​Ou PHANNARITH (Director of ICT Security, MPTC, Cambodia) Panelists : ​Mok KHEMERA (Director of E-Government) Dr. Hing-Yan LEE (EVP, CSA APAC) ​ Nipaul LONG (CTO, Pla...

Securing the Cloud via CCSK

Securing the Cloud via CCSK

November 25, 2020, Ekta MISHRA (APAC Membership Director & Country Manager - India)

Securing the Cloud via CCSK

Cloud Security 101

Cloud Security 101

November 25, 2020, Sarbojit M BOSE (Education Director, CSA Singapore Chapter & CCSK Instructor)

Cloud Security 101

ICT Development in Cambodia

ICT Development in Cambodia

November 25, 2020, ​Mok KHEMERA (Director of E-Government, Ministry of Post and Telecommunications, Cambodia)

ICT Development in Cambodia

Towards a Secure Cloud Ecosystem in Cambodia

Towards a Secure Cloud Ecosystem in Cambodia

November 25, 2020, Dr. Hing-Yan LEE (EVP APAC, CSA )

Towards a Secure Cloud Ecosystem in Cambodia

Welcome Remarks & Opening Keynote

Welcome Remarks & Opening Keynote

November 25, 2020, ​Ou PHANNARITH & Dr. Sang SINAWONG

Welcome Remarks ​Ou PHANNARITH (Director of ICT Security, Ministry of Post and Telecommunications (MPTC), Cambodia) ​ Opening Keynote Dr. Sang SINAWONG (Under Secretary of State, MPTC, Cambodia)

Top Cloud Attack Paths You Should Worry About

Top Cloud Attack Paths You Should Worry About

November 24, 2020, Brandon Traffanstedt, Global Director - Solutions Engineering, ‎CyberArk

Security pros detail the common ways bad actors attack your cloud environments As organizations just like yours transition to cloud environments, so do the cyber criminals. An inherent lack of vis...

Using KPIs To Build Confidence in Your Cloud Security & Compliance Posture

Using KPIs To Build Confidence in Your Cloud Security & Compliance Posture

November 19, 2020, Nikhil Girdhar, Product Line Marketing Manager & Shrivatsa Upadhye, Sr Technical Marketing Architect, CloudHealth by VMware

How confident are you that your developers are avoiding the mistakes in public cloud usage that can lead to critical security risks? Most security breaches in the cloud are the result of simple co...

SSO is essential for workforce productivity but is it secure enough?

SSO is essential for workforce productivity but is it secure enough?

November 18, 2020, Madhur Bhargava, Product Marketing, Entrust

Digital transformation has introduced multiple applications, collaboration tools and file sharing services for the workforce. Agreed these apps are for the cloud, but enterprises do have legacy inf...

Today’s Threat Landscape

Today’s Threat Landscape

November 17, 2020, Jeremy Ventura, Sr. Security Engineer, Mimecast

Now more than ever, it’s important for organizations to gain visibility into email and brand reputation threats. While the concept of email hasn’t changed in 20+ years – the tactics, techniques an...

The Impact of Trickbot and How It Affects State Infrastructure

The Impact of Trickbot and How It Affects State Infrastructure

November 12, 2020, Alexander Heid, Chief Research & Development Officer, SecurityScorecard

In a recent report by SecurityScorecard titled “State of the States’ Cybersecurity”, it was uncovered that thirteen states are infected with the Russian “TrickBot” malware that was feared to have c...

Best Practices in Selecting Cloud Services

Best Practices in Selecting Cloud Services

November 11, 2020, Johanna MORTEL, Gonz GONZALES, Reggie TAMAYO, Johnny SY, Leonardo SACAMOS

The pandemic accelerated the digital transformation initiatives of many organizations in the Philippines. Local companies jumped to the cloud with survival response as the prime consideration. Jo...

Cloud Security Against the Top Threats in Cloud

Cloud Security Against the Top Threats in Cloud

November 11, 2020, Ricson Singson QUE, Carlos TENGKIAT, Paula Nones-RAMOS, Mark MISTAL

The pandemic has accelerated the digital transformation initiatives of many organizations in the Philippines. Local companies jumped to the cloud with survival response as the prime consideration....

Securing the Big Shift to the Cloud

Securing the Big Shift to the Cloud

November 11, 2020, Isa OJEDA, Vice President - Compliance Risk Management Officer, Multinational Bank

The debate on Cloud adoption is over. The pandemic has accelerated the migration of Philippine local enterprises to the cloud. The current table discussions during business meetings is how to mov...

Navigating Troubled Waters

Navigating Troubled Waters

November 11, 2020, Ryan TY, Dr. Hing-Yan LEE, Timothy GRANCE

Introduction - Ryan TY (Chairman, CSA Philippines Chapter) Welcome Remarks - Dr. Hing-Yan LEE (EVP, CSA APAC) Opening Keynote - Timothy GRANCE (Senior Computer Scientist, NIST) In this presentati...

The SOC of the Future - E pluribus unum

The SOC of the Future - E pluribus unum

November 10, 2020, John Velisaris, Global Program Director - Services Threat Management, IBM Security

As security and IT teams support the disparate tools, resources and infrastructure required to enable organizations to securely innovate and expand services, they face the challenge of establishing...

Understanding the Third Party Risk Ecosystem

Understanding the Third Party Risk Ecosystem

November 9, 2020, John Finizio & John Burton of Whistic

Many stakeholders make up the third party Risk ecosystem: multiple organizations within the enterprise, software and service solution providers, industry associations, regulatory bodies, and the th...

Packets: Defending the Cloud with Network Detection & Response

Packets: Defending the Cloud with Network Detection & Response

November 5, 2020, Jeff Deininger, Principal Sales Engineer, ExtraHop

The playing field between attackers and defenders is not level, and it’s only becoming more unbalanced because of the complex, layered nature of attack surfaces in the cloud. Attackers can launch m...

CCAK: The industry's first global cloud auditing credential

CCAK: The industry's first global cloud auditing credential

November 5, 2020, Daniele Catteddu, Cloud Security Alliance. Shannon Donahue, ISACA. John Guckian. Moshe Ferber. Douglas Barbin.

Developed by CSA and ISACA to meet the unique demands of auditing cloud based environments, the Certificate of Cloud Auditing Knowledge (CCAK) is the first credential that industry professionals ca...

Zero Trust: The Key to your IAM Success

Zero Trust: The Key to your IAM Success

November 5, 2020, Richard Archdeacon, Advisory CISO, EMEA, Duo Security

Enterprise-ready cloud services and hybrid solutions have made it easier for users to complete their work wherever they are, but this flexibility expands the attack surface admins are expected to s...

The Impact of Fog Computing and Edge Computing on Cloud Security

The Impact of Fog Computing and Edge Computing on Cloud Security

November 5, 2020, Megha Kalsi, Cloud Security Senior Manager, Protiviti

Due to the rapid growth of IoT and mobile devices, both fog computing and edge computing technologies were hastily developed, which resulted in security and privacy related challenges that could im...

A How-To Guide: Navigating the Top 7 Trends in Third-Party Risk Management

A How-To Guide: Navigating the Top 7 Trends in Third-Party Risk Management

November 5, 2020, Scott Bridgen, GRC Consulting Director, OneTrust

The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is...

Cloud Control Matrix V4

Cloud Control Matrix V4

November 5, 2020, Daniele Catteddu, Cloud Security Alliance; Sean Cordero, Netskope and Shawn Harris, Starbucks

Since its debut in 2013, the Cloud Control Matrix (CCM) v3.0.1 has been greatly successful and received wide adoption around the globe. Nevertheless, as new technologies emerge and the cloud certif...

What You Need to Know About Credential Stuffing Attacks

What You Need to Know About Credential Stuffing Attacks

November 4, 2020, Jamie Hughes, Senior Solutions Engineer, Auth0

As a central authentication service that processes billions of logins a month, credential stuffing attacks are the most common threats we observe. These attacks can lead to fraud, loss of reputatio...

A Referenced Architecture to Modernize Your Approach to Cloud

A Referenced Architecture to Modernize Your Approach to Cloud

November 4, 2020, John Yeoh, Global Vice President of Research, Cloud Security Alliance

Awaken your approach to cloud with a reference architecture that modernizes your enterprise. John covers the foundational components of the CSA Enterprise Architecture and shares how it is used to ...

Unveiling the Wonder of Automated Vulnerability Management in the Cloud

Unveiling the Wonder of Automated Vulnerability Management in the Cloud

November 4, 2020, Eric Zielinski, Director of Security Operations, Veeva Systems

As more workloads move to the cloud, it is critical to secure those workloads against known vulnerabilities. The benefits of the cloud allow for agility, speed and innovation, but the cloud also c...

STAR Future Roadmap

STAR Future Roadmap

November 4, 2020, John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance

The CSA has recently celebrated the 1000 entries into the STAR Registry. This was confirmation of the value and relevance of the STAR program in the cloud community. The STAR Program has evolved...

Shared Responsibility: Someone Else’s Problem

Shared Responsibility: Someone Else’s Problem

November 4, 2020, Ashley Ward, Cloud CTO, Palo Alto Networks

When talking about cloud it’s easy to fallback to that old joke that cloud is just someone else’s computer. Unfortunately it’s also easy to see it as Someone Else’s Problem (SEP). Ford Prefect, fro...

Get Quantum Safe

Get Quantum Safe

November 4, 2020, Roger Grimes,Data-driven Defence Evangelist,KnowBe4 Inc. Bruno Huttner,Business Development & Product Management,ID Quantique

Introduction to CSA's Quantum Safe Security Working Group and its goals and objectives. Quantum computers continue to strengthen and soon will be able to break traditional forms of asymmetric encry...

Using OPA for Continuous Compliance with Cloud Infrastructure Policy-as-Code

Using OPA for Continuous Compliance with Cloud Infrastructure Policy-as-Code

November 3, 2020, Josh Stella, Co-founder and CTO, Fugue

Cloud security is a software engineering problem, not a security analysis one. The engineers that build and maintain cloud infrastructure need policy-as-code tools to ensure cloud security and comp...

Cloud Security post Covid-19, Where to Go Next

Cloud Security post Covid-19, Where to Go Next

November 3, 2020, Carlo Gebhardt, Managing Director, Accenture Security

Over recent years, security and compliance have been some of the top considerations when moving to the cloud. However, as Covid-19 has served as a transformation accelerator in many aspects of our ...

GAIA-X: Current Status and Outlook – What to Expect and How to Engage

GAIA-X: Current Status and Outlook – What to Expect and How to Engage

November 3, 2020, Andreas Weiss, Head of Digital Business Models, eco Association of the Internet Industry

The key objectives of GAIA-X, Community Engagement and participation via the GAIA-X Association. European Data Infrastructure as part of NextGenerationEU - based on GAIA-X.

The Correlation Between Security Ratings and Breach Likelihood

The Correlation Between Security Ratings and Breach Likelihood

November 3, 2020, Matthew Mckenna, VP, International Operations, Security Scorecard

What is the value of security ratings when it comes to predicting breaches? What are the indicators that breached companies are showing that non-breached companies don’t express? This session will...

CSA’s Perspective on Cloud Risk Management

CSA’s Perspective on Cloud Risk Management

November 3, 2020, Daniele Catteddu, CTO, Cloud Security Alliance. Vince Campitelli, Enterprise Security Specialist, Cloud Security Alliance

This session is designed to introduce the publication of CSA’s unique insights into the challenges of mastering the widespread adoption of cloud technologies. More importantly, CSA will help member...

Automating SAML Security Tests

Automating SAML Security Tests

October 29, 2020, Ty Anderson, Application Security Researcher - Product Security Team, Adobe

Single Sign-On (SSO) applications are becoming increasingly prevalent in organizations today. While there are many different SSO configuration types, Security Assertion Markup Language (SAML) is on...

The Shift to Cloud-Based, Intelligent Ecosystems

The Shift to Cloud-Based, Intelligent Ecosystems

October 28, 2020, Paul Kurtz, Bob Gourley, Chase Cunningham,& John Yeoh (moderator)

In a document titled “Cloud-Based, Intelligent Ecosystems” CSA proposes a call to action for security executives to break the endless cycle of iterative tool adoption and, instead, move to data-cen...

Reducing Security Review Friction

Reducing Security Review Friction

October 28, 2020, Duane Newman, VP of Product & Tom Rhoton, VP of Marketing at Whistic

Security reviews are a part of nearly every sales cycle, and a frequent cause of business friction. In this webinar we’ll discuss common causes of this friction, and give practical insight into how...

STAR 1000 - The reason behind the STAR Program success story

STAR 1000 - The reason behind the STAR Program success story

October 27, 2020, Daniele Catteddu, CSA and John DiMaria, CSA

The cloud has come to dominate the technology landscape and revolutionize the market, creating a tectonic shift in accepted practice contributing to a massive advancement in technology. With an inc...

Public Cloud Database Security: Using Others’ Mistakes to Stop Attacks

Public Cloud Database Security: Using Others’ Mistakes to Stop Attacks

October 22, 2020, Aaron C. Newman Founder, SecureCloudDB

Hacks and breaches occur regularly. It can take months to find and contain an incident. According to Gartner, 99% of cloud security failures will be the cloud customer’s fault. Why is that? Join...

The Current & Future of Cloud Security Strategy

The Current & Future of Cloud Security Strategy

October 22, 2020, Ken Low, Subhajit Deb, Alex Ng, Noordin Yusuff Marican

Join fellow CISOs for this panel discussion about Cloud Security strategy in 2020 and beyond. Where should you place your bets (and your budget)? How can you protect your organization from the new...

Watching the STARs

Watching the STARs

October 22, 2020, Sanjeev Gupta, Director, Certification Partners Global

We review what Certification means, in the most important criterion for a business, sales. How does a Certification Program achieve this? And what are the costs, not just direct. How should an O...

Coronavirus, Computer Virus, Cyber Threats: A False Sense of Security

Coronavirus, Computer Virus, Cyber Threats: A False Sense of Security

October 22, 2020, Ekta Mishra, APAC Membership Director & Country Manager - India & Dr. Ngair Teow-Hin, CEO, SecureAge Technology

With most office workers working from home due to Coronavirus pandemic, computer virus attacks on home computers are now a major issue facing the world. In this talk, we discuss the history of comp...

The Rise and Importance of Digital Identity

The Rise and Importance of Digital Identity

October 21, 2020, Chris Bailey, VP of Strategy and Business Development, Entrust

One of the factors that drives innovation is the demand for convenience and efficiency while maintaining security in our digital lives. Certification authorities (CAs) enable secure encryption and ...

There is no more enterprise perimeter.  Now What?

There is no more enterprise perimeter. Now What?

October 21, 2020, Bob Flores, Satyavathi Divadari, Sandip Kumar Panda & Keith Prabhu.

With more and more emphasis on cloud computing, the traditional enterprise perimeter is being redefined. This means enterprises must think differently when considering cybersecurity protection. T...

Zero Trust and Identity as a Service

Zero Trust and Identity as a Service

October 21, 2020, Nya Alison Murray, CEO, Trac-Car Technology

As the threat landscape and cybersecurity risks are an ever present threat in 2020, it is clear that measures have to be taken to be more mindful of what end users, people, applications and IOT dev...

SDP & 'Black-Cloud' Protection

SDP & 'Black-Cloud' Protection

October 21, 2020, Juanita Koipillai, Founder & CEO, Waverley Labs

Security has become of paramount importance in recent times, especially due to the advent of cloud computing and virtualization. With so many devices in the mix, users have the choice of working fr...

SASE Economics: The New Frontier of Cloud Security

SASE Economics: The New Frontier of Cloud Security

October 21, 2020, Dr. Hing-Yan Lee EVP APAC, CSA & Jonathan Andresen, Senior Director Marketing, Asia-Pacific & Japan Bitglass

Secure Access Service Edge (SASE) has become one of the hottest topics in the IT industry. Fueled by cloud services, the rise of BYOD and fast tracked by the new reality of remote working, direct-t...

Collaborating for Inclusion & Equality in Cybersecurity

Collaborating for Inclusion & Equality in Cybersecurity

October 20, 2020, Larry Whiteside, Jr., Co-Founder & President ICMCP and Illena Armstrong, Industry Strategy Advisor, CSA

Diversity, inclusion and equality strategies and practices have always been integral to organizations’ daily operations and future growth. The need for executive leaders to genuinely embrace, evolv...

A Practical Guide to Securing Container, Docker Host, and Kubernetes Environment

A Practical Guide to Securing Container, Docker Host, and Kubernetes Environment

October 20, 2020, Carson Sweet, CEO and Cofounder & Bryan Jones, Solutions Architect, CloudPassage

As organizations implement container-based and microservice architectures in the cloud, the number of containers to secure is growing exponentially. Traditional security approaches will not work fo...

International Data Transfer

International Data Transfer

October 20, 2020, Neil Thacker, Netskope; Nathaly Rey, Google; Marc Lueck, Zscaler; Giuseppe Brizio, Qualys; Nick Gross, OneTrust; Linda Strick

Join this panel discussion with experts from the CSA GDPR Center of Excellence. What does the ruling of the European Court of Justice on the Privacy Shield mean in practice? What are the realistic ...

Modeling Against the Top Threats in Cloud

Modeling Against the Top Threats in Cloud

October 20, 2020, John Yeoh, Global Vice President of Research, CSA

Since 2010, the CSA Top Threats report has revealed major security concerns in cloud computing from top industry professionals. John shares how the report can be used to protect against the latest ...

Disrupting yourself and your Adversaries in the cloud

Disrupting yourself and your Adversaries in the cloud

October 20, 2020, Mickey Perre, Security Specialist, Elastic

As organisations lift and shift workloads into the cloud they are required to not only protect themselves from external threats but also from internal disruptions such as multi cloud deployment spr...

Why AI Needs Cyber Security Urgently?

Why AI Needs Cyber Security Urgently?

October 20, 2020, Jim Reavis, Co-Founder & CEO, CSA & Prof. Yu Chien Siang, Chief Innovation & Trust Officer, Amaris AI

Traditionally, cyber security systems have been adding AI capabilities to detect unknown malware, zero day attacks and to analyse logs to detect abnormalities to discover frauds, insider attacks an...

Identifying Risky Vendors: 7 Warning Signs You Shouldn't Ignore

Identifying Risky Vendors: 7 Warning Signs You Shouldn't Ignore

October 15, 2020, Walton Stephens, Third-Party Risk Consultant, OneTrust

For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward. Third-pa...

Passwordless and cloud-based identity for the new era of work

Passwordless and cloud-based identity for the new era of work

October 14, 2020, Jenn Markey - Product Marketing Director, Entrust

Where and how we work are forever changed. In a recent Entrust customer survey, 84% of respondents expect the recent shift to a sizeable remote workforce to be permanent. As perimeter-based securit...

Reinventing Data Security for the Remote Workforce in A “Cloud First” World

Reinventing Data Security for the Remote Workforce in A “Cloud First” World

October 13, 2020, Sundaram Lakshmanan, CTO, CipherCloud & Matt Hines, VP and Evangelist, CipherCloud

If the overnight expansion of the remote workforce has taught us one lesson, it is that improving data protection for cloud apps has become the primary challenge facing today’s security practitione...

What You Need to Know About Credential Stuffing Attacks

What You Need to Know About Credential Stuffing Attacks

October 8, 2020, Andrew Akers, Solutions Product Marketing Manager, Auth0

As a central authentication service that processes billions of logins a month, credential stuffing attacks are the most common threats we observe. These attacks can lead to fraud, loss of reputatio...

Securing IAM: The New Cloud Perimeter is Broken

Securing IAM: The New Cloud Perimeter is Broken

October 6, 2020, Matt Chiodi, Chief Security Officer of Public Cloud, Palo Alto Networks

Historically, defense in depth was mostly performed through network-layer controls. While network security controls remain an important component of cloud security, an additional layer of identity ...

Exposed in the Cloud: Agility Comes With Risk

Exposed in the Cloud: Agility Comes With Risk

October 1, 2020, Jim Wachhaus, Director of Technical Product Marketing, CyCognito

According to Gartner, spending on shadow IT can exceed 40% of the formal IT spend. That’s probably not too surprising for those of us leveraging the cloud to move quickly. But it means that enterpr...

SECtember Experience Wrap-Up: Guiding your Race to the Cloud

SECtember Experience Wrap-Up: Guiding your Race to the Cloud

September 30, 2020, Jim Reavis, CEO, Cloud Security Alliance

In this session, Jim will take a look back at the critical topics covered throughout this month-long SECtember Experience and highlight key takeaways that can help guide you on your race to the clo...

Panel: Pandemic & Beyond: Migrating to Cloud Securely

Panel: Pandemic & Beyond: Migrating to Cloud Securely

September 29, 2020, Jim Reavis, Pete Chronis, Tima Soni, Patti Titus, Vinay Patel

In this panel, our group of CISOs will be discussing the central cloud security issues currently being faced. Is the pandemic accelerating the push to the cloud? What are the governance, technical...

Building a Great Security Culture

Building a Great Security Culture

September 29, 2020, Isaac Painter, Security Training, Awareness, and Culture Manager, Adobe

Addressing technology risk is a no-brainer, but when it comes to addressing human-security risk, it’s not always top of mind for companies – but it should be! Studies show that over 50% of cyber se...

The Blind Spot in Object Storage

The Blind Spot in Object Storage

September 25, 2020, Ed Casmer,CTO, Cloud Storage Security

Amazon S3 is one of the most successful services provided by AWS. AWS has unlimited emphasis, ensuring your data is safe. Customers and AWS leverage many native features and security frameworks, in...

It’s Been Ten Years. Why has nothing changed?

It’s Been Ten Years. Why has nothing changed?

September 25, 2020, Peter Karlson, Jim Reavis, Candy Alexander,

Join us for a candid discussion on why we continue to see a shortage of skilled Cyber professional and how it is fast becoming one of the least understood problems faced by businesses and the profe...

Are you Prepared for the Changing Cybersecurity Threat Landscape?

Are you Prepared for the Changing Cybersecurity Threat Landscape?

September 25, 2020, Moderator: Satyavathi Divadri | Panelists : Sridhar GOVARDHAN, Sunil DAVID, Vikas YADAV

Panel Discussion

CSA STAR– New Paradigm for Measuring Security, Privacy and Governance in cloud

CSA STAR– New Paradigm for Measuring Security, Privacy and Governance in cloud

September 25, 2020, John DIMARIA, Assurance Investigatory Fellow, CSA

When a paradigm shifts, you cannot ignore change and count on past success. New technology can revolutionize a market, creating a tectonic shift in accepted practice. The advent of the Cloud to dat...

Software Eats Security:  Zero Trust Software Defined Perimeter

Software Eats Security: Zero Trust Software Defined Perimeter

September 25, 2020, Ekta MISHRA, APAC Membership Director & Country Manager - India | Keith PRABHU, Chairman, CSA Mumbai Chapter

Software is eating the world and information security is no different. The network perimeter no longer exists. Traditional IP based security can be blind-sided to evolving attacks. Software based p...

Building a World-Class Security Program

Building a World-Class Security Program

September 24, 2020, James Christiansen, Vice President of Cloud Security Transformation, Netskope

There is no "playbook" for today's information security officer to becoming a successful leader. With thousands of security technologies, millions of threat actors, and new attack vectors to defend...

Deep Fakes, Disinformation and Social Engineering

Deep Fakes, Disinformation and Social Engineering

September 24, 2020, Etay Maor, Chief Security Officer, IntSights

In information security, we always talk about PPT – People, Processes, and Technology. We tend to focus mostly on the tech: new sophisticated malware, surprising zero-day vulnerabilities, and advan...

Impact of COVID-19 on Cloud Adoption & Security

Impact of COVID-19 on Cloud Adoption & Security

September 24, 2020, Moderator: Vandana VERMA | Panelists: Satyavathi DIVADRI, Dr. Eiji SASAHARA , Dr. Hing-Yan LEE

Panel Discussion

CCM Addendum - Mapping of ABS Cloud Computing Implementation Guide 2.0 to CCM

CCM Addendum - Mapping of ABS Cloud Computing Implementation Guide 2.0 to CCM

September 24, 2020, Arun VIVEK, Head of Cloud & Container Security – Cyber Security Services, Standard Chartered Bank

The financial services industry is one of the most critical sectors in any market, and financial institutions (FIs) face myriad regulations. In the case of Singapore FIs, for example, the Banking A...

Blockchain Use Cases & their Documentation

Blockchain Use Cases & their Documentation

September 24, 2020, Dr. Hing-Yan LEE, EVP, CSA APAC | Ashish MEHTA, Co -chair, CSA Blockchain WG

This presentation will showcase the optimum way to document & identify a use case and whether deployment in the blockchain makes sense or not. Also,it will be sharing some of the use cases which th...

Security Automation:  Principles, Opportunities, Risks, and Examples

Security Automation: Principles, Opportunities, Risks, and Examples

September 23, 2020, Mike Mellor, Senior Director of Information Security, Adobe

One of the fundamental principles of any security program is a focus on reducing the “timeline to compromise” for security issues. Not only are attacks getting more and more sophisticated, but they...

Harmonizing Serverless Security - Principles, Patterns and Controls

Harmonizing Serverless Security - Principles, Patterns and Controls

September 23, 2020, Madhav Chablani, Chairman, CSA NCR Chapter

Serverless architecture aims at changing the economic model of cloud computing, with the hope of introducing efficiency and cost savings. Serverless computing means that there are no servers to man...

Security Implementation Acceleration in the Fast Lane of Digital Transformation

Security Implementation Acceleration in the Fast Lane of Digital Transformation

September 23, 2020, Ramesh Narayanaswamy, CTO, Aditya Birla Capital

Significant acceleration in digital transformation implementation in the last four months , along with regulatory changes has created a need to change some of the data / cyber security strategies ....

Cloud Security Alliance Resources & Trends

Cloud Security Alliance Resources & Trends

September 23, 2020, Jim Reavis, CEO, CSA

Welcome Message & Opening Keynote

In the Trenches of Cloud Governance Battles

In the Trenches of Cloud Governance Battles

September 21, 2020, Jim de Haas

When a large organization adopts cloud computing, it goes through several learning curves. Especially when during this journey, a transformation towards a DevOps way of working is implemented. It g...

How to Prepare for an Audit Against the CSA STAR Standard

How to Prepare for an Audit Against the CSA STAR Standard

September 18, 2020, Walt Williams, CISO, Monotype & John DiMaria, CSA

The CSA STAR allows for both an attestation under a SOC 2 audit or certification under ISO 27001. While most organizations self attest to the CSA Star, this presentation will discuss how to prepare...

Vendor Risk Assessment: Secrets for Procuring Secure Cloud Services

Vendor Risk Assessment: Secrets for Procuring Secure Cloud Services

September 17, 2020, Jerry Cochran, Nick Sorenson, Gary Gooden, Walton Stephens, Steve Quane

In this panel, our experts will share lessons learned and best practices for securing cloud services. From proactive risk assessments within the procurement process to architectural considerations ...

“The More You Know” About Securing E-Learning

“The More You Know” About Securing E-Learning

September 17, 2020, Amanda Rogerson, Product Marketing Manager & Leya Leydiker, Technology Partnerships Manager, Duo

Securing a good education for students has always been a top priority, but information security isn’t the first consideration to come to mind for most parents and educators. However, the move to eL...

XDR: Myth or Reality

XDR: Myth or Reality

September 16, 2020, Sumedh Thakar, President and Chief Product Officer, Qualys

In this session, Sumedh will discuss XDR a term that’s been trending in the security industry of late. Is this just a buzz word, or is there something real behind its rapid rise in popularity? He w...

Risk Appetite & the Alignment of Cybersecurity w/ Business Agility.

Risk Appetite & the Alignment of Cybersecurity w/ Business Agility.

September 15, 2020, Andy Kirkland, CISO, Starbucks

Risk Appetite and the Alignment of Cybersecurity with Business Agility. Are You Hungry? Most organizations would like you to believe they are agile. In 2020, they get to prove it. Everything has c...

Open Security – From Patchwork to Platform Abstract

Open Security – From Patchwork to Platform Abstract

September 15, 2020, Patrick Vowles, NA Marketing Team Lead, IBM Security

As organization adopt new technologies and utilize the cloud for business innovation and growth, security teams are challenged with ensuring that those initiatives and missions are successful. To d...

Maturing Your Cloud Security

Maturing Your Cloud Security

September 14, 2020, Mike Rothman, President, Securosis

In this session, Mike will go through the Cloud Security Maturity Model, developed in partnership between Securosis and IANS, to provide perspective on your cloud security journey. The session will...

Software Defined Perimeter, Microsegmentation & Zero Trust

Software Defined Perimeter, Microsegmentation & Zero Trust

September 11, 2020, Juanita Koilpillai, Founder and CEO, Waverly Labs

Security has become of paramount importance in recent times, especially due to the advent of cloud computing and virtualization. With so many devices in the mix, users have the choice of working fr...

Talking to the Board About the New Realities of IT Security

Talking to the Board About the New Realities of IT Security

September 10, 2020, Jeff Costlow, Deputy CISO, Extrahop

With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption o...

How to Build a Security Training Program that Creates More than Awareness

How to Build a Security Training Program that Creates More than Awareness

September 10, 2020, Josh Douglas, VP of Threat Intelligence, Mimecast & Bryn Donovan, Product Marketing Manager, Mimecast

Best Practices for Security Awareness Training It’s everyone’s responsibility within an organization, from the CEO down, to remain aware of threats used to attack the business and personal informa...

Aftermath of Pandemic Lockdown Cloud Adoption – Curse or Boon

Aftermath of Pandemic Lockdown Cloud Adoption – Curse or Boon

September 9, 2020, Moderator: Dr. Hing-Yan LEE | Panelists: Onn Chee WONG, Philip VICTOR, Dr. Sudsanguan NGAMSURIYAROJ

Panel Discussion

Cloud Adoption in ASEAN & Challenges

Cloud Adoption in ASEAN & Challenges

September 9, 2020, Moderator : Dr. Santipat ARUNTHARI | Panelists: OU Pannarith, Philip HUNG, Tze Meng TAN, Dr. Nantawan WONGKACHONKITTI

Panel Discussion

CIO's Perspective on HPC Cloud

CIO's Perspective on HPC Cloud

September 9, 2020, Dr. Hing-Yan LEE, EVP, CSA APAC | Dr. Putchong UTHAYOPAS, Vice President for Digital Technology, Kasetsart University

HPC and AI, or shortly HPCAI, become increasingly important for both academics and industry. Many emerging types of research in biomedical, genomics, material science and nanotechnology, environmen...

Securing the Work-From-Cloud Lifecycle

Securing the Work-From-Cloud Lifecycle

September 8, 2020, Jerry Archer, CISO, Sallie Mae

In recent months, the COVID pandemic has forced employers to move to a work-from-home model much faster than expected. Many critical business employees are now virtual and may not be coming back to...

Mitigating Misconfiguration Risk Across Public Cloud & Kubernetes Infrastructure

Mitigating Misconfiguration Risk Across Public Cloud & Kubernetes Infrastructure

September 8, 2020, Shemer Schwarz, Sr Director-Product Management, VMware & Patrick Loring, Cloud Security Strategist, VMware

Self-service access, richer service capabilities, auto-scaling workloads, and API-based usage and configurations. These are just a handful of the capabilities that make public cloud and Kubernetes-...

Impact of COVID-19 on Cloud Adoption in ASEAN

Impact of COVID-19 on Cloud Adoption in ASEAN

September 8, 2020, Moderator: K. Kumpol SONATARAT | Panelists: Ryan TY, Faisal YAHYA, FONG Choon Fook, Prof. Alex SIOW

Panel Discussion

Reflective Security & DevSecOps

Reflective Security & DevSecOps

September 8, 2020, Ronald TSE , Co-Chair, CSA DevSecOps Working Group

Businesses are now requiring a stronger collaboration between the development, security and operational functions. This addition of security creates DevSecOps. In the past, the security needs were ...

Making Cognitive Wellbeing a Reality

Making Cognitive Wellbeing a Reality

September 8, 2020, Dr. Sak SEGKHOONTHOD, Chairman CSA Thailand Chapter | Dr. Giovanni RUSELLO, Professor, University of Auckland

Opening Keynote - Making Cognitive Wellbeing a Reality Notifications on our devices and self-interruptions redirect our attention thousands of times every day. Multitasking is correlated with worse...

Hybrid Clouds - Challenges

Hybrid Clouds - Challenges

September 7, 2020, Narudom ROONGSIRIWONG, Head, IT Security, Kiatnakin Public Bank

As businesses are developing rapidly, many cloud consumers find that a single public/private cloud or traditional on-premises data center is no longer able to meet service requirements. Organizatio...

FedRAMP - How Did we get here and where are we now?

FedRAMP - How Did we get here and where are we now?

September 7, 2020, Katie LEWIN, Federal Director, CSA

Brief overview of the history of the FedRAMP program including successfactors and lessons learned. Concentration on the improvements to the FedRAMP program that are designed to address to dominant...

Acceleration of Digital Transformation in a post COVID world

Acceleration of Digital Transformation in a post COVID world

September 7, 2020, David FAIRMAN, Netskope Chief Security Officer APAC

The recent pandemic has made organizations realize that digital transformation is imperative for their long-term viability. This has given rise to the acceleration of digital transformation which ...

Thailand after post COVID-19: The Essential Upskill/ Reskill on Cloud Security

Thailand after post COVID-19: The Essential Upskill/ Reskill on Cloud Security

September 7, 2020, Jim Reavis, CEO, CSA & Jakkanit Kananurak, Vice President, Digital Economy Promotion Agency

Thailand after post COVID-19: The Essential Upskill/ Reskill on Cloud Security

Accelerate and Optimize Your Third Party Risk Management Program

Accelerate and Optimize Your Third Party Risk Management Program

September 3, 2020, Drew Wilkinson, VP - Service Delivery & Customer Success, SecurityScorecard

Third-Party Risk Management has become a critical component of protecting and securing your organization. However, many companies still need to find a way to operate at scale in order to be efficie...

Securing Containers with NIST SP 800-190

Securing Containers with NIST SP 800-190

September 1, 2020, John Morello, VP | Aqsa Taylor, Product Manager | Paul Fox - Sr Product Manager R&D | Keith Mokris (moderator) - Prisma Cloud

NIST SP 800-190: The Container Security Guide is a special publication from The National Institute of Standards and Technology that outlines a set of guidelines for securing container applications ...

Zero Trust Access: From industry buzzword to a corporate reality

Zero Trust Access: From industry buzzword to a corporate reality

August 27, 2020, John Yeoh, VP of Research, CSA & Bryan Embrey, Sr. Product Marketing Manager, PulseSecure

Operationalizing industry buzzwords isn’t always possible. Sometimes these buzzwords are aspirational but the technology behind isn’t understood. In the case of Zero Trust, working with the right v...

Solving the 5 Key Challenges of Vendor Security Reviews

Solving the 5 Key Challenges of Vendor Security Reviews

August 26, 2020, Duane Newman, VP of Product, Whistic & Alec Fullmer, Product Manager, Whistic

Join Duane Newman, Whistic’s VP of Product, for a discussion about how to approach the five key challenges when conducting vendor security reviews. Discussion topics will include how to: - Automa...

Introducing Stringlifier – an Open Source String Detector

Introducing Stringlifier – an Open Source String Detector

August 25, 2020, Andrei Cotaie, Sr. Security Engineer|Tiberiu Boros, Data Scientist & ML Engineer|Kumar Vikramjeet, Security Engineer at Adobe

“1e32jnd9312”, “32189321-DEF3123-9898312”, “ADEFi382819312.” Do these strings seem familiar? They could be hashes, randomly generated passwords, API keys, or other useful information. They can be f...

Cloud Security in a Distributed World

Cloud Security in a Distributed World

August 20, 2020, Ashley Ward, CTO - Prisma Cloud, Palo Alto Networks

COVID-19 is driving the demand for cloud based remote access tools. However, while the majority of IT and Security leaders are now focused on remote access, an equally challenging issue looms: the ...

Security Automation Simplified with Open Security Controls Assessment Language

Security Automation Simplified with Open Security Controls Assessment Language

August 19, 2020, Dr. Michaela Iorga Senior Security Technical Lead for Cloud Computing National Institute of Standards and Technology (NIST)

Security Automation Simplified with Open Security Controls Assessment Language Aligning security risk management and compliance activities with the broader adoption of cloud technology and the expo...

Storm Clouds Ahead: Assessing AWS Environments

Storm Clouds Ahead: Assessing AWS Environments

August 18, 2020, Jon Ehret of RiskRecon | Trevor Hawthorn of Stratum Security | Jared Perry of Stratum Security

Achieving good third-party risk outcomes requires that your vendors operate secure cloud environments. Many security teams have assumed that if a third-party is using Amazon Web Services that they ...

Is that Anomaly an Enemy? Understanding the Importance of Security Analytics

Is that Anomaly an Enemy? Understanding the Importance of Security Analytics

August 13, 2020, Ted Kietzman, Product Manager, Duo Security

With the rise in identity-based attacks due to the very distributed and remote workforce of 2020, how can your organization identify whether or not it’s the actual user who is attempting the authen...

CSA's Executive Series - Advancing Cloud SIEM: A Hunter's Experience

CSA's Executive Series - Advancing Cloud SIEM: A Hunter's Experience

August 12, 2020, Gunter Ollman, CSO - Cloud and AI Security, Microsoft

Join Gunter Ollman, CSO - Cloud and AI Security, Microsoft in this webinar, where he will discuss how cloud SIEM is advancing, how this is changing the role of the threat hunter and SecOps teams, &...

Dark Web Demystified

Dark Web Demystified

August 6, 2020, Charity Wright, Cyber Threat Intelligence Advisor, IntSights

Come to the dark side! Charity Wright, a former NSA analyst and current Cyber Threat Intelligence Advisor at IntSights will take you on a tour of the dark web and explain how you can collect and an...

Tackling Security in the World of Containers and Hybrid Cloud

Tackling Security in the World of Containers and Hybrid Cloud

August 4, 2020, Lucy Kerner, Global Senior Principal Security Technical Evangelist, Red Hat

Security teams are increasingly finding it challenging to keep up with the changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as contain...

Helping Federal Customers Defend their Web Applications

Helping Federal Customers Defend their Web Applications

July 30, 2020, Brian Schwarz of Fortinet & Ranjit Kalidasan of AWS

Federal customers use web applications to deliver critical services and must secure those applications against an ever expanding and evolving threat landscape while complying with FedRAMP requireme...

Helping Educators Defend their Web Applications

Helping Educators Defend their Web Applications

July 29, 2020, Brian Schwarz of Fortinet & Ranjit Kalidasan of AWS

Educators today use web applications to deliver critical services to students, their families, their staff, and their communities, and you must secure those applications against an ever expanding a...

Helping State & Local Governments Defend Web Applications

Helping State & Local Governments Defend Web Applications

July 29, 2020, Brian Schwarz of Fortinet & Ranjit Kalidasan of AWS

State and local governments use web applications to deliver critical services for their constituents and must secure those applications against an ever expanding and evolving threat landscape. Wat...

Transitioning, Enhancing, and Innovating in the Cloud

Transitioning, Enhancing, and Innovating in the Cloud

July 29, 2020, John Yeoh, Global VP of Research, CSA

Wherever you are in your cloud journey, CSA research is available to help organizations transition to the cloud, enhance security in the cloud, and innovate from the cloud through their consensus-d...

Nefarious Uses of Cloud: A Case Study from Defending a Security Conference

Nefarious Uses of Cloud: A Case Study from Defending a Security Conference

July 29, 2020, Wong Onn Chee, CTO, Resolvo & Co-Chair, CSA APAC Research Advisory Council

As organisations increasingly move to the cloud, so do the attackers. Come and listen to Onn Chee on how the cloud was used to attack a security conference's websites on the cloud, the profile of t...

Visibility & Security Challenges Across Multicloud, Hybrid, & Remote Deployments

Visibility & Security Challenges Across Multicloud, Hybrid, & Remote Deployments

July 23, 2020, Fernando Montenegro, Principal Analyst, 451 Research & Dan Frey, Sr. Cloud Security Manager, ExtraHop

Migration to the cloud continues, now with even greater urgency as organizations around the world transition to remote workforces and shift operations off-premises. But cloud environments can expan...

The Resurgence of Cloud

The Resurgence of Cloud

July 22, 2020, David Cass, Vice President Cyber & IT Risk, Federal Reserve Bank of New York

Cloud has seen the typical technology pendulum swing experienced by most innovative technologies. Organizations started with the all in cloud first model only to have to later step back and take a ...

CSA STAR Town Hall – Everything you’ve wanted to know

CSA STAR Town Hall – Everything you’ve wanted to know

July 22, 2020, John Yeoh of CSA, JR of CSA, John DiMaria of CSA, and Brianna Hogan of Booz Allen Hamilton

CSA STAR is being recognized as the international harmonized solution, leading the way of trust for cloud providers, users, and their stakeholders, by providing an integrated cost-effective solutio...

Zero Trust: A Five Step Program

Zero Trust: A Five Step Program

July 21, 2020, Leya Leydiker and Ganesh Umapathy, Product Managers at Duo

If you’re eager to learn how you can elevate your Access Management journey, especially with the swift, mass pivot to remote work, don’t miss this webinar. The workforce to protect continues to exp...

Building a Successful Third Party Risk Management Program for a Modern World

Building a Successful Third Party Risk Management Program for a Modern World

July 16, 2020, Chad A. Peterson - Director, Security Operations at Optiv Security &Matthew Barth, Senior Sales Engineer at SecurityScorecard

The challenges that organizations are facing today are increasingly more complex than the past. A global health crisis, an unstable economy and changing dynamics of business risks and opportunities...

Update on FedRAMP with an Introduction with John Yeoh, Global VP of Research, CS

Update on FedRAMP with an Introduction with John Yeoh, Global VP of Research, CS

July 15, 2020, Zach Baldwin, Program Manager for Strategy, Innovation, and Technology, General Services Administration

Mr. Baldwin will define and discuss several new initiatives that FedRAMP is working on in response to feedback for their users including: Open Security Controls Assessment Language (OSCAL), Threat-...

Emerging Top Threats in Cloud Computing – What We Can Do About Them

Emerging Top Threats in Cloud Computing – What We Can Do About Them

July 15, 2020, Moderator : Jim LIM, Panelists: Raju CHELLAM | Nigel LIM | Steve NG

With cloud becoming the preferred IT infrastructure, understanding the emerging security threats is important. A recent CSA study showed that traditional cloud security issues (such as DDoS, share...

Cloud IAM is the New Perimeter, Learn How to Govern It or Lose Control

Cloud IAM is the New Perimeter, Learn How to Govern It or Lose Control

July 14, 2020, Tyler Smith, Sr Cloud Security Engineer, Allstate & Chris Hertz, VP of Sales - Cloud Solutions, DivvyCloud by Rapid7

Strong IAM governance is the key to preventing data breaches and limiting the blast radius should a security incident occur. Join Tyler Smith, Senior Cloud Security Engineer at Allstate, along wi...

Shift Left and Shift Down in the Cloud

Shift Left and Shift Down in the Cloud

July 9, 2020, Brian Price, cloudtamer.io|Nicholas Hughes, EITR Technologies|Joe Foster, NASA|Chris Pollard, cloudtamer.io

How Automation, Templates, and Autonomy Deliver Security with Agility in the Cloud Organizations are moving more workloads to the cloud. At the same time, industry surveys indicate that security r...

2020 State of Federal Cloud Security: A Practitioner’s Perspective

2020 State of Federal Cloud Security: A Practitioner’s Perspective

July 8, 2020, Dr. Mari Spina (Principal Cyber Security Engineer, The MITRE Corporation)

Understanding threats and shared responsibility that all Federal agencies have is key to building confidence in security. How has the government and Industry addressed these challenges and are they...

2020 State of CASB - CSA Research

2020 State of CASB - CSA Research

July 8, 2020, John Yeoh, VP of Research, CSA & Itir Clarke, Senior PMM, Proofpoint

With the shift to work from home, cloud security is a bigger concern than ever. As the network perimeter is replaced by a user-defined security perimeter, enterprises need a people-focused approach...

A Practitioner’s Guide to Cloud Security and Compliance Processes

A Practitioner’s Guide to Cloud Security and Compliance Processes

July 7, 2020, Kolby Allen, Senior Architect, Zipwhip & Jason Needham, Senior Director of Cloud Security, VMware

Are you trying to transform your organization into a savvy cloud security shop? This session will look at some of the biggest and most common challenges for maintaining security and compliance whil...

Data Privacy and Security Threat Concerns in the Age of COVID-19

Data Privacy and Security Threat Concerns in the Age of COVID-19

July 2, 2020, Etay Maor, Chief Security Officer, IntSights & Chris Strand, Chief Compliance Officer, IntSights

Businesses are facing escalating security threats in the wake of the COVID-19 pandemic, which raises questions about the security of everyone’s private and personal data. Many companies are struggl...

Reducing Compliance Costs with DevSecOps Principles in the Hybrid Cloud

Reducing Compliance Costs with DevSecOps Principles in the Hybrid Cloud

July 1, 2020, Daniel Domkowski - Speakers Software Delivery Specialist Red Hat

58% of organizations are now viewing security compliance requirements and costs as a barrier to entering new markets. Their only choice is to reinvent their approach to compliance. While the vast m...

Accelerating Hybrid Cloud Migration with Continuous Security Analytics

Accelerating Hybrid Cloud Migration with Continuous Security Analytics

June 30, 2020, Chris Collard, Program Director - QRadar Cloud Security, IBM

As organizations take advantage of various cloud services for innovation and growth challenges arise at every phase of the security strategy, migration, monitoring, and threat management cycle. How...

Death of the Traditional Security Review

Death of the Traditional Security Review

June 29, 2020, John Finizio, Director of Partner Success, Whistic

Recent crises have not just exposed the many inefficiencies inherent in traditional security reviews, it has exacerbated them. Enterprises and Vendors, or Buyers and Sellers, had only one choice: a...

The Resurgence of Cloud

The Resurgence of Cloud

June 25, 2020, David Cass, Vice President Cyber & IT Risk, Federal Reserve Bank of New York

TBDCloud has seen the typical technology pendulum swing experienced by most innovative technologies. Organizations started with the all in cloud first model only to have to later step back and take...

Key Security Controls & Practices for Moving to the Cloud: A CISO’s Perspective

Key Security Controls & Practices for Moving to the Cloud: A CISO’s Perspective

June 25, 2020, Mark O’Hare, CISO, Mimecast

In Cloud We Trust While Mimecast is a significant cloud security services provider to more than 38K organizations, we also rely heavily on cloud-based IT and security services to run our own busin...

How to Automate and Accelerate the Design of Secure AWS Cloud Environments

How to Automate and Accelerate the Design of Secure AWS Cloud Environments

June 24, 2020, See description for details

Panelists: Praveen Nallasamy, VP of Cybersecurity, BlackRock | Tom Holodnik, Software Architect, Intuit | Archie Agarwal, Founder and CEO, ThreatModeler | Yeukai Sachikonye, Consultant-Engagement M...

Cloud Incident Response Need Not be Reactive

Cloud Incident Response Need Not be Reactive

June 24, 2020, Alex Siow, Chairman CSA Singapore Chapter

In today’s connected era, a comprehensive incident response is an integral aspect of any organization aiming to manage and lower their risk profile. A good incident response needs to be useful not ...

A Path to Better Securing Container Orchestration Environments

A Path to Better Securing Container Orchestration Environments

June 23, 2020, Trent Bennett, Security Engineer, Adobe

Many companies, including Adobe, are investing in container platforms and orchestration environments as their next step in the evolution of cloud application development infrastructure. However, as...

Landscape of Application Security for Cloud-Based Apps

Landscape of Application Security for Cloud-Based Apps

June 18, 2020, Ashwath Krishna Reddy, Managing Consultant & Sandesh Mysore Anand, Managing Consultant at Synopsys

Large enterprises moving to the cloud do so in a phased manner. Consequently, at least for a while, they have a mix of on-premises and cloud environments (and very often, multiple cloud environment...

Augmenting Native Cloud Security Services to Achieve Enterprise-grade Security

Augmenting Native Cloud Security Services to Achieve Enterprise-grade Security

June 16, 2020, Thomas Martin, Founder, NephōSec & Chris Hertz, VP Cloud Security Sales, Rapid7

Appropriate use of native security controls in Amazon Web Services, Microsoft Azure, and Google Cloud Platform is essential to managing cloud risk (and avoiding a costly breach). However, many orga...

See FIDO Run: Passwordless, From the Ground Up

See FIDO Run: Passwordless, From the Ground Up

June 11, 2020, Nick Steele, Senior R&D Engineer, Duo Labs

Duo has been part of the passwordless authentication conversation from the start, as early adopters of the WebAuthn protocol and one of the first strategic partners of the FIDO Alliance. Advances l...

How to See AWS Workload-Level Risks Without Agents

How to See AWS Workload-Level Risks Without Agents

June 9, 2020, Aaron Brown, Cloud Security Engineer, Sisense | Sounil Yu, CISO-in-Residence, YL Ventures | Avi Shua CEO Orca Security

Learn modern AWS security best practices with Sisense, Orca Security, and Special Guest Sounil Yu, Former Chief Security Scientist, Bank of America We’ll start off with Sounil Yu, the former Chief...

Why Your Cloud Migration Needs a New Approach to Security and Governance

Why Your Cloud Migration Needs a New Approach to Security and Governance

June 9, 2020, Brendan Hannigan, CEO & Co-Founder, Sonrai Security

The very nature of how software applications are built today has changed from stem to stern, with public cloud at the foundation of this shift. Companies that have successfully ‘digitally transform...

The S in IoT stands for Security

The S in IoT stands for Security

June 3, 2020, Moderator: Suresh AGARWAL, Panelist: Aleksandar ANDRIC | ​Jim LIM | Haojie ZHUANG

Internet of Things (IoT) and connected devices promise tremendous benefits and a new wave of business opportunities. This hype is best balanced with caution especially with respect to security. Al...

Build a Robust App Control Strategy for your Cloud Workloads

Build a Robust App Control Strategy for your Cloud Workloads

June 2, 2020, Itai Tevet, CEO at Intezer

The use of application control (also known as whitelisting) is considered to be a robust and essential Cloud Workload Protection strategy largely due to the high predictability of cloud environment...

DLT Security Framework for the Finance Industry

DLT Security Framework for the Finance Industry

May 30, 2020, Jyoti Ponnapalli, DLT Lead, DTCC and Kurt Seifried, Chief Blockchain Officer, Cloud Secur

DLT introduces a multitude of value propositions for the financial services industry. The pace of innovation is aggressively picking up in use cases pertaining to finance such as digital assets, to...

Innovative Enterprise Architecture Techniques to Complete your Digital Transform

Innovative Enterprise Architecture Techniques to Complete your Digital Transform

May 30, 2020, Jon-Michael Brook, Principal: Security, Cloud & Privacy, Guide Holdings LLC

A successful digital transformation requires a lot of moving parts. Even greenfield opportunities challenge organizations in catching all business, IT, DevOps, and security tactics in the effort. T...

How to Future-Proof the Cloud, from the POVs of a CISO, CPO & Ethical Hackers

How to Future-Proof the Cloud, from the POVs of a CISO, CPO & Ethical Hackers

May 30, 2020, Kevin Fielder, CISO, Just Eat and Peter Blanks, Chief Product Officer & Head of Engineering, Synack

IDC predicts that by 2022, over 90% of enterprises worldwide will be relying on a cloud solution to meet their infrastructure needs, in large part driven by the COVID-19 remote working environments...

Cyber Risk Exchanges: Mastering a New Approach to Vendor Risk & Performance Moni

Cyber Risk Exchanges: Mastering a New Approach to Vendor Risk & Performance Moni

May 30, 2020, Randy Ferree, Third-Party Risk Consultant, OneTrust Vendorpedia

Your vendors often handle your most sensitive data. This presents significant challenges as security, procurement, sourcing, IT, and privacy teams struggle to vet and manage vendor risks and perfor...

SDP – The Yellow Brick Road to Zero Trust

SDP – The Yellow Brick Road to Zero Trust

May 29, 2020, Juanita Koilpillai Founder and CEO Waverley Labs LLC

Today’s network security architectures, tools and platforms fall short of meeting the challenges presented by current security threats. Zero Trust is emerging as a popular anti-hack strategy and, a...

Enhance Security and Operational Efficiency with CASB

Enhance Security and Operational Efficiency with CASB

May 29, 2020, Itir Clarke Sr. Product Marketing Manager, Proofpoint and Dan "Hackerman", National Health Organization

The move to the cloud and a mobile workforce has brought new security and compliance risks. Cloud account takeover, data loss and usage of unapproved cloud applications present big challenges to s...

Secure your Cloud Investment by Unlocking the Network as a Data Source

Secure your Cloud Investment by Unlocking the Network as a Data Source

May 29, 2020, Ryan Davis Sr. Cloud Product Manager ExtraHop

While the cloud may be a force multiplier for DevOps and IT Ops, for security teams, it can be a vulnerability. With SecOps taking the blame for stalled migration efforts, enterprises are recognizi...

Securing your Journey to the Hybrid Multi-Cloud – from Patchwork to Platform

Securing your Journey to the Hybrid Multi-Cloud – from Patchwork to Platform

May 29, 2020, Christopher Bontempo VP Security Marketing, Routes and Offerings, North America IBM Security |Patrick Vowles Team Lead for No

As organization utilize the cloud for innovation and growth, security teams are challenged with ensuring those business initiatives and missions are successful. We need to drive change and integrat...

Don’t let the Attackers Weaponize Fear: Malware in the time of COVID-19

Don’t let the Attackers Weaponize Fear: Malware in the time of COVID-19

May 29, 2020, Diana Kelley, Cybersecurity Field CTO, Microsoft

Wherever we turn it feels like the news is all COVID-19 all the time. Many of us are feeling stressed and overwhelmed and attackers know it. At Microsoft, we've seen an increase in the success of p...

An Interview with Sophos: Navigating Cloud Security

An Interview with Sophos: Navigating Cloud Security

May 29, 2020, Ganesh Krishnan, Richard Beckett, and Guy Davis, Sophos

Curious about how a leader in cybersecurity moves to the cloud? Join us for an exclusive interview with Ganesh Krishnan, VP of Engineering, and Guy Davies, Principal Cloud Architect at Sophos. We’...

Why Your Cloud Migration Needs a New Approach to Security a

Why Your Cloud Migration Needs a New Approach to Security a

May 29, 2020, Brendan Hannigan, CEO & Co-Founder, Sonrai Security

The very nature of how software applications are built today has changed from stem to stern, with public cloud at the foundation of this shift. Companies that have successfully ‘digitally transfor...

The Hits – and a Few Misses – in Vendor Security Assessments

The Hits – and a Few Misses – in Vendor Security Assessments

May 29, 2020, David Lenoe Sr. Sr. Director of Product Security Adobe

Use of 3rd -party cloud technology and service vendors is common to pretty much any business. Maintaining your own security posture requires that you also ensure those vendors are maintaining compa...

SDP – The Yellow Brick Road to Zero Trust

SDP – The Yellow Brick Road to Zero Trust

May 28, 2020, Juanita Koilpillai Founder and CEO Waverley Labs LLC

Today’s network security architectures, tools and platforms fall short of meeting the challenges presented by current security threats. Zero Trust is emerging as a popular anti-hack strategy and, a...

Toward a European Certification Scheme for Cloud Services

Toward a European Certification Scheme for Cloud Services

May 28, 2020, Eric Vétillard, ENISA

In 2019, the Cybersecurity Act became law in Europe, establishing a European Certification Framework. In November 2019, the European Commission tasked ENISA with designing a candidate scheme for cl...

Cybersecurity, Data Protection Policies, and Cloud Adoption in APAC

Cybersecurity, Data Protection Policies, and Cloud Adoption in APAC

May 27, 2020, Lim May-Ann, Executive Director, ACCA

Over recent months, there has been an increasing number of cyber-breaches being reported in Asia Pacific, particularly from the public sector. Yet there have also been an increasing number of cyber...

CSA STAR Town Hall - Governance, Risk and Compliance in the Cloud

CSA STAR Town Hall - Governance, Risk and Compliance in the Cloud

May 26, 2020, Douglas Barbin of Schellman | Larry Greenblatt of QAD | Shaun Van Niekerk of NHS | John DiMaria of CSA

This session will provide a thorough overview of GRC in the cloud, from awareness to procurement expectations, to implementation to certification/Attestation. Our panel includes a Cloud Service P...

Discover What You’ve Been Missing in Your Google Cloud Deployments

Discover What You’ve Been Missing in Your Google Cloud Deployments

May 21, 2020, Dan Frey and Vince Stross of ExtraHop & Shishir Agrawal and Yang Liang of Google Cloud

The modern enterprise encompasses a complex web of workloads consisting of hardware, applications, and data spread across edge, core, and cloud deployments. Add a growing remote workforce using a w...

CSA's Executive Series: Connectedness and Data Privacy in the Cloud Era

CSA's Executive Series: Connectedness and Data Privacy in the Cloud Era

May 20, 2020, Jerry Archer, SVP & Chief Security Officer, Sallie Mae

As businesses are transitioning to new cloud services increasing their connectedness, it creates new issues like decreased visibility, new obscure vulnerabilities and cyber criminal opportunities. ...

Thinking Like a Cybercriminal

Thinking Like a Cybercriminal

May 19, 2020, Etay Maor, Chief Security Officer, IntSights

We read about hacks and breaches on a daily basis, but what do we actually know about these cybercrime groups and how they conduct these attacks? In this session, we will dive into basic hacking ...

Creatively Scaling Application Security Coverage and Depth

Creatively Scaling Application Security Coverage and Depth

May 14, 2020, Prithvi Bisht, Senior Manager of Secure Software Engineering at Adobe

One of the biggest challenges and opportunities for an application security (AppSec) team in a cloud-centric world is to scale effectively. The general “shift-left” recommendation for security in t...

Shifting Cloud Security Left to Protect Data & Customers

Shifting Cloud Security Left to Protect Data & Customers

May 12, 2020, Sadi Steffl, Cyber Security Analyst at ViacomCBS Digital & Chris DeRamus, CTO at DivvyCloud

Sadi and Chris will explore how her team at ViacomCBS Digital have shifted cloud security left in order to prevent issues from ever manifesting, deliver better experiences to developers, and be abl...

Break the Top 10 Cloud Attack Kill Chains

Break the Top 10 Cloud Attack Kill Chains

May 7, 2020, Rich Mogull, VP Product, disruptOps

As cloud adoption matures, so do cloud attacks. This session will highlight the top 10 cloud kill chains and how to break them. The presenters will lay out each step of the chain, which are the eas...

How to Start Secure and Stay Secure with Cloud Best Practices

How to Start Secure and Stay Secure with Cloud Best Practices

May 5, 2020, Center for Internet Security

The Center for Internet Security (CIS) provides organizations with a collection of integrated cybersecurity resources to help users evaluate and apply secure configuration settings to various cloud...

Securely Enable Your Remote Workforce

Securely Enable Your Remote Workforce

May 1, 2020, Lior Cohen, Sr Director Product Marketing from Fortinet & Sameer Vasanthapuram, Solutions Architect from AWS

Join Lior Cohen, Sr Director Product Marketing from Fortinet and Sameer Vasanthapuram, Solutions Architect from AWS to learn about how you can leverage the dynamic nature of cloud security to impro...

A recipe for automating privileged access into your DevOps pipeline

A recipe for automating privileged access into your DevOps pipeline

April 30, 2020, Tim Keeler and Paul Lanzi, Co-founders, Remediant

Engineering teams are adopting DevOps as a way to improve time to market and ensure high availability. In addition, these teams are becoming more and more distributed as a way to access a broader t...

Managing security in the cloud today VS networks "back in my day"

Managing security in the cloud today VS networks "back in my day"

April 28, 2020, Jim Reavis, CEO, CSA | Karen F. Worstell, CEO, W Risk Group | John DiMaria, CSA | Vincent Campitelli, CSA

In our increasingly interconnected world, the cloud is the answer. Services like Microsoft Office 365, Google Drive and AWS have embraced its ability to store data online and have created services ...

Mapping Your Way Through AppSec Challenges

Mapping Your Way Through AppSec Challenges

April 23, 2020, Peleus Uhley, Principal Scientist & Lead Security Strategist at Adobe

It is always important to stay current and explore new technologies. John Lambert is often quoted for saying, “Defenders think in lists. Attackers think in graphs. As long as this is true, attacker...

Cloud Adoption Considerations for IoT and OT

Cloud Adoption Considerations for IoT and OT

April 21, 2020, Shih Hsien Lim, Chief Security Officer, SP Group

IoT in the enterprise will generate new information and business models that will strain on-prem capabilities and resources. The challenges can be resolved by judicious of the cloud. This potential...

Managing Supply Chain Risk During Times of Turmoil

Managing Supply Chain Risk During Times of Turmoil

April 16, 2020, Drew Wilkinson, VP - Services and Customer Success, SecurityScorecard & Mike Baier, 3rd Party Info Sec Risk Mangement, Takeda

“The Practitioners View Inside and Out” During times of turmoil and increased remote work, the security and viability of our supply chain and vendors takes on even greater importance. This webinar ...

CSA's Executive Series: Hard Choices by Dan Geer

CSA's Executive Series: Hard Choices by Dan Geer

April 15, 2020, Dan Geer, CISO, In-Q-Tel

Join us for this special CloudBytes webinar for a strategic look at the future of cloud and cyber security. The incomparable Dan Geer ponders a set of provocative questions that get to the heart of...

CSA's Executive Series: Using CSA Control Framework for Regulatory Alignment

CSA's Executive Series: Using CSA Control Framework for Regulatory Alignment

April 14, 2020, Michael Mazza, Executive Director - Enterprise Technology & Risk - Morgan Stanley

In today’s environment, we are faced with conflicting challenges. Our businesses want us to advance the use of cloud to improve costs and time-to-market. The major CSPs are coming out with new fu...

Stay Secure: In the Face of a Pandemic, Cyberattackers Seek to Take Advantage

Stay Secure: In the Face of a Pandemic, Cyberattackers Seek to Take Advantage

April 7, 2020, Thomas Martin, Founder, NephōSec | Chris Hertz, Chief Revenue Officer, DivvyCloud

Join Thomas Martin, former GE CIO and Founder of NephōSec, and Chris Hertz, Chief Revenue Officer of DivvyCloud, for a deep dive into the current state of cloud security and practical guidance on w...

CSA's Executive Series: When AI Goes Wrong

CSA's Executive Series: When AI Goes Wrong

April 2, 2020, Bob Gourley, CTO and Co-Founder of OODA

Join Bob Gourley, CTO and Co-Founder of OODA, to learn about when AI goes wrong including... - 6 categories of real-world AI failures - notable failures in operational systems - compliance needs - ...

Top 5 Latest Cloud Security Hacks and How You Can Avoid Them

Top 5 Latest Cloud Security Hacks and How You Can Avoid Them

March 17, 2020, Roger Grimes, Data-Driven Defense Evangelist at KnowBe4

Most people know that cloud security overall is often better than traditional on-premise security. However, that doesn’t mean that cloud products can’t be hacked or misconfigured even if you are us...

The Underrated Link Between Malicious Code & Cloud Security

The Underrated Link Between Malicious Code & Cloud Security

February 18, 2020, Itai Tevet, CEO at Intezer

In order for an adversary to conduct a successful cyber attack and inflict any kind of damage, they must run malicious code or commands on a victim’s machine. This fact also holds true in the world...

Re-thinking vulnerability management in the era of Hybrid IT & DevOps

Re-thinking vulnerability management in the era of Hybrid IT & DevOps

February 13, 2020, Prateek Bhajankam,VP of Product Management & Badri Raghunathan, Director of Product Management at Qualys

The digital transformation through Hybrid IT and DevOps has fundamentally changed how organizations operate – with major security implications. How do companies detect and manage vulnerabilities wh...

Zero Trust and the Flaming Sword of Justice

Zero Trust and the Flaming Sword of Justice

February 11, 2020, Dave Lewis, Global Advisory CISO, Duo Security (now part of Cisco)

Security breaches pervade the headlines. What was seen as a rare instance just 5 years ago now seems to occupy the daily news cycle. A lot of these data breaches are made possible due to missteps a...

Rethinking DLP as You Move to the Cloud

Rethinking DLP as You Move to the Cloud

January 30, 2020, Justin Collins, Senior Director of Professional Services, Proofpoint & Jim Reavis, CEO, CSA

Whether it’s financial, bank or credit card data, customer or patient information, or intellectual property, the goal of cybersecurity is to protect sensitive data and prevent unwanted access or th...

How NDR Powers Event-Driven Security in the Cloud

How NDR Powers Event-Driven Security in the Cloud

January 28, 2020, Ryan Davis, Senior Manager, Cloud Product Marketing & Vince Stross, Principal Security SE at ExtraHop

For public cloud customers, event-driven security isn’t just practical—it’s expected. Although organizations still rely on perimeter-focused technologies, they’re moving away from a strictly protec...

Anatomy of a Cloud Data Breach

Anatomy of a Cloud Data Breach

January 23, 2020, Bob Gilbert; Chief Evangelist, Netskope

Cloud adoption is exploding with nearly 1,300 cloud apps in use in an average enterprise. From suites like Office 365 to collaboration tools like Slack, the cloud has enabled new levels of producti...

A Strategic Approach to IoT Security Best Practices and Standards

A Strategic Approach to IoT Security Best Practices and Standards

January 16, 2020, Brian Russell, Co-chair, CSA IoT Working Group & Gonda Lamberink, Global Senior Business Development Manager, UL

The market for IoT products continues to expand, with increased quantities of devices being integrated into consumer and business networks.  These products are turning into always-on services that ...

Getting Real: Sorting What’s ZT and What’s Just BS

Getting Real: Sorting What’s ZT and What’s Just BS

January 14, 2020, Wendy Nather, Head of Advisory CISO, Duo Security

The buzz around zero-trust security has grown to a roar, but how do you pick out the useful tidbits and tactics from a heaping haystack of F.U.D.? Join Wendy Nather, Head of Advisory CISO Team at D...

Rethinking Threat Intelligence with the LEAD Framework

Rethinking Threat Intelligence with the LEAD Framework

December 19, 2019, Filip Stojkovski, Threat Intelligence Manager, Adobe

Adobe has been using threat intelligence for many years as part of the SOC, Incident Response, and Threat Hunting teams. But how do you start applying threat intelligence techniques and models to s...

The Scary and Honest Truth About Securing the Public Cloud

The Scary and Honest Truth About Securing the Public Cloud

December 17, 2019, Bill Prout, Director of Global Public Cloud, Sophos

Workloads in the public cloud are the new pot of gold for savvy cybercriminals. Often misconfigured and under-secured, they’re an easy way for hackers to steal data and take advantage of your proce...

Automating Firewall Change Requests

Automating Firewall Change Requests

December 12, 2019, Ben Chinoy, Security Researcher, Adobe & Jason Joy, Sr. Enterprise Security Engineer, Adobe

As many companies transform to multi-cloud environments, managing firewall changes at the speed of development teams can be challenging. Teams across Adobe are constantly evolving cloud services to...

Cyber criminals are adopting cloud services just as rapidly as the rest of us!

Cyber criminals are adopting cloud services just as rapidly as the rest of us!

December 10, 2019, Paolo Passeri - Cyber Intelligence Principal; Neil Thacker - CISO EMEA; & Ross Asquith - Security Transformation Principal

Join Netskope for a 45 minute webinar, looking at the dark side of cloud - where it’s used not by respectable enterprises like yours, but instead by cyber criminals intent on attacking your respect...

Network Security’s Future is in the Cloud

Network Security’s Future is in the Cloud

December 3, 2019, Jason Georgi, Field Chief Technology Officer for Prisma Access, Palo Alto

Cloud adoption and user mobility are shifting the locations of applications, data and users. These changes create new vectors for cybersecurity risk. Organizations need a way to securely enable dig...

Rethink Infrastructure Access with Zero Trust

Rethink Infrastructure Access with Zero Trust

November 21, 2019, Ivan Dwyer, Product Marketing, Okta & Dr. Chase Cunningham, Principal Analyst, Forrester

As you adopt cloud IaaS to meet business goals, effective security controls can’t be an afterthought. This elastic infrastructure environment requires smart access controls; but how do you adhere t...

Incorporating Identity in Your Security and Zero Trust Strategies

Incorporating Identity in Your Security and Zero Trust Strategies

November 19, 2019, Joe Gottlieb, SVP of Strategy and Business Development, SailPoint & Erik Bartholomy, Security Architect, LogRhythm

Experts predict that total losses related to cybercrime will reach $6 trillion in 2021. The weapon of choice has been compromised identity and yet security teams run for the door when discussing i...

Cloud Security Fails of 2019 and Where to Focus in 2020

Cloud Security Fails of 2019 and Where to Focus in 2020

November 14, 2019, Fernando Montenegro, Principal Analyst, 451 Research and Rachel Pepple, Cloud and Security Marketer, ExtraHop

Security has become one of the most pressing issues for organizations that are moving to the cloud. In this webinar, industry analyst Fernando Montenegro from 451 Research and Rachel Pepple from Ex...

Reimagine Your Perimeter

Reimagine Your Perimeter

November 7, 2019, Bob Gilbert, Vice President and Chief Evangelist, Netskope

Recent research shows that more than 85% of web traffic is comprised of cloud services. The rapid adoption of cloud and mobile is fundamentally changing network traffic patterns and the movement of...

Is Your Business Audit-Ready? 3rd Party Risk Management Best Practices

Is Your Business Audit-Ready? 3rd Party Risk Management Best Practices

November 5, 2019, Kelsey Naschek, CIPP/E, CIPM, Privacy Engineer at OneTrust

As the regulatory landscape for data privacy, security, and third-party risk management continues to change rapidly, so do the needs of the businesses that need to comply with the laws. Many organ...

Transformation of Cybersecurity Risk

Transformation of Cybersecurity Risk

October 31, 2019, Alex Heid the Chief Research & Development Officer at SecurityScorecard

The cyber landscape is continuing to evolve, and we're seeing digital trends continue to change. Digital technologies are accelerating the ability to do business, and really digitizing everything. ...

How to Stop Cloud Threats by Leveraging CASB With a People-Centric Cybersecurity

How to Stop Cloud Threats by Leveraging CASB With a People-Centric Cybersecurity

October 29, 2019, Itir Clarke of Proofpoint & Rich Mogull of CSA

Once your organization migrates to the cloud, protecting your people and the data they create becomes more challenging and critical than ever. Cybercriminals are launching wide-scale brute force at...

A New Prescription for Cyber Security - Global IT Asset Inventory

A New Prescription for Cyber Security - Global IT Asset Inventory

October 24, 2019, Chris Rodgers, Director of Product Management, Qualys & Jim Reavis, CEO and Co-founder of CSA

Most people think that a network is a static event. However, with new types of devices, transient workloads, contract and guest participation, the system is fluid. At any given time,15-20% of the n...

Why it's Time to Kill Your VPN

Why it's Time to Kill Your VPN

October 17, 2019, Chris Scheels, Director of Product Marketing, Cyxtera

VPNs are dangerous and overly complex. So why are we still pretending that VPNs are an effective security technology? Join this webinar if you are responsible for implementing Zero Trust or managi...

Master the Fundamentals of VM Analysis and Prioritization

Master the Fundamentals of VM Analysis and Prioritization

October 17, 2019, Robert Healey | Senior Director Marketing, Asia Pacific, Tenable

Learn how you can effectively analyze vulnerability data to prioritize patching and remediation to reduce cyber exposure. Overcome vulnerability overload and gain insight into the following topics:...

Diversify Defense — Improving Cybersecurity Through Smart Consolidation

Diversify Defense — Improving Cybersecurity Through Smart Consolidation

October 15, 2019, Jeff Costlow, Deputy CISO, ExtraHop & Craig Balding of CSA

The rush to innovate has resulted in more sophisticated threat defenses, but it has also created a complex web of tools that must be managed by an already overworked and understaffed security team....

Zero Trust Application Delivery Pipeline

Zero Trust Application Delivery Pipeline

October 10, 2019, Tony Morris, Enterprise Architect-Public Cloud, Hyland

Zero Trust is a concept that is typically used to describe the security model for a company's infrastructure and data. Application delivery pipelines are typically managed using a perimeter-centric...

Implementing CAIQ-Lite in a Cloud Vendor Security Assessment Workflow

Implementing CAIQ-Lite in a Cloud Vendor Security Assessment Workflow

October 8, 2019, Nick Sorensen-CEO, Whistic & Azure Shen-Compliance Analyst, OneLogin & Samantha Cowan-Security Compliance Manager, HackerOne

Come learn how leading technology companies are optimizing cloud vendor security assessments by leveraging the recently-released CAIQ-Lite in their workflow. Also learn how and why the CAIQ-Lite ca...

The Future of Audit and Compliance: Controls Automation

The Future of Audit and Compliance: Controls Automation

October 3, 2019, Prasant Vadlamudi, Director of Tech GRC at Adobe

Over the past several years, we have developed and implemented Common Controls Framework (CCF) across Adobe, enabling our cloud products, services, platforms and operations to achieve compliance wi...

Software Defined Perimeter Architecture Guide

Software Defined Perimeter Architecture Guide

October 1, 2019, Jason Garbis

SDP combines well-proven technical and architectural components to protect networked applications and infrastructure, more efficiently and effectively than with traditional network security tools. ...

Don’t Let Your Security Slow Your Cloud Journey

Don’t Let Your Security Slow Your Cloud Journey

October 1, 2019, Jason Georgi, Field Chief Technology Officer for Prisma Access and SaaS, Palo Alto Networks

Cloud adoption for some services is no longer optional, however security is what is overwhelmingly holding organizations back from doing more. Cloud and SaaS themselves are also evolving, which is ...

Quandaries and Clouds: A Discussion on Cloud Security

Quandaries and Clouds: A Discussion on Cloud Security

September 26, 2019, Dan Mellen, Accenture & Robert Scheutter, Valvoline & Lamont Orange, Netskope & Nate Smolenski, Netskope

Are you experiencing these common challenges in your cloud security program? There is no question that the way we work has changed with the rise of cloud and the widespread access to mobile device...

No Passwords, No Problem: Using WebAuthn to Stop Account Takeover

No Passwords, No Problem: Using WebAuthn to Stop Account Takeover

September 19, 2019, Swaroop Sham, Senior Product Marketing Manager--Security, Okta

Want to eliminate passwords? We all do. WebAuthn is a new web standard published by the World Wide Web Consortium (W3C) for users in the era of passwordless authentication for web applications. Thi...

Protect Your Web Applications from Component Vulnerabilities

Protect Your Web Applications from Component Vulnerabilities

September 10, 2019, Nate Dyer, Product Marketing Director, Tenable

Web applications are becoming increasingly complex, with most applications now built using multiple layered components, such as web servers, web frameworks, language engines and JavaScript librarie...

5 Identity Attacks that Exploit Your Broken Authentication

5 Identity Attacks that Exploit Your Broken Authentication

September 5, 2019, Teju Shyamsundar, Okta, Sr. Product Marketing Manager

It’s no secret that today’s hackers are smarter than ever before - a motivated hacker can use a variety of different methods to steal passwords from unsuspecting users. While two-factor authentic...

Application of Security Ratings for Emerging Regulatory Compliance Trend in APAC

Application of Security Ratings for Emerging Regulatory Compliance Trend in APAC

September 4, 2019, Matthew McKenna, VP of International Operations at SecurityScorecard

This session will explore the emerging regulatory trends in Vendor Risk Management in APAC and demonstrate how Security Ratings can play a key role in supporting enterprises in the establishment o...

Achieving Cloud Visibility With Cloud-Native Network Detection & Response

Achieving Cloud Visibility With Cloud-Native Network Detection & Response

August 29, 2019, Amelie Darchicourt, Cloud Product Marketing Manager & Eric Thomas, Director of Cloud Product Marketing, ExtraHop

Without native network visibility in the cloud, enterprises have been limited to log or agent centric tools to support their cloud migration and to secure their workloads, making it challenging to ...

Gaining Decrypted Visibility in Public Cloud with Amazon VPC Traffic Mirroring

Gaining Decrypted Visibility in Public Cloud with Amazon VPC Traffic Mirroring

August 22, 2019, Steve Perkins and Erik Freeland of Nubeva & Anoop Dawani of AWS

Encryption of all traffic in the cloud is a widely adopted best practice. The new TLS 1.3 standard with Elliptic-Curve Diffie Helman (ECDH), perfect forward secrecy and ephemeral keys renders most ...

How Machine Learning is Taking Cyber Security Teams to the Next Level

How Machine Learning is Taking Cyber Security Teams to the Next Level

August 20, 2019, Tom Cignarella, Director, Security Coordination Center (SCC) at Adobe

Ten years ago, security leaders couldn’t wait to tell you about their cutting edge use of Linux – nowadays, that’s considered table stakes. Today, the big buzzwords are AI and machine learning – an...

Application Containers and Microservices: Challenges and Best Practices

Application Containers and Microservices: Challenges and Best Practices

August 9, 2019, Anil Karmel, Application Containers and Microservices Working Group Co-Chair, CSA & Co-Founder and CEO, C2 Labs

Application containers and a microservices architecture are being used to design, develop and deploy applications leveraging agile software development approaches such as Development Operations. Se...

Best Practices for Securely Moving Workloads Into the Cloud

Best Practices for Securely Moving Workloads Into the Cloud

August 8, 2019, Torsten George, Senior Director, Product Marketing, Centrify

Organizations are increasingly moving their workloads to the cloud to achieve greater agility, flexibility, and cost savings. In fact, spending on cloud infrastructure services will grow from $39.5...

Beyond Cryptocurrency: Blockchain and DLT Use Cases

Beyond Cryptocurrency: Blockchain and DLT Use Cases

August 7, 2019, Hillary Baron, Program Manager and Research Analyst, CSA

Thanks to the rise in popularity of Bitcoin cryptocurrency, the innovative technologies of Blockchain and other systems of distributed ledger technology (DLT) have proven their ability to increase ...

2019 Cloud Security Threat Report: Understand the Latest Cloud Security Trends

2019 Cloud Security Threat Report: Understand the Latest Cloud Security Trends

July 25, 2019, Jim Reavis, Co-Founder and CEO, Cloud Security Alliance | Kevin Haley, Director, Security Technology and Response, Symantec

Is your perception of cloud security matching the reality? We surveyed security decision makers worldwide to understand their perceptions of the cloud security landscape and compared this to emp...

IT & OT Security Best Practices-Survey Results of Over 700 Global Practitioners

IT & OT Security Best Practices-Survey Results of Over 700 Global Practitioners

July 24, 2019, Robert Healey | Senior Director Marketing, Asia Pacific, Tenable

Security teams are frequently blind to the IT and Operational Technology (OT) assets, internal and external connections, and vulnerabilities on their industrial control system networks. This visibi...

Hacker-Powered Data: Security Weaknesses and Embracing Risk with HackerOne

Hacker-Powered Data: Security Weaknesses and Embracing Risk with HackerOne

July 23, 2019, Miju Han, Director of Product Management, HackerOne

Vulnerabilities are a fact of life; risk comes with it. Today, companies, enterprises, & governments are embracing collaboration with hackers to find vulnerabilities before criminals have a chance ...

Automating Container Security

Automating Container Security

July 18, 2019, Thomas Robinson, Solution Architect, AWS & Dan Hubbard, CEO, Lacework

Using containers in AWS enables agile orchestration of application capabilities and require less coordination and oversight than on-premises or virtualization infrastructure. While containers allow...

Hackers, Cybercriminals, or Employees - Who Poses the Biggest Threat to the Org?

Hackers, Cybercriminals, or Employees - Who Poses the Biggest Threat to the Org?

July 16, 2019, Jon-Michael Brook, Principal: Security, Cloud & Privacy at Guide Holdings LLC

The Top Threats Working Group from the Cloud Security Alliance produces annual research on the biggest risks to cloud environments. The recent Top Threats: Deep Dive publication examines nine rece...

Reaching for the STAR (Part 4): CSA GDPR Code of Conduct

Reaching for the STAR (Part 4): CSA GDPR Code of Conduct

July 16, 2019, Daniele Catteddu, CTO at CSA & Paolo Balboni PhD., Lawyer and Founding Partner of ICT Legal Consulting

In this series, “Reaching for the STAR”, we will provide you with insight into the STAR foundation, and how it has evolved into a framework that provides a flexible, incremental and multi-layered c...

Using User Behavior Analytics to Detect Authentication Anomalies

Using User Behavior Analytics to Detect Authentication Anomalies

July 16, 2019, Aron Anderson, Senior Security Engineer & Ashwini Cheerla, Security Engineer at Adobe

In modern cyber battlefield, we face new threats daily where signatures are not necessarily known. Identifying these anomalies in regular behavior is the core of User Behavior Analysis (UBA). Commo...

Accelerating Your Journey to Zero Trust

Accelerating Your Journey to Zero Trust

July 11, 2019, Christopher Scheels, Director of Product Marketing, Cyxtera

Zero Trust is trending. Every expo show floor is inundated with this concept that promises to transform of corporate security from a well-known failed perimeter-centric model. In this session, we w...

Does WebAuthn Signal the End of Passwords for Browsers?

Does WebAuthn Signal the End of Passwords for Browsers?

June 27, 2019, Pay-al Pan, Senior Solutions Engineer, Okta & James Fang, Director of Product Marketing, Okta

Passwords have been the de-facto standard for authentication in the last 40 years, but end users hate them. Not to mention they aren't considered safe anymore - 81% of hacking-related account breac...

The Nexus of Organized Cyber Crime and Cyber Terrorism

The Nexus of Organized Cyber Crime and Cyber Terrorism

June 26, 2019, Dr. Florian Huber, Research Manager at SYNYO & Mag. Bernhard Jäger, Research Manager and Department Lead at SYNYO

New Services and Tools for Supporting First-line-practitioners and Law Enforcement Agencies. In recent years, Europe has been at increased risk of extremist violence and terrorism – from Islamic f...

2019 Trends Report: The Zero Trust Journey

2019 Trends Report: The Zero Trust Journey

June 20, 2019, Kelsey Nelson, Product Marketing, Okta

As your workforce becomes more distributed, security is even more critical. Protecting the network is important but it’s no longer enough to secure applications and data. That’s why adoption of a Z...

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

June 13, 2019, Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope

The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for ...

IoT Threats and Vulnerabilities

IoT Threats and Vulnerabilities

June 12, 2019, Brian Russell, IoT Chair at CSA and Founder of TrustThink & Alon Levin, VP Product Management at VDOO

The year 2018 saw increased adoption of consumer and enterprise IoT. These IoT products were faced with multiple IoT attack variants: Wicked, OMG Mirai, ADB.Miner, DoubleDoor, Hide 'N Seek and eve...

Securing Cloud Infrastructure with Cyber Exposure

Securing Cloud Infrastructure with Cyber Exposure

June 6, 2019, Nate Dyer, Product Marketing Director, Tenable

Cloud is dramatically expanding your attack surface and introducing new visibility challenges into infrastructure security. Without foundational visibility, it’s nearly impossible to execute other ...

CSA Study: Cloud Security Complexity

CSA Study: Cloud Security Complexity

June 4, 2019, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

Cloud computing provides improved security, agility and flexibility. However, integrating this new service into legacy IT environments comes with great concern. The Cloud Security Alliance has rec...

Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error

Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error

May 30, 2019, Aaron Zander, Head of IT, HackerOne & Gen Buckley, Senior Analyst, Security, and Compliance, Okta

It's easy blame employees for poor password and email hygiene, but in reality, human error isn't going to go away. Every organization will always have a "Kanye" with poor operational security and w...

GDPR: Data breach prevention & mitigation - Lessons learned in the past year

GDPR: Data breach prevention & mitigation - Lessons learned in the past year

May 28, 2019, Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance

Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Pr...

Reaching for the STAR (Part 2) - Which level is right for me?

Reaching for the STAR (Part 2) - Which level is right for me?

May 24, 2019, John DiMaria, Assurance Investigatory Fellow & Alain Pannetrat Senior Researcher and STARwatch Product Manager at CSA

While CSA STAR is an acronym for Security Trust Assurance and Risk the annotation of STAR runs much deeper. Reaching for the level of STAR is about not limiting how far we can go in achieving the u...

Scaling Cloud Forensics & Incident Response with OSQuery

Scaling Cloud Forensics & Incident Response with OSQuery

May 23, 2019, Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, Adobe

An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly an...

Reaching for the STAR (Part 1) - Structure, Levels, Purpose and Benefits

Reaching for the STAR (Part 1) - Structure, Levels, Purpose and Benefits

May 22, 2019, John DiMaria, Assurance Investigatory Fellow, CSA

While CSA STAR is an acronym for Security Trust Assurance and Risk the annotation of STAR runs much deeper. Reaching for the level of STAR is about not limiting how far we can go in achieving the u...

Eliminate Vulnerability Overload – take Nessus Scan data to the next level

Eliminate Vulnerability Overload – take Nessus Scan data to the next level

May 21, 2019, Robert Healey | Senior Director Marketing, Asia Pacific

Nessus has been around for 21 years now and with over 109,000 vulnerabilities in its scan database, is the undisputed global standard tool for Vulnerability Management, that everyone uses, knows an...

Reaching for the STAR (Part 3) - Multi-Party Recognition Framework Program

Reaching for the STAR (Part 3) - Multi-Party Recognition Framework Program

May 16, 2019, John DiMaria, Assurance Investigatory Fellow, & Damir Savanovic, Senior Innovation Analyst at CSA

While CSA STAR is an acronym for Security Trust Assurance and Risk the annotation of STAR runs much deeper. Reaching for the level of STAR is about not limiting how far we can go in achieving the u...

The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat

The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat

May 9, 2019, Steve Manzuik, Director of Security Research at Duo Labs & Keith Brautigam, Director of IAM at Penn State

In this webinar you will learn: - Real examples from Penn State of how network topology has gotten exponentially more complicated - Why attackers have shifted from systems-focused to data-focused a...

Build Fast, Secure Well: Automate DevSecOps and Secure Your Cloud

Build Fast, Secure Well: Automate DevSecOps and Secure Your Cloud

May 7, 2019, Vikram Varakantam, Sr. Director of Product at Lacework

Automation is key aspect of success in cloud adoption, it can help build faster and deliver continuously at scale. However, it can also make managing security a challenge it not planned well. A str...

Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits

Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits

May 2, 2019, John Kindervag from Palo Alto Networks & Rob LaMagna-Reiter from FNTS

Much has been written and spoken about Zero Trust and the principles of “never trust, always verify” as a means for enterprises to implement effective network segmentation. As the model has been em...

The Rise of Privacy in the Cloud Era

The Rise of Privacy in the Cloud Era

April 25, 2019, Neil Thacker, CISO, Netskope

In a globally connected world where the number of cloud applications consumed by organisations rises daily, the challenges associated with protecting data and individual’s privacy are therefore als...

Top “Must Do” Steps for Securing Your Public Clouds

Top “Must Do” Steps for Securing Your Public Clouds

April 18, 2019, Greg Mayfield, Sr. Director, Product Marketing & Michael Koyfman, Principal Global Solution Architect at Netskope

Many enterprises have inadvertently exposed proprietary information by failing to properly secure data stored in public cloud environments like Amazon Web Services, Microsoft Azure and Google Cloud...

Organisational Behavior for Cyber Risk Governance Using Security Ratings

Organisational Behavior for Cyber Risk Governance Using Security Ratings

April 10, 2019, Matthew McKenna, Vice President, International Operations, SecurityScorecard

This webinar will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structur...

Preventing AWS Misconfiguration and the Risk of Data Breaches

Preventing AWS Misconfiguration and the Risk of Data Breaches

March 28, 2019, Josh Stella, Co-Founder and Chief Technology Officer, Fugue

Today’s enterprise needs to move fast at scale in the cloud, but the dynamic and complex nature of the cloud has introduced a significant new risk: a data breach due to misconfiguration and human e...

Cloud Security Top Threats:How to Secure the Future While Learning from the Past

Cloud Security Top Threats:How to Secure the Future While Learning from the Past

March 27, 2019, Dan Hubbard, Chief Product Officer, Lacework & John Yeoh, Director of Research, CSA

IaaS/PaaS providers like AWS, Azure, and GCP are increasing the productivity of our developers-- making our organizations extraordinarily agile. That same agility must be matched with security and ...

Protection & Privacy in the Cloud: Operationalizing Privacy in AWS Environments

Protection & Privacy in the Cloud: Operationalizing Privacy in AWS Environments

March 14, 2019, Nimrod Vax, BigID Head of Product & Bill Reid, AWS Senior Manager, Leader, Security and Compliance Solution Architecture

New privacy regulations like GDPR and CCPA make finding and protecting personal information more critical than ever. This means being able to identify both PII and contextual PI by person at scale....

Third-Party Cloud Management

Third-Party Cloud Management

February 28, 2019, Sam Abadir, Vice President of Industry Solutions, Lockpath

Cloud computing offers massive scalability, availability and low-cost services as major benefits, but as with most new technologies, it introduces new risks. Because there is so much opportunity in...

CSA Summit at RSA Conference 2019 Preview (Part 2)

CSA Summit at RSA Conference 2019 Preview (Part 2)

February 26, 2019, McAfee and IBM

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of.... Case Study: Behind the Scenes of MGM Resorts’ Digital Transformation As a leader i...

Is multi-cloud a cost-cutter or complexity adder?

Is multi-cloud a cost-cutter or complexity adder?

February 21, 2019, Petri Kallberg, CTO at Nordcloud Finland & Markku Rossi CTO at SSH.COM

The cloud promises to bring savings, agility and scalability. All of this is attainable provided that you know which services to choose for which purpose and how to set up your environment properly...

The Role of Security Champion in DevOps

The Role of Security Champion in DevOps

February 20, 2019, Kenneth Peeples, Principal Consultant, Red Hat & John Martin, Security Program Manager, Boeing

Organizations need Security Champions to help foster security best practices to ensure a security-supportive culture. During this webinar the CSA/SAFECode DevSecOps Working Group wants to share ho...

CSA Summit at RSA Conference 2019 Preview (Part 1)

CSA Summit at RSA Conference 2019 Preview (Part 1)

February 19, 2019, OneTrust and Cyxtera

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of... - From GDPR to California Privacy: Managing Cloud Vendor Risk Managing vendor risk i...

Zero-Trust and Securely Deploying Medical Devices

Zero-Trust and Securely Deploying Medical Devices

February 15, 2019, Chris Frenz, AVP of Information Security and Infrastructure at Interfaith Medical Center

The healthcare sector has been routinely described as lax with the implementation and enforcement of information security controls. In recent years this issue has been highlighted by the numerous a...

Avoid the Breach with Effective Application Security Testing

Avoid the Breach with Effective Application Security Testing

February 13, 2019, Andrew Dunbar, VP of Security Engineering and IT at Shopify and Luke Tucker, Senior Director of Marketing at HackerOne

Security is a top priority for e-commerce giant Shopify, with over 800,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Join Shopify's Vice President of Sec...

The Top 10 Things I Learned by Phishing my Company

The Top 10 Things I Learned by Phishing my Company

February 7, 2019, Steve Edwards, Manager - Corporate Security Engineering, Duo

Ninety-one percent of organizations in a recent TechValidate survey say they have seen phishing attacks on their organization in the past year. What’s more, 42% report more than 10 phishing attacks...

Want Better Management of Cloud Security Risk? Live Where Your People Live

Want Better Management of Cloud Security Risk? Live Where Your People Live

January 31, 2019, Julia Knecht, Manager for Security and Privacy Architecture, Adobe

Expecting your (relatively) small staff of security specialists we all have to handle security, risk management, and good governance entirely on their own is a recipe for disaster. While specialist...

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

January 17, 2019, Jasson Casey - CTO at SecurityScorecard

Please join us on the 17th of January as Jasson Casey, CTO at SecurityScorecard, describes the state of cybersecurity in the modern world, and what best practices are for measuring it - differentl...

Vendor Risk Management from the GDPR to California Privacy (CCPA)

Vendor Risk Management from the GDPR to California Privacy (CCPA)

January 10, 2019, Blake Brannon, VP of Products, OneTrust

In this webinar, we will deep dive into managing the vendor lifecycle under the GDPR, California Privacy (CCPA), and other global regulations. As organizations continue to improve their privacy and...

Container Security Best Practices: A How-To Discussion

Container Security Best Practices: A How-To Discussion

December 18, 2018, Nate Dyer, Sr. Product Marketing Manager, Tenable

Application containers like Docker help DevOps work faster and quicken time-to-market, but they also create a major Cyber Exposure gap. Traditional vulnerability management approaches can’t easily ...

2018: The Year in Data Security Panel Discussion

2018: The Year in Data Security Panel Discussion

December 12, 2018, Todd Thorsen, Sr Mgr, Security; Michelle Killian, Sr Mgr, Security Risk and Compliance; and Nathan Hunstad, Dir, Security

The data security world changes so quickly it can be hard to keep up with the latest threats to corporate data. With countless stories of breaches, phishing scams, insider threats, government whist...

Zero Trust in Practice: Why Identity Drives Next-Gen Access

Zero Trust in Practice: Why Identity Drives Next-Gen Access

December 6, 2018, Nick Fisher, Solutions Marketing at Okta

Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. As a model with many mov...

Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env

Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env

December 4, 2018, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

As the network estate grows in size and complexity, the enterprise security team is responsible for ensuring a unified, comprehensive network security policy. But how can the team be sure about app...

2018 Data Exposure Report

2018 Data Exposure Report

November 28, 2018, Molly Quinlan, Market Research Manager, Code42

Are your C-suiters putting valuable company IP at risk through careless data practices? If they're like most business leaders, they are. Nearly three-quarters of CEOs admit they’ve taken IP, ideas,...

Ready for Liftoff? Planning a Safe and Secure Cloud Migration

Ready for Liftoff? Planning a Safe and Secure Cloud Migration

November 20, 2018, Jason Garbis of Cyxtera

Want to transition on-premises workloads to the cloud, but are concerned about consistently securing access? Join us for a webinar where we discuss how you can easily and effectively apply secure a...

Using Machine Learning to Detect Command Line Anomalies

Using Machine Learning to Detect Command Line Anomalies

November 13, 2018, Andrei Cotaie and Tiberiu Boros of Adobe

As we all know, cybersecurity is often a game of cat and mouse - attackers are always trying to outsmart us defenders. At Adobe, we face the same issues and concerns as all the other major companie...

Protecting What’s Left: Cloud Security in the Serverless Age

Protecting What’s Left: Cloud Security in the Serverless Age

November 8, 2018, Edward Smith of Cloud Passage

Serverless architectures and FaaS services such as AWS Lambda make application development scalable, easy, and cheap. Plus, there’s no server to maintain or patch! But just because there’s no serve...

Data Breach Myths vs. Reality

Data Breach Myths vs. Reality

October 25, 2018, Sami Laine of Okta

Data breaches can happen to any organization, so it's important to understand your organization's risk of a data breach. But where should you start your assessment? What practical and pragmatic ste...

How to Phish Your Employees For Functional Security

How to Phish Your Employees For Functional Security

October 18, 2018, Josh Green of Duo Security

More than 90% of reported data breaches and security incidents in 2016 involved a successful phishing attack*. Attackers rely on phishing as a primary strategy because it continues to be both effec...

Discovering a Competitive Advantage with ISO 27001 Certification

Discovering a Competitive Advantage with ISO 27001 Certification

October 11, 2018, Jason Eubanks, CRISC, ISO 27001 Lead Auditor, Principal Consultant, Lockpath

Organizations with mature, enterprise-wide information security risk management programs enjoy a competitive advantage, thanks to ISO 27001 certification that signifies an international standard fo...

IoT Security: Building Security in from the Start

IoT Security: Building Security in from the Start

October 11, 2018, Madjid Nakhjiri of Samsung, Aaron Guzman of Aon, and Tal Zarfati of VDOO

Hear from IoT security experts to get your team on the right track. We’ll discuss: - Why is it important to start with a secure hardware foundation for IoT products? - What hardware and software s...

Crypto Conflagration and Securing the Cryptocurrency Ecosystem

Crypto Conflagration and Securing the Cryptocurrency Ecosystem

October 4, 2018, Chris Wysopal, Co-Founder and Chief Technology Officer at CA Veracode

Not only do cryptocurrencies rely on blockchain for their security, but they also rely on an ecosystem of software that runs exchanges, wallets, smart contracts and more. This software ecosystem, ...

Past the Perimeter: Earned Access Through A Zero-Trust Model

Past the Perimeter: Earned Access Through A Zero-Trust Model

September 27, 2018, Zoe Lindsey of Duo Security

Users whose digital lives are increasingly mobile don’t want to be tied to their desks, and an effective security strategy must be flexible enough to protect access from boardrooms and bars, cubicl...

Cloud–delivered Security: Why It’s Your Best Bet

Cloud–delivered Security: Why It’s Your Best Bet

September 20, 2018, Greg Mayfield of Tenable

On-prem vs Cloud-based security? It’s an ongoing debate that SecOps teams face daily. With cloud adoption continuing to be a top business initiative, SecOps teams must adapt or risk falling behind...

Can the Maturity of Your Cloud Security Strategy Make or Break Your Organization

Can the Maturity of Your Cloud Security Strategy Make or Break Your Organization

September 13, 2018, Scott Hogrefe, VP of Marketing at Netskope, and Doug Cahill, Senior Analyst at ESG

New research from Enterprise Strategy Group and Netskope shows that there are business ramifications when it comes to your approach to cloud security. Join senior ESG cybersecurity analyst Doug Ca...

Improving Cloud Hygiene

Improving Cloud Hygiene

September 6, 2018, Scott Pack, Lead Cloud Security Engineer, and Dhwaj Agrawal, Computer Scientist at Adobe

As one of the first companies to commit wholly to the cloud, we have learned a lot about how to keep our security hygiene levels up even as we support rapid development and deployment cycles. Part ...

How Identity Fits Into a Security-First Approach

How Identity Fits Into a Security-First Approach

August 29, 2018, Mark Bowker, Senior Analyst at Enterprise Strategy Group and Swaroop Sham, Senior Product Marketing Manager at Okta

Securing your workforce and users, in the cloud, and on the go can be difficult. A recent Enterprise Strategy Group (ESG) survey discovered that for nearly 75% of organizations, a username and pass...

Managing Top 6 Risks with Cloud Service Providers

Managing Top 6 Risks with Cloud Service Providers

August 21, 2018, Cliff Turner, Senior Solutions Architect at CloudPassage

In this webinar, we'll cover the following... •Review top six risks with today’s cloud service providers. •We will analyze these risks, consider the business impact and show you how to proactively...

A Path to Achieving Network Security ZEN

A Path to Achieving Network Security ZEN

August 14, 2018, Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additiona...

Next Step – Securing IaaS (AWS, Azure, GCP)

Next Step – Securing IaaS (AWS, Azure, GCP)

August 9, 2018, Brandon Cook of McAfee

According to Gartner, the IaaS market grew at a blistering 42.8% in 2017 - twice as fast as SaaS. But, despite last year’s AWS data exposures at Verizon, the RNC, and Dow Jones, most cloud security...

Extending Network Security Visibility into the Cloud

Extending Network Security Visibility into the Cloud

August 7, 2018, Anner Kushnir, VP of Technology at AlgoSec

Enterprises are taking advantage of the economies of scale of cloud computing and migrating applications to public and private clouds. The new technology offers many advantages, but also requires t...

Eliminating Security Blind Spots in your AWS Environments

Eliminating Security Blind Spots in your AWS Environments

July 31, 2018, Edward Smith of CloudPassage

As consumption of cloud services increases, security teams struggle to maintain visibility of the cloud assets in use across multiple environments throughout the enterprise. In fact, 43% of securit...

Reducing Risk in Public Cloud Environments

Reducing Risk in Public Cloud Environments

July 24, 2018, Greg Mayfield, Director of Product Marketing, Tenable

As organizations adopt their multi-cloud and hybrid cloud strategies, continuous visibility and protection of these dynamic cloud workloads remains the #1 challenge for security teams. It’s essenti...

Avoiding the Dreaded DNS Hijack

Avoiding the Dreaded DNS Hijack

July 12, 2018, Dhivya Chandramouleeswaran of Adobe

With increasing adoption of cloud services by organizations, there is unfortunately often an absence of decommissioning checks when such services are no longer in use. It is often up to developers ...

A GDPR Compliance & Preparation Report Card

A GDPR Compliance & Preparation Report Card

June 27, 2018, Neil Thacker, CISO, EMEA -- Netskope

With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security...

User Behavior Study Screams the Need for Backup

User Behavior Study Screams the Need for Backup

June 26, 2018, Aimee Simpson of Code42

Digital transformation efforts won’t be successful unless IT accounts for the human element: workforce behavior. What’s the relationship between endpoint devices and employee work habits? We dug in...

A Path to Achieving Network Security ZEN

A Path to Achieving Network Security ZEN

June 21, 2018, Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additiona...

Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy

Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy

June 12, 2018, David Shearer, CEO, (ISC)2; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork ; Rich Mogull, Securosis; B. Dunlap (Mod)

Certain things go together to make the sum of their parts that much better. Peanut Butter and Jelly. Lennon and McCartney. Batman and Robin. In the ever-changing world of the cloud, cyber security ...

The Evolution of Zero Trust Security: Next Gen Access

The Evolution of Zero Trust Security: Next Gen Access

June 7, 2018, Nick Fisher, Security Product Marketing at Okta

As breaches fill the headlines, more organizations are adopting a Zero Trust security model and its key principle of "never trust, always verify." Modern implementations of this model are focusing ...

Secure DevOps: Application Security from Development Through Runtime

Secure DevOps: Application Security from Development Through Runtime

June 5, 2018, Nathan Dyer of Tenable

DevOps has become a competitive advantage for organizations competing in the new digital era. Increased speed, rapid experimentation, and continuous change are now guiding operating tenants to win ...

3 Ways to Speed Up Your Incident Response Time

3 Ways to Speed Up Your Incident Response Time

May 31, 2018, Abik Mitra of Code42

The pace of cyber attacks on business users is increasing, but the time it takes to detect and recover from them is taking longer. In this webinar, Code42's Abhik Mitra will explore the root caus...

Wrangling Those Pesky 3rd-party Software Vulnerabilities

Wrangling Those Pesky 3rd-party Software Vulnerabilities

May 31, 2018, Mayank Goyal, Sr. Security Researcher, Nishtha Behal, Security Researcher, Adobe

Like many large software companies, Adobe makes use of both open source and commercial off-the-shelf software components to deliver solutions to its customers. From time to time, as with any public...

LIVE Cyber Attack Simulation: A Crypto Crime in Action

LIVE Cyber Attack Simulation: A Crypto Crime in Action

May 23, 2018, Hank Schless and Christian Lappin from Threat Stack

Crypto mining and cyber crime are at the top of the list for headline-grabbing attacks. Want to see how it’s actually done? The reality of what happens on a day-to-day basis is the breakdown of pe...

GDPR: Personal Data Protection Compliance is a Business Matter

GDPR: Personal Data Protection Compliance is a Business Matter

May 22, 2018, Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting

Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted app...

5 Steps to Boost Your Security Posture on AWS

5 Steps to Boost Your Security Posture on AWS

May 15, 2018, Neelum Khan, Tajvia Willis, and ​Sudha Iyer from Netskope

Many customers have exposed their data in the cloud without proper security solutions. Securing data in the cloud to prevent exposures can present challenges to all enterprises. Despite the rapidly...

How to Ace Type 2 SOC 2 with Zero Exceptions

How to Ace Type 2 SOC 2 with Zero Exceptions

May 8, 2018, Pete Cheslock and Pat Cable of Threat Stack

Achieving Type 2 SOC 2 compliance with zero exceptions was no easy feat for Threat Stack. However, rather than implementing stringent security protocols at every point of production, they implement...

The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9

The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9

May 3, 2018, Daniele Catteddu of CSA and Marina Segal of Dome9 Security

General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. The requirements of GDPR are substantial and the penalties for non-compliance are severe. The new regulation will re...

True Detective – Autopsy of latest O365 and AWS threats

True Detective – Autopsy of latest O365 and AWS threats

April 25, 2018, Brandon Cook, Thyaga Vasudevan, and Sandeep Chandana of McAfee

How does your organization defend against the latest O365 and AWS threats including KnockKnock and Ghostwriter? Join CSA and McAfee to see an autopsy of two recent cloud threats: KnockKnock (O365)...

Anatomy of a Cyber Security Breach: The Hero's Journey

Anatomy of a Cyber Security Breach: The Hero's Journey

April 11, 2018, Sam Curry of Cybereason; Andrew Hammond and Red Curry of SSH Communications Security; Hector Monsegur of Rhino Security Labs

My mother was washing dishes in the kitchen when the glass window she was looking out shattered in front of her…she was OK but unfortunately my curve ball has never gotten better. The second law of...

Understanding the Status of ERP Security in the Cloud

Understanding the Status of ERP Security in the Cloud

March 21, 2018, JP Perez-Etchegoyen of Onapsis and Shamun Mahmud of CSA

With ERP vendors reporting double-digit growth in cloud revenue year over year, many organizations are faced with the challenging task of planning a cloud migration of their most critical assets. B...

How to Design Successful Internal Bug Hunts: Squashing Security Bugs on a Budget

How to Design Successful Internal Bug Hunts: Squashing Security Bugs on a Budget

March 19, 2018, Pieter Ockers of Adobe

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition...

CSA Summit at RSA Conference Preview

CSA Summit at RSA Conference Preview

March 14, 2018, Jim Reavis of CSA,Wayne Anderson of McAfee, Deena Thomchick of Symantec, Jervis Hui of Netskope, and Chris Steffen of Cyxtera

Want to know what you can expect at this years CSA Summit at RSA Conference? Join this webinar to get a preview of several sessions including:  - Appetite for Destruction – The Cloud Edition Over ...

Making Compliance Count

Making Compliance Count

March 7, 2018, Dave Lenoe and Molly Junck at Adobe

It’s a brave new world, with bug bounties and crowd-sourced penetration tests now an up-and-coming way to augment security programs. But can you do the same with your compliance and certification p...

Are Your Containers Compliant?

Are Your Containers Compliant?

February 28, 2018, Cliff Turner, Cloud Security Evangelist, CloudPassage

If we could call out two things that are growing in importance in 2018, it’s containers and compliance. Penalties for data breaches are on the rise, all the while organizations are under increasing...

Defining the cloud-enabled branch: How cloud apps drive network transformation

Defining the cloud-enabled branch: How cloud apps drive network transformation

February 13, 2018, Dan Shelton of Zscaler

Amazon, Azure and SaaS are already on everyone's mind. When your data center workloads move to cloud, is your corporate backhaul the most efficient way to get to the applications? The migration of ...

Automating Security for Cloud Services

Automating Security for Cloud Services

February 8, 2018, Peleus Uhley, Lead Security Strategist at Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the...

ISO/IEC 19086: An Overview and Application

ISO/IEC 19086: An Overview and Application

February 1, 2018, John Calhoon of Microsoft

In this webinar, we will take a look at ISO/IEC 19086 which is an international standard for cloud service level agreements (SLAs). Specifically, we’ll discuss the impetus for establishing the sta...

Data-driven Cybersecurity Defense for Organizations and their Ecosystems

Data-driven Cybersecurity Defense for Organizations and their Ecosystems

January 25, 2018, Phil Marshall of Security ScoreCard

Many companies rely on staticpoint-in-time security assessments to measure the cybersecurity health of their enterprise and vendor ecosystem. This approach is quickly becoming obsolete in today’s d...

Returning data control to users - the next frontier for cloud security research

Returning data control to users - the next frontier for cloud security research

January 22, 2018, Ryan Ko, Associate Professor, University of Waikato

From the Uber data leakage incident to cases where photographs of young or vulnerable people are stolen and misused on inappropriate websites, there is a fundamental gap: the lack of users' control...

Introducing HubbleStack: a free, open source project to help automate compliance

Introducing HubbleStack: a free, open source project to help automate compliance

January 17, 2018, Christer Edwards of Adobe

Organizations have difficulties handling security auditing and compliance that can be scaled across many teams with varying infrastructure. Adobe found themselves in the same situation and in need...

Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements

Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements

January 11, 2018, Steve House of Zscaler

The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud sec...

Developing a Successful Secure Product Lifecycle (SPLC) Program

Developing a Successful Secure Product Lifecycle (SPLC) Program

January 4, 2018, Julia Knecht and Taylor Lobb of Adobe

A secure product lifecycle (SPLC) is integral to ensuring software is written with security in mind, but companies struggle to create a successful process with limited security resources and minima...

Top 10 Public Cloud Security Recommendations

Top 10 Public Cloud Security Recommendations

December 14, 2017, Matt Keil of Palo Alto Networks

Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the...

Exploring CSA’s Cloud Controls Matrix (CCM) for Cloud Security

Exploring CSA’s Cloud Controls Matrix (CCM) for Cloud Security

December 7, 2017, Neha Thethi, BH Consulting

As a cloud customer, vendor, security auditor or regulator, you may have been involved with ensuring security in the cloud. Although numerous standards, regulations, and controls frameworks exist t...

5 Steps to Prevent AWS Data Exposures

5 Steps to Prevent AWS Data Exposures

December 6, 2017, Brandon Cook and Anant Mahajan of Skyhigh

Amazon Web Services has strong security features, but customer misconfigurations have led to a series of very public data exposures over the last few months from Verizon, Dow Jones, Accenture, and ...

Cloud Security for Startups - From A to E(xit)

Cloud Security for Startups - From A to E(xit)

November 23, 2017, Moshe Ferber of CSA Israel and Shahar Maor of Outbrain

Cloud computing perform amazing things for startups, providing young companies with access to enterprise grade infrastructure . But also act as a double edge sword. Lack of proper security controls...

Security Anthropology: How Do Organizations Differ?

Security Anthropology: How Do Organizations Differ?

November 16, 2017, Wendy Nather with Duo Security

When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and th...

Protecting Corporate Data When an Employee Leaves

Protecting Corporate Data When an Employee Leaves

November 2, 2017, Michael Osterman of Osterman Research and Drew Neilson of Druva

Employees leave organizations each year, but did your sensitive data leave with them? Osterman Research found that 39% of companies are not sure that they have recovered all corporate data assets, ...

CISO Challenges with Cloud Computing

CISO Challenges with Cloud Computing

October 31, 2017, Moshe Ferber of CSA Israel

Cloud computing provides companies with unprecedented access to robust, scalable infrastructure, but on the other hand, cloud adoption is accompanied with various challenges for security profession...

Market State of Cloud Security

Market State of Cloud Security

October 24, 2017, Nick Mendez of Optiv

Optiv will be sharing their insights on the market state of cloud security and how enterprises should bolster their security programs for the evolution of cloud. We will cover what we see in the fi...

CASB 2.0: The Next Frontier for CASB

CASB 2.0: The Next Frontier for CASB

October 17, 2017, Deena Thomchick of Symantec

The rapid adoption of cloud applications and services has fueled the need for new security solutions, such as Cloud Access Security Brokers (CASBs). But how do these systems weave into your overall...

Securing the Open Enterprise - API Security Threats, Risks and Solutions

Securing the Open Enterprise - API Security Threats, Risks and Solutions

October 10, 2017, Ron Speed of TrustedImpact

Enterprises around the globe are rapidly opening up their back-end systems and databases to the outside world using APIs. Drivers for doing this include everything from improving customer service,...

Internal Bug Hunts: Squashing Security Bugs on a Budget

Internal Bug Hunts: Squashing Security Bugs on a Budget

September 19, 2017, Pieter Ockers - Sr Program Manager at Adobe

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition ...

Challenges in Data Privacy

Challenges in Data Privacy

September 14, 2017, Craig Scoon, Consultant in the Risk Advisory Service at Deloitte

There are many challenges for data privacy legislation within a boundary-less cloud computing and World Wide Web environment. Despite its importance, there is limited research around data privacy l...

State of Cloud Adoption in Asia Pacific (APAC)

State of Cloud Adoption in Asia Pacific (APAC)

September 13, 2017, Ekta Mishra, Research Analyst of CSA and David Siah, Country Manager of TrendMicro Singapore

Cloud as the enabler of Internet of Things (IoT) and data analytics, the incorporation of cloud computing is critical for the successful implementation of these leading-edge technologies. Countries...

Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR

Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR

August 17, 2017, Nicola Franchetto of ICT Legal Consulting

Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection L...

Backup & Recovery: Your Get out of Ransomware Free Card

Backup & Recovery: Your Get out of Ransomware Free Card

August 9, 2017, Andrew Nielsen, Chief Trust Officer of Druva and Jim Reavis, CEO of CSA

Ransomware has become a major concern for organizations around the globe. The U.S. Department of Justice reports that an average of 4,000 ransomware attacks occur daily. These ransomware attacks ar...

"Cloud-First" Ransomware - A Technical Analysis

"Cloud-First" Ransomware - A Technical Analysis

July 27, 2017, Bob Gilbert and Sean Hittel of Netskope

Cloud services have emerged as the preferred attack vector of some of the most dangerous and innovative cloud malware exploits of the past six months. Why?  Because many organizations don't inspect...

Cloud Services and Encryption: Facts, Myths, Perceptions

Cloud Services and Encryption: Facts, Myths, Perceptions

July 19, 2017, Paul Rich of Microsoft

Encryption and terms like "BYOK" have surged to the forefront of cloud service discussions. Both security and compliance stakeholders express great interest in encryption and its apparent promises....

How and Why to Build an Insider Threat Program

How and Why to Build an Insider Threat Program

June 20, 2017, Jadee Hanson of Code42

Jadee Hanson, Director of Security at Code42, provides a behind-the-scenes look at what it's really like to run an insider threat program -- a program in which you can take steps to prevent employe...

Security Automation Strategies for Cloud Services

Security Automation Strategies for Cloud Services

June 15, 2017, Peleus Uhley of Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the...

4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup

4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup

June 13, 2017, Aimee Simpson of Code42, Shawn Donovan of F5 Networks, and Kurt Levitan of Harvard University

Today's organizations face complex challenges as a result of exponential data growth and rapidly evolving ​cyberthreats. Furthermore, as companies move to cloud, it's inevitable that technologies w...

How Financial Services can Leverage the Cloud Securely to Drive Business

How Financial Services can Leverage the Cloud Securely to Drive Business

May 25, 2017, Miguel Ramos of Forcepoint

Though one of the most mature industries in cybersecurity, the Financial Services industry has seen some of the largest explosion of innovation and technology. While startups and innovators are foc...

You can stop shaking if you follow this plan for securing your data

You can stop shaking if you follow this plan for securing your data

May 17, 2017, Terence Spies of HPE Security-Data Security and Rich Mogull of Securosis

Data security has a tendency to be intimidating for organizations, users and implementers. Organizations see the value but the challenges of applying a data security solution. Wouldn’t it be great...

Overcoming the Challenges of Securing Hybrid Enterprises

Overcoming the Challenges of Securing Hybrid Enterprises

April 13, 2017, Cryptzone

It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often ...

Leveraging the Power of Threat Intelligence

Leveraging the Power of Threat Intelligence

March 15, 2017, Ray Pompon and Sara Boddy of F5

It's becoming impossible for cyber security to keep up with paradigm-changing technological advancements which provide fertile new hunting ground for the more sophisticated cyber-criminals. You ca...

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

March 6, 2017, John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group

Join this in-depth interview at RSA Conference with John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group. Viewers will learn John's insights around: - ...

Fighting the ‘Gap of Grief’ With Business-Driven Security

Fighting the ‘Gap of Grief’ With Business-Driven Security

March 1, 2017, Peter Beardmore of RSA

Defending against human ingenuity demands a new way of thinking. With countless dollars spent and infinite alerts you still don’t have a true picture of what is going on. So when a breach happens,...

Which CASB Deployment Mode is Right for Me?

Which CASB Deployment Mode is Right for Me?

January 19, 2017, Srini Gurrapu and Brandon Cook of Skyhigh

When kicking off a cloud security project, you'll quickly discover that there are multiple deployment options for a cloud access security broker (CASB) – Log Collection, API, Reverse Proxy, and For...

Cloud First, Now What?

Cloud First, Now What?

January 17, 2017, Palo Alto Networks

Your executive staff has made a strategic decision to move to the cloud, and your team has the seemingly monumental task of executing on this new direction. The journey to the cloud introduces many...

The 2017 Cyberthreat Landscape

The 2017 Cyberthreat Landscape

December 14, 2016, Leo Taddeo, Chief Security Officer, Cryptzone

2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threa...

SIEM for the Cloud? The Essentials You Need to Know

SIEM for the Cloud? The Essentials You Need to Know

December 6, 2016, Chris Collard and Mark Campbell of IBM Security

A cloud-delivered security intelligence platform can help you make sense out of the mountains of data collected from your expanded perimeter of cloud workloads and assets. However, it’s easy to get...

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

November 29, 2016, Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler

The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore differe...

CSA SDP for IaaS Initiative: Research Preview

CSA SDP for IaaS Initiative: Research Preview

November 15, 2016, Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage

Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting f...

Conducting Security Investigations in Minutes (or Less)

Conducting Security Investigations in Minutes (or Less)

November 8, 2016, Doron Shiloach, Senior Product Manager at IBM

Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking...

Developing a Proactive Approach to GDPR Compliance

Developing a Proactive Approach to GDPR Compliance

November 3, 2016, Yael Nishry and Doug Lane of Vaultive

As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that...

Defeating the Insider Threat:  Don't Have Your Head in the Clouds

Defeating the Insider Threat: Don't Have Your Head in the Clouds

October 19, 2016, Evelyn De Souza and Mary Beth Borgwing

Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new res...

Working the Numbers: Learn How to Make the Case for a CASB

Working the Numbers: Learn How to Make the Case for a CASB

October 13, 2016, Palerra

58% of security professionals expect their budgets to stay the same next year. If you’re like them, you’re trying to secure a growing number of cloud services and infrastructure without a bigger bu...

20 Months to a New Global Data Privacy Law – What You Need To Do

20 Months to a New Global Data Privacy Law – What You Need To Do

October 11, 2016, Nigel Hawthorn of Skyhigh

The GDPR Covers Anyone with Data on European Residents In May 2018, a new data privacy law comes into effect and any organisation with data on the 500+ million citizens of the European Union (EU)...

Scared of implementing a data protection solution?

Scared of implementing a data protection solution?

October 6, 2016, Rich Mogul of Securosis and Terence Spies of HPE Security--Data Security

Data protection has a tendency to be intimidating for organizations, users and implementers. Organizations see the value of having a data protection program but the challenges of applying a data p...

CSA Research: Mitigating Top Cloud Threats

CSA Research: Mitigating Top Cloud Threats

August 30, 2016, Salim Hafid and Rich Campagna of Bitglass, and John Yeoh of CSA

With cloud adoption on the rise, IT leaders are looking to peer organizations to understand security best practices in the cloud. Bitglass and CSA surveyed infosec professionals to uncover the top ...

Standardization and visibility of security controls in Hybrid

Standardization and visibility of security controls in Hybrid

August 24, 2016, Avinash Prasad and Munish Gupta of Infosys Ltd

The needs for IT agility for business, is driving adoption of flexible computing environments including IaaS, Private Cloud among others. The challenge associated with this transformation towards t...

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

August 16, 2016, Mat Hamlin of Spanning by EMC and Will McNae of Microsoft

Information theft is the most expensive consequence of cybercrime, according to a recent Ponemon study. Business interruption following a cyberattack exacts a high price in productivity and busines...

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

August 9, 2016, Brandon Cook and Santosh Raghuram of Skyhigh Networks

How does your organization combat insider threats and compromised accounts? Join CSA and Skyhigh Networks to learn about cloud threat findings from the research of CSA and Skyhigh Cloud Security ...

Protect Against New Threats to Safely Enable SaaS

Protect Against New Threats to Safely Enable SaaS

August 4, 2016, Palo Alto Networks

The usage of SaaS applications continues to grow rapidly whether they are enabled by IT or your end users. SaaS-based application usage has grown 46 percent over the past three years as shown in th...

Joining the Cloud Cyber Intelligence Exchange

Joining the Cloud Cyber Intelligence Exchange

August 2, 2016, Patrick Coughlin, TruSTAR

CSA, along with support from key corporate members like Rackspace and Intel, has been incubating a new intelligence exchange within the CloudCISC Working Group. Join CSA and technology partner TruS...

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

August 1, 2016, Jim Reavis of CSA and Atri Chatterjee of Zscaler

According to Gartner, cloud-based security is continuing to grow at a significant rate, spiking at a 35% CAGR compared to 6% for on-premise appliances. Newer and more advanced threats are creating ...

Five Requirements for Securely Adopting Cloud Applications

Five Requirements for Securely Adopting Cloud Applications

July 26, 2016, Mark D. Campbell and Brandon Whichard of IBM Security

The business benefits of cloud applications are undeniable, however security concerns can still slow their adoption. While many mainstream cloud applications offer secure platforms and excellent se...

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

July 13, 2016, Brandon Cook and Srini Gurrapu of Skyhigh Networks

Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level...

Data-centric protection: the future of BYOD security

Data-centric protection: the future of BYOD security

July 12, 2016, Bitglass

Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privac...

Building the Connected Hospital - Securely

Building the Connected Hospital - Securely

June 30, 2016, Chris Frenz, Jennifer Cathcart, Yogi Shaw, and Gib Sorebo

The concept of the Connected Hospital offers full integration with Electronic Health Record (EHR) systems, streamlined operations, and enhanced patient safety. Secure implementation of the capabil...

It's Alive! Automating Security Response in the Cloud

It's Alive! Automating Security Response in the Cloud

June 22, 2016, Tim Prendergast of Evident.io

The challenges facing teams responsible for creating speed and acceleration in the cloud are numerous, but the most dangerous challenge is discerning security signals from infrastructure noise. We ...

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

June 14, 2016, Daniele Catteddu, CTO, CSA & Josh Downs, Community Manager, BrightTALK

- Infosecurity Europe 2016 - BrightTALK were honoured to be joined by the CSA's CTO Daniele Catteddu to get his thoughts on cyber security and cloud defences in particular. Daniele walked throug...

Continuous auditing/assessment of relevant security properties

Continuous auditing/assessment of relevant security properties

June 14, 2016, John DiMaria of BSI

Module 3 in the CSA STAR Series While the Cloud Security Alliance’s (CSA) STAR Certification has certainly raised the bar for cloud providers, any audit is still a snapshot of a point in time. Wha...

The CSA Strategy for Securing IoT via the Cloud

The CSA Strategy for Securing IoT via the Cloud

June 7, 2016, Jim Reavis

Internet of Things will lead to a future where virtually every physical item has a microprocessor and all industries will be disrupted. In this presentation, CSA CEO Jim Reavis discusses key secur...

CSA SDP for IaaS Initiative: Best Practices and a Progress Report

CSA SDP for IaaS Initiative: Best Practices and a Progress Report

June 2, 2016, Jason Garbis of Cryptzone

Enterprise adoption of IaaS environments has brought tremendous benefits, in terms of cost savings and agility, and enabled a more dynamic infrastructure. However, these changes have created new se...

Cloud Trust Protocol (CTP) Demo

Cloud Trust Protocol (CTP) Demo

May 20, 2016, Alain Pannetrat of Cloud Security Alliance

The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, prom...

The Business Value of Operational Risk Management

The Business Value of Operational Risk Management

May 11, 2016, John DiMaria of BSI

Risk Management is not a standalone activity carried out by a company’s risk experts; it is part of the responsibilities of management and a concern to all of the organization’s stakeholders. Risk ...

Risky Business: Key Cloud Security Metrics your Board Needs to See

Risky Business: Key Cloud Security Metrics your Board Needs to See

May 10, 2016, Srini Gurrapu, Skyhigh Networks

A recent study by Ponemon showed that the likelihood of an enterprise data breach of involving more than 10,000 records is approximately 22%. This risk, with an average associated cost of $3.79 mil...

Improve CX, Productivity, Revenues and Security with Identity Coherence

Improve CX, Productivity, Revenues and Security with Identity Coherence

May 5, 2016, Steve Tout of Forte Advisory

Customers expect a seamless experience across services and devices, critical to ensure successful conversions and renewals in e-commerce. At the same time, the impact of disconnected user experien...

Meeting international requirements and leveraging CSA STAR for supply chain mana

Meeting international requirements and leveraging CSA STAR for supply chain mana

May 4, 2016, John DiMaria, BSI

When an organization adopts cloud services, it is in fact expanding its operations from a local or regional presence to a more global one. As a result, the corresponding organizational operations’ ...

Cloud security threats and resolutions: A meeting of the minds

Cloud security threats and resolutions: A meeting of the minds

April 27, 2016, Jim Reavis of CSA, David Baker and Arturo Hinojosa of Okta

According to the 2016 Top Threats report from CSA, the ramifications of poor cloud computing decisions is no longer an IT issue but rather a boardroom issue. Executives at the highest levels are un...

Beyond the Firewall: Securing the Cloud with a CASB

Beyond the Firewall: Securing the Cloud with a CASB

April 26, 2016, Mike Schuricht and Salim Hafid, Bitglass

As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Organizations need the ability to protect d...

Mind the Mobile Gap

Mind the Mobile Gap

April 26, 2016, Dan Wolff, IBM

Throwing a safety net over mobile cloud app usage leaves the enterprise having to balance manageability and security against the user experience. This session covers how you can gain visibility int...

Public, Private, Hybrid…Secure Your Cloud’s Future

Public, Private, Hybrid…Secure Your Cloud’s Future

April 20, 2016, Sai Balabhadrapatruni Palo Alto Networks

The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed, and adopted. The challenge has become bal...

Dramatically Improve Network Security using SDP

Dramatically Improve Network Security using SDP

April 13, 2016, Jason Garbis, Cryptzone

It’s time to recognize that traditional network security tools grant users too much access and therefore create a serious security gap. A typical user may be authorized to access only a few resourc...

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

April 11, 2016, Jason Wolford of Rackspace and Imam Sheikh of Vormetric

Your business has capitalized on managed cloud services to host many of your IT workloads. Now, you need to expand your cloud IT deployments further with public cloud services using Amazon Web Ser...

Cloud Security: What You Should Be Concerned About

Cloud Security: What You Should Be Concerned About

March 31, 2016, Raji Samani of Intel Security and Jim Reavis of CSA

Intel Security conducted a survey regarding cloud adoption and cloud security. This webcast will discuss the findings and answer questions like... -Is cloud for everyone? -How much are companies i...

2016 Information Security Trends and Cloud Security Alliance Priorities

2016 Information Security Trends and Cloud Security Alliance Priorities

March 22, 2016, Jim Reavis, CEO of Cloud Security Alliance

An informal look at the important security trends identified by CSA experts and the activities initiated by Cloud Security Alliance to address key industry issues.

How to Determine Responsibility for Cloud Security?

How to Determine Responsibility for Cloud Security?

March 21, 2016, Rich Campagna, Bitglass

Rich Campagna of Bitglass explains in this short video the WSJ test -- an easy way to determine the security responsibilities of SaaS vendors and their clients.

Not “If” but “When”: Protecting Your Data with a Cyber Resiliency Plan

Not “If” but “When”: Protecting Your Data with a Cyber Resiliency Plan

March 15, 2016, Santosh Raghuram, Skyhigh Network

In today's security landscape, a security breach is not a matter of "if," but "when." Is your organization prepared to minimize and mitigate the effects of a breach? Join the Cloud Security Allianc...

The Borderless World: Bridging the Cloud with On-Prem Systems

The Borderless World: Bridging the Cloud with On-Prem Systems

March 10, 2016, Farshad Ghazi and Chris Griffith, HPE Security

Learn more about the new CSA Top Threats Report and how to protect yourself. In the borderless world of Cloud computing, everything changes. You cannot deliver a cloud enabled business without a f...

Securing IaaS - The Forgotten component of Cloud Access Security Brokers

Securing IaaS - The Forgotten component of Cloud Access Security Brokers

February 25, 2016, Ganesh Kirti, Palerra

ShadowIT Discovery and security of SaaS are often considered key capabilities of Cloud Access Security Broker. There is, however, one critical capability which is often overlooked; security of IaaS...

The State of Office 365 Security

The State of Office 365 Security

February 17, 2016, Doug Lane, Vaultive

Microsoft Office 365 adoption skyrocketed in 2015, but security and compliance questions are still keeping many organizations on the sidelines. What built-in security features does Microsoft provid...

Road Map to CSA Star Certification: Module 1

Road Map to CSA Star Certification: Module 1

February 11, 2016, BSI

ROAD MAP TO CSA STAR CERTIFICATION – OPTIMIZING PROCESSES, REDUCING COST AND MEETING INTERNATIONAL REQUIREMENTS With Japan’s introduction of the quartz wristwatch in 1969, the majority Swiss marke...

Next-Gen Mobile Security: What comes after MDM?

Next-Gen Mobile Security: What comes after MDM?

February 3, 2016, Salim Hafid and Neal Mhaskar, Bitglass

BYOD is an adoption, not a rollout. In fact, 57% of employees refuse MAM or MDM on their personal devices. What are the drawbacks of MDM? How can your organization both drive adoption and effective...

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

January 28, 2016, Anil Karmel, Co-Founder and CEO of C2 Labs

Containers such as Docker and CoreOS Rkt deliver incredible capabilities to developers and operators and are powering the DevOps revolution in application development and deployment. Docker in p...

Making Trusted Decisions to Use the Cloud: A New Model to Succeed

Making Trusted Decisions to Use the Cloud: A New Model to Succeed

January 14, 2016, Jeffrey Ritter

You know that every decision to use the Cloud will be challenged, whether by investors, executives, customers, or members of your own team. Behind every challenge is the same question, "Can we tru...

Cloud Access Security Brokers: Critical Capabilities

Cloud Access Security Brokers: Critical Capabilities

December 9, 2015, TBD

Cloud Access Security Brokers (CASBs) are the hottest security technologies on the market. They provide organizations with much needed visibility and control over corporate data as it moves beyond ...

Can I Still Use The Cloud? Now That Safe Harbor is Dead

Can I Still Use The Cloud? Now That Safe Harbor is Dead

November 24, 2015, Nigel Hawthorn

A webinar for IT Security, Legal and Compliance Managers. The EU-US Safe Harbor agreement for data transfers has been declared invalid. Hear what this means for you, your organization and your d...

Keeping your Data and Applications Safe from the CSA Top Threats

Keeping your Data and Applications Safe from the CSA Top Threats

November 10, 2015, Farshad Ghazi and Chris Griffith--HP Security

The cloud presents all kinds of opportunities for today’s enterprise, from anywhere access to anything-as-a-service. Cloud computing imposes significant security risks on the corporation, network, ...

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

October 21, 2015, Matt Brunsvold of Cargill and Srini Gurrapu of Skyhigh

Skyhigh’s Office 365 Cloud Adoption and Risk report shows that the average enterprise uploads 1.37TB of data across SharePoint, OneDrive, and Yammer each month, 17.4% of which is sensitive.  With O...

Top 3 Reasons Why Growing Organizations are Moving Their Security to the Cloud

Top 3 Reasons Why Growing Organizations are Moving Their Security to the Cloud

September 24, 2015, James Kawamoto, Zscaler Inc.

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have t...

Professionalizing the Cloud Security Workforce

Professionalizing the Cloud Security Workforce

August 20, 2015, Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)²

(ISC)² and CSA recently developed the Certified Cloud Security Professional (CCSP) credential to meet a critical market need to ensure that cloud security professionals have the required knowledge,...

Leveraging Data Control and GRC for Securing Data on the Cloud

Leveraging Data Control and GRC for Securing Data on the Cloud

July 15, 2015, Ryan Ko- CSA APAC Research Advisor, Vibhav Agarwal – Associate Director - Product Marketing, MetricStream

Leveraging Data Control and GRC for Securing Data on the Cloud - A Practical Guide for Immediate Challenges and An Overview of Long-Term Research Challenges Data security for cloud applications is...

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

July 8, 2015, Evelyn de Souza, Data Governance Workgroup Chair, Cloud Security Alliance & Data Privacy and Compliance Leader, Cisco Systems

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach over the next 12 months. While cloud insider threats consistently rank as a top concern, they h...

Cloud Standards - Ready for Prime-time (part 2)

Cloud Standards - Ready for Prime-time (part 2)

June 30, 2015, Michel Drescher, EGI; John Messina, NIST; Peter Deussen, Fraunhofer FOKUS

Cloud computing will not reach its full potential without fully developed and stable management and context standards. Customers indeed expect freedom of choice, increased control and interoperabil...

Lessons Learned From the Biggest Security Breaches

Lessons Learned From the Biggest Security Breaches

June 25, 2015, Jim Reavis, CSA; Michael Sutton, Zscaler

Learn about the biggest security breaches and what it means for your organization. The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest ...

Cloud Standards - Ready for Prime Time

Cloud Standards - Ready for Prime Time

June 9, 2015, Michel Drescher, EGI; Alan Sill, OGF, Texas Tech University; Alex McDonald, NetApp; David Wallom, Oxford e-Research Centre

Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as...

How to Negotiate a Proper SLA

How to Negotiate a Proper SLA

May 19, 2015, Jesus Luna, CSA; Frederic Engel, Market Engal SAS;Daniele Catteddu, CSA; Arthur van der Wees; Arthur's Legal; Said Tabet, EMC

The typical cloud customer easily grasps perceived advantages and user-friendliness in the cloud, but they are not security experts. Matching an customer's security requirements with what is being ...

Preparing for 2015: Internet security best practices from the Global 1000

Preparing for 2015: Internet security best practices from the Global 1000

May 12, 2015, Jim Reavis, CEO at the Cloud Security Alliance & Dan Druker, CMO at Zscaler

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have t...

Platform as a Service: Build Cloud Applications Rapidly and Reliably

Platform as a Service: Build Cloud Applications Rapidly and Reliably

March 19, 2015, Jonathan Sage, IBM; Mike Edwards, IBM; Achille Pinson, PrepMyFuture.com

CloudWATCH webinars aim to evangelise the merits of cloud services to SMEs and governments. This particular session on building cloud applications will explain Platform as a Service. Cloud technolo...

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

February 17, 2015, Peter Wood (moderator); Prof. John Walker, James Brown (Alert Logic), Bernd Jaeger (Cloud Security Alliance)

Join this exciting panel session with some of the industry's leading thought leaders including: Peter Wood, CEO, First Base Technologies Prof. John Walker, Researcher, Writer & Speaker, Cyber-Vaul...

Cloud CISC Virtual Summit

Cloud CISC Virtual Summit

February 5, 2015, Paul Kurtz, Dave Cullinane

The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharin...

An Approach to Cloud Services Risk Management for Today’s Enterprises

An Approach to Cloud Services Risk Management for Today’s Enterprises

February 4, 2015, Deepayan Chanda, Wesley Cheng, Security Solutions Architects, Advanced Services, Cisco Systems

This session provides a methodology and a Business Risk Framework for assessing the risk of an ever-increasing number of cloud services. It builds upon the Cloud Security Alliance Cloud Controls ...

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

February 4, 2015, Derick Fogt, IT Risk Management, Cisco Systems

A great many enterprises leverage the Cloud Security Alliance Cloud Controls Matrix as a primary component for identifying cloud service provider risks. What’s also needed is a way to measure the...

Service Management: What Standards Can Do For Business – The Example of FitSM

Service Management: What Standards Can Do For Business – The Example of FitSM

January 29, 2015, Dr. Thomas Schaaf, Dr. Michael Brenner, Owen Appleton, Sy Holsinger

To meet customer needs and provide valuable services, it is important to maintain a high quality of service, which in itself requires a well-structured approach to IT Service Management (ITSM). Exi...

IoT Security Challenges for Early Adopters

IoT Security Challenges for Early Adopters

December 4, 2014, Brian Russell, Chief Engineer CyberSecurity Solutions at Leidos

The Internet of Things (IoT) offers enhanced technology capabilities in diverse industries. In the health care setting, IoT will bring new connected medical devices that support near real-time mon...

Monitoring in a Cloud Environment

Monitoring in a Cloud Environment

November 26, 2014, Eliot Salant, Dario Bruneo, Avi Miron - Cloud Wave; Kyriakos Kritikos - PaaSage; Michel Drescher - EGI, CloudWatch

Monitoring resource consumption in a Cloud environment is becoming an increasingly important research topic in order to provide optimal management of both the underlying Cloud infrastructure and ex...

Reducing Risk in the Cloud with the CCM

Reducing Risk in the Cloud with the CCM

October 15, 2014, John Yeoh, Sr. Research Analyst, CSA; Sean Cordero, Co-Chair, CSA CCM Working Group

Cloud computing promises to deliver efficiencies through reduced time to market and greater agility for organizations. While the impact of cloud computing is profound, many organizations remain he...

The Role of Certification and Standards for Trusted Cloud Solutions

The Role of Certification and Standards for Trusted Cloud Solutions

October 2, 2014, Daniele Catteddu, CSA; Dr. Michaela Iorga, NIST; Marnix Dekkar, ENISA; Claudio Belloli, GSA

Security and privacy certifications have been identified as one of the most effective means to increase the level of trust in cloud services and stimulate their adoption. Based on this assumption, ...

New Opportunities for Data Privacy and Data Protection Harmonization

New Opportunities for Data Privacy and Data Protection Harmonization

September 24, 2014, Evelyn De Souza, Cisco; Dan Blum, Respect Network; Mary Beth Borgwing, Advisen

This week the CSA and Cisco announced the results of a comprehensive survey of cloud security professionals on data privacy considerations. The survey responses highlight a growing and strong int...

Big, Open, and Properly Protected Data?

Big, Open, and Properly Protected Data?

September 24, 2014, Mariusz Jarzebowski, demosEUROPA; Ratko Mutavdzic, PROJEKTURA; DR. Gwendal Le Grand, CNIL; Patrice Chazerand, DIGITALEUROPE

Big data keeps making the headlines. Open data is high on governments’ agenda. This CloudWATCH webinar will hear contributors to the research paper ‘’Big & Open Data in Europe: A growth engine or a...

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

September 23, 2014, Ilia Tivin- CISSP, CCSK- Senior SIEM consultant and Hiroshi Masuda- HP APJ TSC ITAS(Security) Lead

Cloudbytes is a Webinar/Webcast for the APAC region which would be held monthly for all the CSA chapter members. The CloudBytes program will look to bring the most important topics to the forefront...

Multi-tenancy in Federated Clouds

Multi-tenancy in Federated Clouds

August 28, 2014, Michel Drescher, European Grid Infrastructure; Jesus Luna, CSA; Ian Osborne, Knowledge Transfer Network; Colin Wallis, NZ Gov

However popular multi-tenancy has become in cloud computing, this concept still sounds a bit like a mystery. This CloudWATCH webinar will provide you with a chance to get a crystal-clear take of th...

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

July 24, 2014, John Howie, Cloud Security Alliance; Doug Meier, Pandora; Krishna Narayanaswamy, Netskope

The Cloud Security Alliance’s Cloud Controls Matrix is a rich source of cloud security best practices designed as a framework to provide fundamental security principles to cloud vendors and cloud c...

Legal Issues for Cloud Computing

Legal Issues for Cloud Computing

July 15, 2014, Paolo Balboni, ICT Legal Consulting; Lucio Scudiero, ICT Legal Consulting

Cloud Computing Users increasingly attempt to negotiate contract terms for cloud computing services, in order to make them more suitable for their specific needs. However, despite the efforts they...

2 Minutes on BrightTALK: What are your weak points?

2 Minutes on BrightTALK: What are your weak points?

May 16, 2014, Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance

Hear what Daniele Catteddu recommends to strengthen your IT security posture - from risk assessments to mobile and cloud computing.