July 07, 2016

Mobile Application Security Testing releases its white paper.

The Mobile Application Security Testing (MAST) Initiative is a research which aims to help organizations and individuals reduce the possible risk exposures and security threat in using mobile applications. MAST aims define a framework for secure mobile application development, achieving privacy and security by design. Implementation of MAST will result in clearly articulated recommendations and…

July 07, 2016

NEW! Quantum Safe Security Awareness Survey

Quantum Safe Security Awareness Survey The goal of this survey is to collect information from security professionals on their awareness of quantum safe issues and the approaches that can be used to address them. The results of the survey will be disseminated by the CSA and will be available on the Quantum Safe Security Working…

July 06, 2016

Google’s Gerhard Eschelbeck to Keynote at Cloud Security Alliance Congress US at Privacy.Security.Risk Conference

Registration Now Open for the Industry’s Premier Gathering for Cloud Education and Best Practices San Jose, CA – July 6, 2016 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced that Gerhard Eschelbeck, Vice President,…

June 27, 2016

Cloud Security Alliance Issues New Paper on Understanding Quantum Random Number Generators

The Cloud Security Alliance (CSA) today announced the availability of a new research brief from the Quantum-Safe Security (QSS) Working Group titled Quantum Random Number Generators, a whitepaper that looks to detail the impact of randomness on security in an effort to develop the building blocks for effective encryption. Quantum computing, which involves joining the…

June 07, 2016

Data Privacy and Digital Transformation Survey in English, Español, and Português

Prizes include: 10 CCSK Tokens, 100 $20 Amazon Gift Cards, and a Ring Video Doorbell. Data Privacy and Digital Transformation Cloud-based technologies are driving digital transformation, but new data privacy regulations are hampering adoption. We’d like to understand how you and your organization are balancing this dynamic. Participate Now Privacidade de Dados e Transformação Digital…

June 01, 2016

Open Peer Review: Application Containers and Microservices Charter

The CSA encourages its community to provide feedback in order to help identify any critical areas which may be missing in this document’s focus as it regards to scope, deliverables/activities, and mission. The open review and comments period starts today and ends on Friday, July 1, 2016. We appreciate your feedback. Contribute now

May 26, 2016

Open Surveys: Mitigating Risk for Cloud Apps and IT Security in the Age of Cloud

We have two surveys open. If you have a few minutes and would like to win some cool prizes, consider taking our surveys. Mitigating Risk for Cloud Apps Time: 10-15 minutes Prizes: 10 CCSK tokens and a fun new prize will be added shortly Abstract: Current state of SaaS security – with several years of…

May 26, 2016

Open Peer Review – Big Data Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy

The Cloud Security Alliance would like to invite you to review and comment on the Big Data working group’s latest document, Big Data Security and Privacy Handbook: 100 Best Practices in Big Data Security and Privacy. This document lists out in detail the best practices that should be followed by big data service providers to…

Cloud Security Resource | June 20, 2016

It’s Time to Secure that Cloud…but What Skills Do You Need?

MSP Mentor | June 17, 2016

Cloud 101: Setting Customer Expectations

Business Reporter | June 15, 2016

#DSCloud16: Firms must take an evidence-based approach to cloud security

InfoSecurity Magazine | June 14, 2016

Ransomware Tunes into Smart TVs

SC Magazine | June 02, 2016

“Children are dying” due to restrictions on data, warns cloud expert

Biz Report | June 01, 2016

Top 4 tips to secure your business in the cloud

Network World | June 01, 2016

Software-defined Perimeter (SDP) Essentials

RCR Wireless | May 31, 2016

ICSA Labs to roll out IoT security testing certification

Security Intelligance | May 27, 2016

2016 Security Conferences: Infosecurity Europe

Baseline | May 27, 2016

Cloud Deployments Grow Despite Security Concerns

Security News Desk | May 27, 2016

Certes Networks shrinks the attack surface at Infosecurity Europe

Securosis Blog | May 24, 2016

Incident Response in the Cloud Age: More Data, No Data, or Both?

Computer News Middle East | May 23, 2016

eHDF enhances its Public Cloud portal

The Straits Times | May 23, 2016

Smart Nation push to see $2.8b worth of tenders this year

Security Brief | May 18, 2016

Waikato University takes on Kiwi cyber security

Vanilla Plus | May 17, 2016

Prpl Foundation to give keynote at Cloud Security Alliance at the Cloud Security Summit in Milan

Government Computer News | May 12, 2016

Scott stresses the IT changes a $3.1B revolving fund could bring

CIO | May 10, 2016

Why banks are finally cashing in on the public cloud

FierceBigData | May 09, 2016

Open source prpl Foundation publishes peer-reviewed IoT security guide

Securosis Blog | May 09, 2016

Updates to Our Black Hat Cloud Security Training Classes

July 15, 2016

An Enterprise View of Software Defined Perimeter

By Jim Reavis, Co-founder and CEO, Cloud Security Alliance As cloud computing and unmanaged endpoints continue to gain traction, it is a foregone conclusion that information security technical controls must become more virtual – that is to say, software-based. Rapidly disappearing are the days of physical perimeters and hardwired network...

July 15, 2016

How Do We Stack Up to Gartner’s Five Steps for Ransomware Protection?

By Mark Wojtasiak, Director of Product Marketing, Code42 Gartner’s June 2016 article, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware,” outlines five steps for mitigating the threat and/or risk of being hit with ransomware. I will spare you the market stats and dollar figures intended to scare you into taking action...

July 12, 2016

What You Need to Know: Navigating EU Data Protection Changes – EU-US Privacy Shield and EU General Data Protection Regulation

By Marshall England, Industry Marketing Director, Technology & Cloud, Coalfire If you’re an organization with trans-Atlantic presence that transmits and stores European citizen data (e.g. employee payroll & HR data, client & prospect data) in the U.S. you will want to pay attention. What we will discuss was administered under the...

July 11, 2016

An In-House Security Approach for Cloud Services That Won’t Drive Your IT Department Insane

By Jane Melia, VP/Strategic Business Development, QuintessenceLabs “If your security sucks now, you’ll be pleasantly surprised by the lack of change when you move to cloud.” — Chris Hoff, Former CTO of Security, Jupiter Networks The chances are, almost everyone in your organization loves the convenience of the cloud for data storage...

July 07, 2016

No More Excuses – Time to Get a Grip On Your Cloud Security

Rolf Haas, Enterprise Technology Specialist/Network Security and Content Division, Intel Security Cloud use continues to grow rapidly in the enterprise and has unquestionably become a part of mainstream IT – so much so that many organizations now claim to have a “cloud-first” strategy. That’s backed up by a survey* we...

July 06, 2016

Shock Treatment: Combatting Infosec Negligence

By Peter Wood, Cyber Security Consultant, Code42 Boring training videos, box-ticking to meet regulations, blacklisting software at the expense of productivity: large enterprise has been reliant on these methods of “cyber security control” for too long. They are outdated and don’t work. Cyber criminals don’t follow the steps outlined in a...

July 01, 2016

FedRAMP High Baseline Requirements Published

By Abel Sussman, Director, TAAS–Public Sector and Cyber Risk Advisory, Coalfire The Federal Risk and Authorization Management Program (FedRAMP) Project Management Office officially released its High baseline for High impact-level systems. This baseline is at the High/High/High categorization level for confidentiality, integrity, and availability in accordance with FIPS 199; and is mapped...

June 29, 2016

Microsoft Azure Closes IaaS Adoption Gap with Amazon AWS

Percentage of Enterprise Computing Workloads in the Public Cloud Expected to Reach 41.05% This Year By Cameron Coles, Director of Product Marketing, Skyhigh Networks Industry analyst firm Gartner predicts that the infrastructure as a service (IaaS) market will grow 38.4% in 2016 to reach $22.4 billion by the end of the year....