Will Hybrid Cryptography Protect Us from the Quantum Threat?

By Roberta Faux, Director of Advance Cryptography, BlackHorse Solution Our new white paper explains the pros and cons of hybrid cryptography. The CSA Quantum-Safe Security Working Group has produced a new primer on hybrid cryptography. This paper, “Mitigating the Quantum Threat with Hybrid Cryptography,” is aimed at helping non-technical corporate executives understand how to potentially […]

Read more...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

By Victor Chin, Research Analyst, Cloud Security Alliance Cloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP) applications. Most organizations are migrating business-critical applications to a hybrid architecture of ERP applications. To […]

Read more...

Security Spotlight: G Suite User Passwords Stored in Plaintext

By Will Houcheime, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks:   G Suite User Passwords Stored in Plaintext Since 2005 Contact Data of Millions of Instagram Influencers Exposed Rogue Iframe Phishing Used to Steal Payment Card Information London Commuters to be Tracked Through the Use of Wi-Fi Hotspots Thousands of […]

Read more...

What Will Happen If Encryption Used to Protect Data in Corporations Can Be Broken?

By Edward Chiu, Emerging Cybersecurity Technologist, Chevron While the development of quantum computers is still at a nascent stage, its potential in solving problems not feasible with classical computers draws interest from many industries. On one hand, Volkswagen is researching using quantum computers to help optimize traffic, and researchers at Roche are investigating the use […]

Read more...

New and Unique Security Challenges in Native Cloud, Hybrid and Multi-cloud Environments

Cloud Security Complexity

By Hillary Baron, Research Analyst, Cloud Security Alliance CSA’s latest survey, Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments, examines information security concerns in a complex cloud environment. Commissioned by AlgoSec, the survey of 700 IT and security professionals aims to analyze and better understand the state of adoption and security […]

Read more...

Financial Services: Counting on CASBs

Counting on CASBs

By Will Houcheime, Product Marketing Manager, Bitglass Financial institutions handle a great deal of sensitive data and are highly conscientious of where they store and process it. Nevertheless, they are aware of the many benefits that they can gain by using cloud applications. In order to embrace the cloud’s myriad advantages without compromising the security […]

Read more...

“Collection #1” Data Breach

hacker in a hoodie sitting in front of a laptop

By Paul Sullivan, Software Engineer, Bitglass News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for enterprise security. First, let’s clear […]

Read more...

AWS Cloud: Proactive Security and Forensic Readiness – Part 5

incident response lifecycle

By Neha Thethi, Information Security Analyst, BH Consulting Part 5: Incident Response in AWS In the event your organization suffers a data breach or a security incident, it’s crucial to be prepared and conduct timely investigations. Preparation involves having a plan or playbook at hand, along with pre-provisioned tools to effectively respond to and mitigate the potential […]

Read more...

CSA on This Millennium Alliance Podcast

top threats interview image

By Cara Bernstein, Manager/Executive Education Partnerships, The Millennium Alliance This podcast episode features The Millennium Alliance partner, The Cloud Security Alliance. We sat down with Vince Campitelli, Enterprise Security Specialist, and Jon-Michael C. Brook, Principal, Guide Holdings, LLC, and co-chair of CSA’s Top Threats Working Group, to discuss the work of CSA, the top threats […]

Read more...

The Many Benefits of a Cloud Access Security Broker

server hallway leading to a bright blue sky with clouds

By Will Houcheime, Product Marketing Manager, Bitglass Today, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organizations’ IT departments understand how vital cybersecurity is, but must be equipped with modern tools […]

Read more...

CCSK Success Stories: From a Data Privacy Consultant

Invest in your future with CCSK training

By the CSA Education Team This is the fourth part in a blog series on cloud security training, in which we will be interviewing Satishkumar Tadapalli a certified and seasoned information security and data privacy consultant. Tadapalli has 12+ years of multi-functional IT experience in pre-sales, consulting, risk advisory and business analysis. He has rich […]

Read more...

Prying Eyes Inside the Enterprise: Bitglass’ Insider Threat Report

Threatbusters Insider Report cover

By Jacob Serpa, Product Marketing Manager, Bitglass When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be remediated.  Insider threats, which involve either malicious or careless insiders, are another significant […]

Read more...

CSA STAR – The Answer to Less Complexity, Higher Level of Compliance, Data Governance, Reduced Risk and More Cost-Effective Management of Your Security and Privacy System

Star Registry:

By John DiMaria, Assurance Investigatory Fellow, Cloud Security Alliance We just launched a major refresh of the CSA STAR (Security, Trust and Assurance Risk) program, and if you were at the CSA Summit at RSA, you got preview of what’s in store. So let me put things in a bit more context regarding the evolution […]

Read more...

Healthcare Breaches and the Rise of Hacking and IT Incidents

Healthcare breach Report 2017

By Jacob Serpa, Product Marketing Manager, Bitglass In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details are properly secured.  Each year, Bitglass conducts an analysis and uncovers how well healthcare organizations are […]

Read more...

12 Ways Cloud Upended IT Security (And What You Can Do About It)

12 Ways Cloud Upended IT Security - Image

By Andrew Wright, Co-founder & Vice President of Communications, Fugue The cloud represents the most disruptive trend in enterprise IT over the past decade, and security teams have not escaped turmoil during the transition. It’s understandable for security professionals to feel like they’ve lost some control in the cloud and feel frustrated while attempting to get […]

Read more...

Better Vulnerability Management: How to Master Container Security in Three Steps

International Container Cargo ship in the ocean,

By Nate Dyer, Product Marketing Director, Tenable Application containers like Docker have exploded in popularity among IT and development teams across the world. Since its inception in 2013, Docker software has been downloaded 80 billion times and more than 3.5 million applications have been “dockerized” to run in containers. With all the enthusiasm and near-mainstream […]

Read more...