CAIQ V3 Updates

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services, providing security control transparency. It provides a set of Yes/No questions a cloud consumer and cloud auditor may […]

Read more...

The Four Pillars of CASB: Data Protection

By Will Houcheime, Product Marketing Manager, Bitglass In this blog series, we discuss the key capabilities of cloud access security brokers (CASBs), and why organizations are turning to them as they migrate to the cloud. One of the four pillars of CASBs is data protection, which focuses on securing all information going back and forth from any […]

Read more...

Open API Survey Report

By the Open API CSA Working Group Cloud Security Alliance completed its first-ever Open API Survey Report, in an effort to see exactly where the industry stood on the knowledge surrounding Open APIs as well as how business professionals and consumers were utilizing them day to day. The key traits taken from the survey will […]

Read more...

Cloud Security Roadmap for 2019 & Beyond

By Amélie Darchicourt, Product Marketing Manager, ExtraHop How to succeed under the shared responsibility model Cloud security is an evolving space where consumers and vendors must innovate quickly, not only to outpace attackers, but also to support rapid development while minimizing the risks presented by misconfiguration and other forms of user error. Your best bet […]

Read more...

What Executives Should Know About the Capital One Breach

This article was originally published on Fugue’s blog here. By Phillip Merrick, CEO of Fugue Most enterprises are already using public cloud computing services at scale or are planning to adopt the cloud soon. As an executive, chances are you’re paying attention to the Capital One data breach and wondering how this event should impact your […]

Read more...

How to Share the Security Responsibility Between the CSP and Customer

By Dr. Kai Chen, Chief Security Technology Officer, Consumer BG, Huawei Technologies Co. Ltd. The behemoths of cloud service providers (CSPs) have released shared security responsibility related papers and articles, explaining their roles and responsibilities in cloud provisioning. Although they share similar concepts, in reality, there are different interpretations and implementations among CSPs. While there […]

Read more...

Security Spotlight: iPhones Susceptible to a Hack via Text

By Juan Lugo, Product Marketing Manager at Bitglass Here are the top stories of recent weeks:   iPhones Susceptible to a Hack via Text Democratic Senate campaign group exposed emails of 6.2 million Americans State Farm says Hackers Successfully Conducted a Credentials Stuffing Attack 96 Million Stream Gamers Susceptible to Breach Bluetooth Security Vulnerability Exposes Millions Of […]

Read more...

Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis

By Greg Jensen, Sr. Principal Director – Security Cloud Business Group, Oracle For the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on how they can work to implement new strategies to defend against […]

Read more...

The Cloud in the Fight Against Cyber-Bullying

By the Cybersecurity International Institute (CSI) Learn about the upcoming innovative social project on Cyber-bullying using a cloud platform. The CSI Institute (Cybersecurity International Institute) is a non-governmental and not-for-profit organization. Our goal is to contribute to the information, education, and, overall practical awareness of citizens in new technologies, online safety, and cybersecurity issues.  In […]

Read more...

CCM v3.0.1. Update for AICPA, NIST and FedRAMP Mappings

Victor Chin and Lefteris Skoutaris, Research Analysts, CSA The CSA Cloud Controls Matrix (CCM) Working Group is glad to announce the new update to the CCM v3.0.1. This minor update will incorporate the following mappings: Association of International Certified Professional Accountants (AICPA) Trust Services Criteria (TSC) 2017 National Institute of Standards and Technology (NIST) 800-53 […]

Read more...

Quantum Technology Captures Headlines in the Wall Street Journal

By the Quantum-Safe Security Working Group Last month, we celebrated the 50th anniversary of the Apollo 11 moon landing. Apollo, which captured the imagination of the whole world, epitomizes the necessity for government involvement in long term, big science projects. What started as a fierce race between the USA and the USSR at the apex of […]

Read more...