How ChromeOS Dramatically Simplifies Enterprise Security

chrome logo

By Rich Campagna, Chief Marketing Officer, Bitglass Google’s Chromebooks have enjoyed significant adoption in education, but have seen very little interest in the enterprise until recently. According to Gartner’s Peter Firstbrook in Securing Chromebooks in the Enterprise (6 March 2018), a survey of more than 700 respondents showed that nearly half of organizations will definitely purchase or […]

Read more...

What If the Cryptography Underlying the Internet Fell Apart?

By Roberta Faux, Director of Research, Envieta Without the encryption used to secure passwords for logging in to services like Paypal, Gmail, or Facebook, a user is left vulnerable to attack. Online security is becoming fundamental to life in the 21st century. Once quantum computing is achieved, all the secret keys we use to secure […]

Read more...

Surprise Apps in Your CASB PoC

By Rich Campagna, Chief Marketing Officer, Bitglass Barely five years old, the Cloud Access Security Broker (CASB) market is undergoing its second major shift in primary usage. The first CASBs to hit the market way back in 2013-2014 primarily provided visibility into Shadow IT. Interest in that visibility use case quickly waned in favor of data protection (and […]

Read more...

Majority of Australian Data Breaches Caused by Human Error

world map

By Rich Campagna, Chief Marketing Officer, Bitglass It wasn’t long ago that the first breach under the Office of the Australian Information Commissioner’s (OAIC) Privacy Amendment Bill was made public. Now, OAIC is back with their first Quarterly Statistics Report of Notifiable Data Breaches. While the report doesn’t offer much in the way of detail, it does highlight a couple of […]

Read more...

Bitglass Security Spotlight: LinkedIn, Vector, and AWS

man reading newpaper while eating breakfast

By Jacob Serpa, Product Marketing Manager, Bitglass Here are the top cybersecurity stories of recent weeks: —LinkedIn security gap exposes users’ data —Vector app reveals customers’ information —AWS misconfiguration makes LocalBlox user information public —New malware steals data via power lines —Banking apps deemed the most unsecured LinkedIn security gap exposes users’ data LinkedIn’s AutoFill […]

Read more...

Orbitz: Why You Can’t Secure Data in the Dark

By Jacob Serpa, Product Marketing Manager, Bitglass On March 1, 2018, Orbitz discovered that a malicious party may have stolen information from one of its legacy platforms. The compromised platform housed Orbitz customer information such as mailing addresses, phone numbers, email addresses, and full names, as well as details about nearly 900,000 payment cards. This breach highlights the […]

Read more...

baseStriker: Office 365 Security Fails To Secure 100 Million Email Users

By Yoav Nathaniel, Customer Success Manager, Avanan We recently uncovered what may be the largest security flaw in Office 365 since the service was created. Unlike similar attacks that could be learned and blocked, using this vulnerability hackers can completely bypass all of Microsoft’s security, including its advanced services – ATP, Safelinks, etc. The name baseStriker […]

Read more...

One Simple Way to Avoid 57 Percent of Breaches

By Rich Campagna, Chief Marketing Officer, Bitglass I recently caught wind of a survey of 3000 cybersecurity professionals commissioned by ServiceNow and Ponemon. One of the first statistics that jumped out at me? “57% of data breach victims said they were breached due to an unpatched known vulnerability.” That’s bananas! And this massive number of breaches due to […]

Read more...

The Case for CASB: Healthcare

By Rich Campagna, Chief Marketing Officer, Bitglass Over the past couple of years, Cloud Access Security Brokers (CASBs) have gone from a nascent, barely known technology to the de facto standard for secure public cloud enablement in every enterprise vertical. Early on, it’s tough to draw patterns across industries, but once you have a few hundred enterprise deployments […]

Read more...

Are Traditional Security Tools Dead?

By Salim Hafid, Product Marketing Manager, Bitglass When evaluating security options, CISOs and security architects are always looking to the solution that will minimize cost and administrative overhead while maximizing data protection. At the highest levels, enterprises have relied on traditional tools as a means of protecting data over the long term, but as cloud app […]

Read more...

CCSK vs CCSP: An Unbiased Comparison

By Graham Thompson, CCSK, CCSP, CISSP, Authorized Trainer, Intrinsec Security Introduction CCSK vs CCSP–I’m commonly asked two questions whenever someone discovers I’m an instructor for both the Cloud Security Alliance CCSK and (ISC)2 CCSP courses: 1 – “What’s the difference between the two certifications?” 2 – “How hard is the CCSK exam?” … It’s very hard, […]

Read more...

GDPR Is Coming: Will the Industry Be Ready?

GDPR Prep and Challenges report cover

By Jervis Hui, Senior Product Marketing Manager, Netskope With the impending May 25, 2018, date for GDPR compliance coming up, Netskope worked with the Cloud Security Alliance (CSA) to survey IT and security professionals for a recently released report covering GDPR preparation and challenges. According to one of our recent Netskope Cloud Reports, only about 25 […]

Read more...

Imagine a Day Without Safe Cryptography

By Jeffrey Ritter, Visiting Fellow, Kellogg College, University of Oxford Every security professional, at one time or another (or at many times), confronts executive opposition to changing technology. We all know that every innovation in technology requires adaptations in the security services, introducing new costs tied to shifts in equipment, third-party services, and human resources. […]

Read more...

Building a Foundation for Successful Cyber Threat Intelligence Exchange: A New Guide from CSA

By Brian Kelly, Co-chair/Cloud Cyber Incident Sharing Center (CISC) Working Group, and CSO/Rackspace No organization is immune from cyber attack. Malicious actors collaborate with skill and agility, moving from target to target at a breakneck pace. With new attacks spreading from dozens of companies to a few hundred within a matter of days, visibility into […]

Read more...

Speeding the Secure Cloud Adoption Process

By Vinay Patel, Chair, CSA Global Enterprise Advisory Board, and Managing Director, Citigroup Innovators and early adopters have been using cloud for years, taking advantage of the quicker deployment, greater scalability, and cost saving of services. The growth of cloud computing continues to accelerate, offering more solutions with added features and benefits, and with proper […]

Read more...

Cloud Security and Compliance Is a Shared Responsibility

By Gail Coury, Chief Information Security Officer, Oracle Cloud Organizations around the world are ramping up to comply with the European Union’s General Data Protection Regulation (GDPR), which will be enforced beginning on May 25, 2018, and each must have the right people, processes and technology in place to comply or else potentially face litigation and heavy […]

Read more...

The Early Bird Gets the Virus

By Kevin Lee, Systems QA Engineer, Bitglass Most people have heard of the proverb, “The early bird gets the worm.” The part that many haven’t heard is the followup, “But the second mouse gets the cheese.” The latter proverb makes a lot of sense when you apply it to the current state of virus and malware […]

Read more...

Australia’s First OAIC Breach Forecasts Grim GDPR Outcome

By Rich Campagna, Chief Marketing Officer, Bitglass The first breach under the Office of the Australian Information Commissioner’s (OAIC) Privacy Amendment Bill was made public on March 16. While this breach means bad press for the offending party, shipping company Svitzer Australia, more frightening is the grim outcome it forecasts for organizations subject to GDPR regulations, which go into […]

Read more...

CSA Summit at RSA Conference 2018 Turns Its Focus to Enterprise Grade Security: Will you be there?

By J.R. Santos,  Executive Vice President of Research, Cloud Security Alliance Today’s enterprise cloud adoption has moved well beyond the early adopters to encompass a wide range of mission-critical business functions. As financial services, government and other industries with regulatory mandates have made significant steps into the cloud over the past year, it’s only fitting that […]

Read more...