IT Sales in the Age of the Cloud

By Mathias Widler, Regional Sales Director, Zscaler The cloud is associated not only with a change in corporate structures, but also a transformation of the channel and even sales itself. Cloudification makes it necessary for sales negotiations to be held with decision-makers in different departments and time zones, with different cultural backgrounds and in different […]

Read more...

Days of Our Stolen Identity: The Equifax Soap Opera

By Kate Donofrio, Senior Associate, Schellman & Co. The Equifax saga continues like a soap opera, Days of Our Stolen Identity.  Every time it appears the Equifax drama is ending, a new report surfaces confirming additional security issues. On Thursday, September 12, NPR reported that Equifax took down their website this time based on an issue […]

Read more...

What’s New with the Treacherous 12?

By the CSA Top Threats Working Group In 2016, the CSA Top Threats Working Group published the Treacherous 12: Top Threats to Cloud Computing, which expounds on 12 categories of security issues that are relevant to cloud environments. The 12 security issues were determined by a survey of 271 respondents. Following the publication of that document, […]

Read more...

CSA Releases Minor Update to CCM, CAIQ

By the CSA Research Team The Cloud Security Alliance has released a minor update for the Cloud Control Matrix (CCM) and the Consensus Assessment Initiative Questionnaire (CAIQ) v3.0.1. This update incorporates mappings to Shared Assessments 2017 Agreed Upon Procedures (AUP), PCI DSS v3.2, CIS-AWS-Foundation v1.1, HITRUST CSF v8.1, NZISM v2.5. The Cloud Security Alliance would […]

Read more...

The GDPR and Personal Data…HELP!

By Chris Lippert, Senior Associate, Schellman & Co. With the General Data Protection Regulation (GDPR) becoming effective May 25, 2018, organizations (or rather, organisations) seem to be stressing a bit. Most we speak with are asking, “where do we even start?” or “what is included as personal data under the GDPR?” It is safe to say […]

Read more...

Webinar: How Threat Intelligence Sharing Can Help You Stay Ahead of Attacks

By Lianna Catino, Communications Manager, TruSTAR Technology According to a recent Ponemon Institute survey of more than 1,000 security practitioners, 84 percent say threat intelligence is “essential to a strong security posture,” but the data is too voluminous and complex to be actionable. Enter the CloudCISC Working Group. Powered by TruSTAR’s threat intelligence platform, more than […]

Read more...

Improving Metrics in Cyber Resiliency: A Study from CSA

By  Dr. Senthil Arul, Lead Author, Improving Metrics in Cyber Resiliency With the growth in cloud computing, businesses rely on the network to access information about operational assets being stored away from the local server. Decoupling information assets from other operational assets could result in poor operational resiliency if the cloud is compromised. Therefore, to keep the […]

Read more...

Security Needs Vs. Business Strategy – Finding a Common Ground

By Yael Nishry, Vice President of Business Development, Vaultive Even before cloud adoption became mainstream, it wasn’t uncommon for IT security needs to conflict with both business strategy and end user preferences. Almost everyone with a background in security has found themselves in the awkward position of having to advise on going against a technology […]

Read more...

Ransomware Explained

By Ryan Hunt, PR and Content Manager, SingleHop How it Works  —  Plus Tips for Prevention & Recovery Ransomware attacks — a type of malware (a.ka. malicious software) — are proliferating around the globe at a blistering pace. In Q1 2017, a new specimen emerged every 4.2 seconds!* What makes ransomware a go-to mechanism for cyber attackers? The […]

Read more...

Is the Cloud Moving Too Fast for Security?

By Doug Lane, Vice President/Product Marketing, Vaultive In February 2017, a vulnerability in Slack was discovered which had the potential to expose the data of the company’s reported four million daily active users. Another breach in February on CloudFlare, a content delivery network, leaked sensitive customer data stored by millions of websites powered by the company. […]

Read more...

Patch Me If You Can

By Yogi Chandiramani, Technical Director/EMEA, Zscaler In May, the worldwide WannaCry attack infected more than 200,000 workstations. A month later, just as organizations were regaining their footing, we saw another ransomware attack, which impacted businesses in more than 65 countries. What have we learned about these attacks? Compromises/infections can happen no matter what types of […]

Read more...

Cyberattacks Are Here: Security Lessons from Jon Snow, White Walkers & Others from Game of Thrones

An analysis of Game of Thrones characters as cyber threats to your enterprise. By Virginia Satrom, Senior Public Relations Specialist, Forcepoint As most of you have probably seen, we recently announced our new human point brand campaign. Put simply, we are leading the way in making security not just a technology issue, but a human-centric one. In light […]

Read more...

Locking-in the Cloud: Seven Best Practices for AWS

By Sekhar Sarukkai, Co-founder and Chief Scientist, Skyhigh Networks With the voter information of 198 million Americans exposed to the public, the Deep Root Analytics leak brought cloud security to the forefront. The voter data was stored in an AWS S3 bucket with minimal protection. In fact, the only level of security that separated the data from […]

Read more...

Crank Up Your Cloud Security Knowledge with These Upcoming Webinars

By Hillary Barron, Research Analyst and CloudBytes Program Manager, Cloud Security Alliance Whether you’re trying to make the move to cloud while managing an outdated endpoint backup, attempting to figure out how to overcome the challenges pertaining to developing and deploying security automation, or determining how and why you should build an insider threat program CSA […]

Read more...

Who Touched My Data?

You don’t know what you don’t know By Yael Nishry, Vice President of Business Development, Vaultive, and Arthur van der Wees, Founder and Managing Director, Arthur’s Legal Ransomware IT teams generally use encryption to enable better security and data protection. However, in the hands of malicious parties, encryption can be utilized as a tool to […]

Read more...

My Second Attempt at Explaining Blockchain to My Wife

I tried explaining blockchain to my wife and here’s what happened… By Antony Ma, CTO/PowerData2Go, Founding Chairman/CSA Hong Kong and Macau Chapter, and Board Member/CSA Singapore Chapter I introduced my wife to Python around nine months ago, and now she’s tinkering and has drawn a tortoise on her MacBook. After spending more time on geeky websites, she […]

Read more...

Office 365 Deployment: Research Suggests Companies Need to “Think Different”

Survey shows what companies expected and what they found out By Atri Chatterjee, Chief Marketing Officer, Zscaler It’s been six years since Microsoft introduced Office 365, the cloud version of the most widely used productivity software suite. In those years, Office 365 has earned its place as the fastest-growing cloud-delivered application suite, with more than 85 […]

Read more...