Cloud Security Alliance (CSA)

Areas of expertise:
The Cloud Security Alliance comprises many subject matter experts from a wide variety of disciplines, united in our objectives: to promote a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance; to promote independent research into best practices for cloud computing security; to launch awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions; and to create consensus lists of issues and guidance for cloud security assurance.

Biography:
The Cloud Security Alliance (CSA) is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.

Tag Cloud

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

All Bloggers » Cloud Security Alliance (Csa)
0
comments
By Dan Dagnall Federation is definitely a hot topic these days, with NSTIC attempting to create an identity ecosystem, InCommon continuing to build its service-provider federation, and state-level initiatives gearing up (some are already operational) to provide federated identity services to four-y ...
Posted 09 January 2014 by Cloud Security Alliance (CSA)
0
comments
Seeing Through the Clouds
By TK Keanini The economics of cyber-attacks have changed over the years. Fifteen years ago, it was all about network penetration, but today advanced attackers are more concerned about being detected. Similarly, good bank robbers are concerned about breaking into the bank, but great bank robbers ha ...
Posted 20 November 2013 by Cloud Security Alliance (CSA)
0
comments
By Jonathan Gohstand The increasingly global nature of business requires companies to collaborate more and more across borders, exchanging all manner of documents: contracts, engineering documents and other intellectual property, customer lists, marketing programs and materials, and so on. Unfortun ...
Posted 20 November 2013 by Cloud Security Alliance (CSA)
0
comments
By V.Jay LaRosa While listening to one of my favorite podcasts about two months ago, I heard a quote from a man named William Gibson that really resonated with me. He said, "The future is here already, it's just not evenly distributed". As I was driving along continuing to listen, it real ...
Posted 18 November 2013 by Cloud Security Alliance (CSA)
1
comment
By Gavin Hill Secure Shell (SSH) is the de facto protocol used by millions to authenticate to workloads running in the cloud and transfer data securely. Even more SSH sessions are established automatically between systems, allowing those systems to securely transfer data without human intervention. ...
Posted 30 October 2013 by Cloud Security Alliance (CSA)
0
comments
Patching the Perpetual MD5 Vulnerability
By Gavin Hill Earlier this month, Microsoft updated the security advisory that deprecates the use of MD5 hash algorithms for certificates issued by certification authorities (CA) in the Microsoft root certificate program. The patch has been released so that administrators can test its impact before ...
Posted 18 October 2013 by Cloud Security Alliance (CSA)
0
comments
By Gavin Hill For years, cybercriminals have been taking advantage of the blind trust organizations and users place in cryptographic keys and digital certificates. Only now are vendors starting to respond to the use of keys and certificates as an attack vector. In late August, for example, Google ...
Posted 18 October 2013 by Cloud Security Alliance (CSA)
0
comments
By Harold Byun Cybercriminals are clever and know how to evolve – you’ve got to give them that. They’ve proven this once again with their latest cyber-attack strategy, the Watering Hole Attack, which leverages cloud services to help gain access to even the most secure and sophisti ...
Posted 23 September 2013 by Cloud Security Alliance (CSA)
1
comment
By Kamal Shah Given the recent influx of cybersecurity attacks and the hubbub about the National Security Agency’s PRISM program, there is lot of talk about the importance of encryption to protect corporate data in the cloud. (PRISM is a clandestine data mining operation authorized by the US ...
Posted 03 September 2013 by Cloud Security Alliance (CSA)
0
comments
By Kamal Shah Cloud services are here to stay, and practically everybody is embracing them. In fact, the cloud computing industry is growing at the torrid pace of nearly 30% per year right now, according to Pike Research. Certainly healthcare service providers are getting on the cloud services ban ...
Posted 14 August 2013 by Cloud Security Alliance (CSA)
0
comments
IT Opportunities Surrounding Shadow IT
By Kamal Shah The magnitude of Shadow IT is significant and growing. Gartner has predicted that a full 35% of IT spending will take place outside of IT by 2015 – just 18 months away. By the end of the decade, that figure will hit 90%. CIOs, CISOs and members of an organization’s s ...
Posted 27 June 2013 by Cloud Security Alliance (CSA)
0
comments
By Merritt Maxim We continue to hear about how cloud, mobility and the consumerization of IT has the potential to transform business. However, the ongoing hype around these trends may lead some to believe that these trends require an “all or none” approach. This can create conflicts a ...
Posted 10 June 2013 by Cloud Security Alliance (CSA)
0
comments
By Andrew Wild When we see images from natural disasters like Hurricane Sandy of flooded neighborhoods, downed power lines and destroyed homes the first concern, of course, is for the safety of the people. But as a chief security officer I also think about how disasters affect companies and the vit ...
Posted 10 June 2013 by Cloud Security Alliance (CSA)
0
comments
By Kurt Johnson Ever since the cloud sprung up to the top of every IT discussion, the issue of cloud security was right alongside it. Let’s face it, enterprise security has never been easy, and the rapidly expanding use of software in the cloud has added layers of complexity – and risk ...
Posted 05 June 2013 by Cloud Security Alliance (CSA)
0
comments
By David Canellos While the Internet of Things is not a new concept (Kevin Ashton first coined the term in 1999 to describe how the internet is connected to the physical world), it is just now becoming a reality due to some major shifts in technology. According to ABI Research, more than 5B wirele ...
Posted 05 June 2013 by Cloud Security Alliance (CSA)
0
comments
By David Baker With the growing movement of enterprises to the cloud, it’s more important than ever that service providers demonstrate and prove good security practices to their customers, in good times and in bad. During an incident, how a cloud provider communicates to its customers says a ...
Posted 21 May 2013 by Cloud Security Alliance (CSA)
0
comments
By Mark O’Neill Most people have used the Facebook, Twitter, or Google Apps buttons located on websites to log into third-party services. This approach is useful within consumer IT as it enables the user to access various services via their own Facebook, Twitter or Google Apps passwords witho ...
Posted 15 May 2013 by Cloud Security Alliance (CSA)
0
comments
By Wolfgang Kandek It is common belief that buying more robust and expensive security products will offer the best protection from computer-based attacks; that ultimately the expenditure pays off by preventing data theft. According to Gartner, more than $50 billion is spent annually on security inf ...
Posted 30 April 2013 by Cloud Security Alliance (CSA)
0
comments
By Dan Dagnall As BYOD and other mobile device related initiatives take hold, sooner rather than later, identity management will once again be considered as an enforcement mechanism; and rightly it should. Identity and access management (IAM) has grown up over the years. Its early beginnings were ...
Posted 30 April 2013 by Cloud Security Alliance (CSA)
0
comments
By Gerry Grealish Earlier this year, McKinsey & Company released an article titled “Protecting information in the cloud,” discussing the increased use of cloud computing by enterprises across several industries and the benefits and risks associated with cloud usage. The article reco ...
Posted 26 April 2013 by Cloud Security Alliance (CSA)
Showing 1 - 20 of 98 blogs
View the RSS feed for this blog »
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×