News

News

• July 18, 2014 18 Jul'14

  CSA releases new Cloud Controls Matrix and CAIQ standards

  The Cloud Security Alliance has updated its Cloud Controls Matrix (CCM) and Consensus Assessments Questionnaire (CAIQ) to help enterprises standardize cloud provider security assessments.

• July 15, 2014 15 Jul'14

  Verizon unveils cloud-based WAF

  Verizon bolstered its cloud security presence with a new web application firewall. The cloud-based WAF puts the telecom giant in the growing cloud firewall market with Akamai, Imperva and others.

• July 15, 2014 15 Jul'14

  Old AWS API key led to search provider's cloud security breach

  Exclusive: The co-founder of One More Cloud explains how an old AWS API key was used to take down the company's services, and the hard lessons learned.

• July 14, 2014 14 Jul'14

  Cloud malware analysis a must-have for advanced threat protection

  Cloud-based malware analysis is becoming a must-have feature for both established and upstart advanced threat protection vendors.

• May 30, 2014 30 May'14

  On cloud security management, security teams must be trusted advisers

  Security pros say infosec teams must be proactive on cloud security management to reduce risk related to rapid growth in enterprise cloud computing.

• May 29, 2014 29 May'14

  As FedRAMP deadline nears, slow approvals leave CSPs in the queue

  The consequences for cloud service providers missing the FedRAMP deadline remain unclear, though experts say those in the queue are in good shape.

• May 07, 2014 07 May'14

  Cloud security policy exceptions thwart rogue usage controls

  A Netskope report shows a flood of cloud security policy exceptions commonly thwart rogue cloud app security controls.

• April 25, 2014 25 Apr'14

  Report: Gap between on-premises and cloud attacks closing

  A new report shows the volume of cloud attacks is rising, as attack types traditionally associated with on-premises environments migrate with users.

• April 01, 2014 01 Apr'14

  Cloud attacks sneak past gap between enterprises and providers

  Emerging cloud attacks threaten cloud data security by exploiting the gap between enterprise controls and provider transparency.

• March 04, 2014 04 Mar'14

  On cloud data security validation, providers offer few promises

  Until a common cloud provider assessment paradigm is agreed upon, experts say enterprises will be left wanting on cloud data security validation.

• February 25, 2014 25 Feb'14

  For BYOD-SaaS security, consider established IT security controls

  Panelists at the Cloud Security Alliance Summit assert that federated identity and gateways, hardly new technologies, are best for BYOD-SaaS security.

• January 22, 2014 22 Jan'14

  A legal analysis of the updated EU General Data Protection Regulation

  The updated EU General Data Protection Regulation raises breach penalties for enterprises operating in the EU. Attorney Francois Gilbert explains.

• December 19, 2013 19 Dec'13

  CSA Cloud Trust Protocol working group to foster cloud transparency

  The Cloud Security Alliance hopes Cloud Trust Protocol will boost cloud transparency by automating customer requests for cloud provider security data.

• December 10, 2013 10 Dec'13

  Q&A: Jim Reavis recaps news from Cloud Security Alliance Congress 2013

  Video: CSA CEO Jim Reavis recaps the 2013 Cloud Security Alliance Congress, including its SAFECode partnership and Software Defined Perimeter effort.

• December 09, 2013 09 Dec'13

  Expert: Security automation can thwart attacks on cloud computing

  Nation-states are turning their attacks toward the cloud. One expert explains why he believes security automation is the only viable defense tactic.