Cloud adopters still struggling to see what shadow-IT users are doing
Businesses trust the security of cloud providers but many have no way of confirming it
David Braue | 18 Aug | Read more
Businesses trust the security of cloud providers but many have no way of confirming it
David Braue | 18 Aug | Read more
The RSA security conference in the US was on, bringing information-security professionals from around the globe – and pundits onto the stage (check out our photo gallery here). The head of RSA told security professionals they needed to get rid of old mindsets when considering security, while an expert panel concluded that giving encryption keys to the US National Security Agency (NSA) was a bad idea; other experts said a proposed key-escrow plan it just wouldn't work.
David Braue | 27 Apr | Read more
When the Cloud Security Alliance (CSA) launched in 2008, the questions around cloud computing centered around whether cloud was secure enough to be trusted, how it could be managed securely and in such a way as to keep regulators happy. There was also plenty of talk about whether cloud would fully displace traditional enterprise data centers.
George V. Hulme | 22 Apr | Read more
President Barack Obama previewed a new data breach notification law today in a speech to the Federal Trade Commission, which will set a 30-day deadline for notifications.
Maria Korolov | 14 Jan | Read more
Only 8 percent of companies know the scope of shadow IT at their organizations, according to a new survey by the Cloud Security Alliance.
Maria Korolov | 14 Jan | Read more
Web hosting centers around the world are being compromised by cyber-criminals that use them to launch major attacks against business and government, says Cisco in its annual security report. This threat really gained full steam last year, the company says.
Ellen Messmer | 16 Jan | Read more
Cloud-based services are still often seen as too risky for sensitive information. Take the case at Kingsport, Tenn.-based Eastman Chemical Company, which said "no" to the cloud when designing its new crisis communications system.
Ellen Messmer | 02 Jan | Read more
Microsoft has plugged a vulnerability in Microsoft Office 365 that would have let attackers grab user identities and steal email and documents, according to Adallom, the security vendor that says it discovered the problem.
Ellen Messmer | 10 Dec | Read more
The Cloud Security Alliance (CSA) is putting forward an innovative encryption-based security architecture for software-defined networks and cloud environments that draws some of its inspiration from high-security networks used by the U.S. Department of Defense and intelligence agencies.
Ellen Messmer | 06 Dec | Read more
The problem with IT security professionals is they spend too much time stopping business people from trying new things, including cloud services, out of worries about risk when they should really be working directly with business managers to help them innovate by means of security.
Ellen Messmer | 05 Dec | Read more
Distributed denial-of-service attacks against financial firms and other industries have been mounting, so today the Cloud Security Alliance (CSA) announced it is establishing the Anti-Bot Working Group to help fight this threat.
Ellen Messmer | 05 Dec | Read more
Microsoft today pushed back once again against the idea that it's giving the National Security Agency (NSA) carte blanche access to its cloud-based services, an allegation that's cropped up in media reports since the revelations from former NSA contractor Edward Snowden began last June.
Ellen Messmer | 04 Dec | Read more
The Cloud Security Alliance has updated its Cloud Control Matrix (CCM), which is designed to help organizations vet the security credentials of cloud service providers.
Brandon Butler | 30 Sep | Read more
KeyNexus, a division of Dark Matter Labs, today announced a secure encryption key-management service that lets organizations store, manage and audit the encryption keys they use in the cloud.
Ellen Messmer | 09 Sep | Read more
Non-U.S. clients of American cloud hosting companies are clearly rattled by revelations that the U.S. National Security Agency collects huge amounts of customer data from Internet Service Providers and telecommunication companies.
Jaikumar Vijayan | 23 Jul | Read more