Data drives business and better data delivered faster drives competitive advantage. Of course, this valuable data must be protected and secured throughout its lifecycle. However, enterprises manage and secure data in chaotic and messy ways. How can enterprises improve data security while streamlining data access at the same time? The answer: this challenge can only be met by moving to a data-centric security model AND cooperation between the d...

Modern attacks like ransomware and supply chain attacks can start from anywhere in the kill chain – endpoints, identities or cloud workloads. Zero Trust, if deployed correctly, can be the answer to increasing real-time security coverage and reducing the attack surface in the hybrid enterprise. However, with the rapidly evolving adversarial tactics and techniques behind modern attacks, organizations need to not only operationalize Zero Tr...

Unique in that it is one of the few cloud-centric events in the entire world. After spending two days with your fellow security professionals you will be better equipped to make an immediate impact on the security of your company or organization. We want every organization to be in a better place from a Cloud security knowledge standpoint on July 25th than they were on July 20th. More importantly, we want everyone to get to know each other bet...

The ISACA GWDC and the DC Chapter of the Cloud Security Alliance are hosting a conference on Security and Compliance in a Cloud-Connected Enterprise. Organizations need to modernize their technology investments to move at the speed of business. As such, new cloud-based applications are being both developed and integrated into heavily regulated environments. This mix of on-premise infrastructure which is wholly owned by the enterprise coupled w...

As organizations continue to scale their cloud adoption, teams struggle to enforce governance policies consistently, so they meet regulatory requirements and avoid potential breaches. Further, they find it even more difficult to address these governance requirements without impeding development productivity. Cloud Governance as Code is a new paradigm that enables organizations to use code to manage and automate various aspects of governance, i...

Implemented correctly, a Zero Trust architecture / strategy / approach to Information Technology, and the architecture that supports it, has the potential to provide a simpler, more secure, more flexible environment for an organization to do business. The advent of Zero Trust should be regarded as an opportunity to better align IT with an organization’s business strategy. The whole purpose of modern networked computing is to facilitate c...

AttackIQ’s alignment to the MITRE ATT&CK® framework and our deep partnership with MITRE Engenuity’s Center for Threat-Informed Defense set us apart from the pack when it comes to adversary emulation. Through cutting-edge research informed by the best minds in cybersecurity, AttackIQ helps you achieve comprehensive cybersecurity readiness through realistic and specific adversary emulations. We bring the deepest library of MI...

Looking ahead at the important trends in cloud and cybersecurity for the coming year, CSA will be hosting a special event showcasing the research projects that will come to define cloud security. 2022 is commencing with cloud finally entrenched as the primary IT system worldwide and cloud security now the foundation of cybersecurity programs. The CSA Research Summit will provide the latest updates in new and existing research projects, providi...

This webinar provides case study analyses for The Egregious 11: Top Threats to Cloud Computing white paper and a relative security industry breach analysis. Using nine actual attacks and breaches, including a major financial services company, a leading enterprise video communications firm, and a multinational grocery chain for its foundation, this webinar connects the dots between the CSA Top Threats in terms of security analysis.

Multicloud is inevitable. In fact, it’s likely you’re already using different clouds like AWS, Google Cloud, and Azure for various functions. But, how do you address risk and ensure proper security practices across all of your cloud accounts and deployments? In this session, we’ll look at best practices for secure DevOps across multiple clouds. We’ll take a comprehensive look at your lifecycle from authentication and in...