Singapore, May 11, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announced the CSA Continuous Education Initiative, under which it has partnered with the Singapore IT industry to provide complimentary Certificate of Cloud Security Knowledge (CCSK) Learning Management System (LMS) licenses. The partnership will allow IT professionals to continue with their learning during the COVID-19 period.
​
The COVID-19 outbreak has a silver lining amidst the dark clouds; it presents IT professionals who are on Work from Home (WFH) an opportunity to learn more about cloud security and better equip themselves to harness the paradigm when economic activities resume.
​
“During this current crisis, CSA remains committed to expanding and improving the cybersecurity workforce with leading-edge skillsets. Through this initiative, we hope that cybersecurity professionals will benefit from the CSA CCSK course and understand the importance of career planning and skills upgrading in order to strengthen their company’s security posture,” said Dr. Hing-Yan Lee, Executive Vice President, CSA APAC.

Just as clouds in the sky are not static, neither are the urgent security concerns of Cloud computing, this expert says.

​The adoption of cloud computing has come a long way. In 2018, for the first time in history, cloud IT infrastructure revenues surpassed that of traditional IT infrastructure reaching US$16.8 billion, according to IDC.

With the maturing of cloud services and the significant amount of resources cloud service providers (CSPs) have invested into securing their offerings, the Cloud Security Alliance (CSA) has witnessed an ‘upwards shift’ in the prominence of key cloud security issues.

According to a recent report on Top Threats for Cloud Computing, traditional cloud security that falls under the responsibility of CSPs has dropped in terms of importance. Concerns such as denial of service, shared technology vulnerabilities, CSP data loss and system vulnerabilities, all of which were featured in previous reports, are now rated so low that they were excluded from the updated list. Instead, there is a greater need to address security issues situated higher up the technology stack, which are the result of senior management decisions.

Published Wednesday, September 11, 2019
India is among the world’s top three countries when it comes to phishing attacks and malware.

Cloud is the platform for security as a service; which is why leading companies adopt new agile security providers. They invest in foundational cloud security and architecture. They blend commercial security solutions with their own repositories of cloud security tools.

The growing investment in cloud can also be attributed to the fact that many verticals have leapfrogged from 2G to 4G. And now, the country is awaiting 5G, the next transformative wave of growth. The cloud security ecosystem needs to be scaled up. More so as many citizen-related services are being uploaded on to the cloud for smooth operations.

BEIJING, July 5 (Xinhua) -- The Cloud Security Alliance (CSA), an industry group focusing on cloud computing security, will bring its summit to the Beijing Cyber Security Conference (BCSC) in August.

Jim Reavis, chief executive officer of the CSA, said the summit, which will be held outside the United States for the first time, will bring global knowledge sharing.

​"The CSA summit will provide a knowledge transfer of best security practices from governments, businesses and academia from around the world," said Reavis in a recent interview with Xinhua.

Nominate outstanding Individuals, Students and Organisations to vie for the different Awards
 
The Cybersecurity Awards 2018 was a success in so many ways. Backed by the Cybersecurity Agency of Singapore (CSA), the awards brought recognition to individuals and enterprises whose contributions to Singapore’s cybersecurity ecosystem have been remarkably inspiring and truly exceptional.

This year, the Association of Information Security Professionals (AiSP) is taking the awards to a new level, expanding The Cybersecurity Awards 2019 to include the inaugural Cybersecurity Regional Awards 2019. The two seek to honour outstanding contributions to local and regional cybersecurity ecosystems, respectively.

The first international research report to define technical requirements for cloud OS security specifications and addresses their importance

​SINGAPORE – May 8, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released its latest research report, Cloud Operating System (OS) Security Specification. The whitepaper, announced at the annual CSA APAC Summit held in Singapore today, aims to define the technical requirements of cloud OS security specifications, specifically the security functions and requirements (e.g. network, virtualization, data and management security) needed to maintain the smooth operation of the system, protect the data in the cloud, and provide secure and trusted cloud computing services to the cloud service customer. 

The Cloud Security Alliance Cloud Controls Matrix (CCM) provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains. The foundations of the CSA CCM rest on its customized relationship to other industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001/27002, ISACA COBIT, PCI, NIST, Jericho Forum and NERC CIP and will augment or provide internal control direction for service attestations and control reports provided by cloud providers.

As a framework, the CSA CCM provides organizations with the needed structure, detail, and clarity relating to information security tailored to the cloud industry. The CSA CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.

Singapore – November 26, 2018 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, is pleased to announce that the international standard ISO/IEC 21878 – Security Guidelines for Design and Implementation of Virtualized Servers has been published as of November 2018 .
​
The purpose of this document is to provide security guidelines for the design and implementation of virtual servers (VSs). Design considerations focusing on identifying and mitigating risks, and implementation recommendations with respect to typical VSs are covered in this document.

“This publication of ISO/IEC 21878 reinforces Singapore as one of the leading countries in Asia Pacific on the cutting edge of developing best practices for the cloud ecosystem. CSA APAC will continue to work closely with APAC countries to demonstrate standardization and technical expertise at the international level.” said Dr. Hing-Yan Lee, Executive Vice President for Asia Pacific, CSA.

This was a result of a joint project formalized in June 2013 between CSA and SPRING Singapore (now Enterprise Singapore) to integrate Singapore’s TR 30 : 2012 – Virtualization Security for Servers and CSA’s Cloud Controls Matrix into a CSA whitepaper. The whitepaper titled ‘Best Practices for Mitigating Risks in Virtualized Environment’ was published in April 2015, and was subsequently submitted in the same year as an input document to ISO to help steer international standardization efforts.