Close
Just did the CCSP exam

(update: I passed!) Yesterday I took the CCSP exam. Certified Cloud Security Professional is the new certification launched by ISC2, and is supposed to be complementary to CCSK. I must have been one of the first, as it only opened last Tuesday. I think I did pretty well, but my results won’t be available for the […]

Read More
Risks of virtualization in public and private clouds

Server virtualization is one of the cornerstone technologies of the cloud. The ability to create multiple virtual servers that can run any operating system on a single physical server has a lot of advantages. These advantages can appear in public Infrastructure as a Service (IaaS) as well as in private clouds. However, it also brings […]

Read More
Basic cloud risk assessment

You should worry about the risks of cloud computing. But don’t get too scared. With a few simple steps you can easily get a basic understanding of your risks in the cloud and even have a good start in managing these risks. If you are a large corporation in a regulated industry, a cloud risk […]

Read More
Encrypting your cloud data for extra protection

Encrypting data is one of the best ways of protecting your data as it moves to the cloud. The only thing better than encrypting your data, is not storing your data at all. Let’s first look at the case of using file sharing applications such as Dropbox. If you are the only user of the […]

Read More
The fun parts of cloud training

The pivotal moment must have been at the end of the first day, as we were sipping a beer on the roadside terrace. But more on that later. Last week I concluded my 35th CCSK training. It was great fun, and more importantly, my participants had great fun too. And we could walk everywhere. An […]

Read More
Look at cloud value first; only then look at risk

The most important challenge businesses encounter when it comes to adopting the cloud isn’t security. Yes, security is important; and it’s certainly true that cloud computing introduces new risks, but almost all risks can be adequately catered for. However, that doesn’t happen all the time, and that’s when expensive errors occur. Recently, I heard from […]

Read More
Top 8 cloud risks according to ENISA

Does security in the cloud ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and identified 35 […]

Read More
Simple SaaS security tips

Most people and companies are now using a significant amount of SaaS solutions. Companies are running sales support software, file sharing, collaboration, e-mail and a lot more in the cloud. But that usage also leads to concerns about the security of those solutions. How safe are they? What risks do we run? Here are a […]

Read More
New cloud security certification CCSP to complement CCSK

Cloud security certification is getting a new dimension. (Update: I wrote a brief comparison of CCSP versus CCSK). In 2015 the Cloud Security Alliance and (ISC)2 announced a new cloud security certification: Certified Cloud Security Professional or CCSP for short. Read the official announcement here and here. CCSP is supposed to be a more extensive certification […]

Read More
Cloud Roadmap for Banks

A few days ago I did a webinar titled: How Banks Can Speed Products To Market Through Systematic Selection And Approval Of Cloud Services The Cloud Security Alliance recently published a service on the adoption of cloud in the financial services industry. In this webinar  I analyse that report, and put it in the context […]

Read More