Circle
Events
Blog

All Articles

All Articles
Registration Now Open for CxO Trust Summit at Cloud Security Alliance SECtember

Press Release Published: 05/18/2022

Exclusive event to feature keynote presentations, networking opportunities, panel discussions, participation in three-phase attack scenarioSEATTLE – May 18, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practice...

Introducing Data Security Posture Management (DSPM) Platform

Blog Published: 05/18/2022

This blog was originally published by Polar Security here. Written by Nimrod Iny, Polar Security. You’re a cloud-based company, your entire business model relies on cloud data and your cloud environment is VERY precious to you, correct? That’s why you invest all of your resources into protecting ...

Breaking The Chain: Are You The Unintended Victim Of A Supply Chain Attack?

Blog Published: 05/17/2022

This blog was originally published by Lookout here. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. We’ve heard a lot about “supply chains” of various industries over the past couple of years, and the cybersecurity sector is no exception. When Colonial Pipeline was compr...

Threat Activity Cluster #1: Mint

Blog Published: 05/17/2022

This blog was originally published by Alert Logic on March 22, 2022. Written by Josh Davies and Gareth Protheroe, Alert Logic. Before diving into this first Ice Cream activity cluster, be sure to read the series introduction here. Our first activity cluster is known as Mint. This is a flavor ...

Cloud Security Alliance Issues Guide to Utilizing High Performance Computing

Press Release Published: 05/17/2022

Report provides a starting point for the proper selection, design, and implementation of an HPC solutionSEATTLE – May 17, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud co...

How to Architect for Sustainability in a Cloud Native Environment

Blog Published: 05/16/2022

This blog was originally published by Contino here. Written by Scott McCracken, Contino. Recognising the impact we have on the environment is more important than ever and ensuring our businesses are sustainable is now paramount. Over the last year, more and more organisations have signed up to Th...

Basic Principles in Designing an Education and Upskilling Strategy

Blog Published: 05/16/2022

This blog was originally published by CXO REvolutionaries here. Written by Greg Simpson, Chief Technology Officer (retired), Synchrony.One of the oldest cliches about business is that the only constant is change. And while we’ve all heard that one too many times, it is, like many cliches, fundame...

101 Guide on Cloud Security Architecture for Enterprises

Blog Published: 05/14/2022

Based on the CSA Enterprise Architecture Reference Guide and the CSA Security Guidance v4.Cloud security is cybersecurity. As cloud adoption grows, it has also become the basis for new ways of organizing compute, such as containerization and DevOps, which are inseparable from the cloud.In this bl...

CCSK Success Stories: From the Managing Director

Blog Published: 05/13/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Fighting Ransomware in the Cloud

Blog Published: 05/13/2022

The CSA Security Update podcast is hosted by John DiMaria, CSA Assurance Investigatory Fellow, and explores the STAR Program, CSA best practices, research, and associated technologies and tools. This blog is part of a series where we edit key CSA Security Update episodes into shorter Q&As. In...

Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

Blog Published: 05/12/2022

This blog was originally published by Orca Security on May 9, 2022. Written by Avi Shua, Orca Security. TL;DROrca Security is issuing this security advisory for CVE-2022-29972 to address hazards in the use of the Microsoft Azure Synapse service. We believe the tenant separation in this service is...

Cloud Security Alliance Issues Best Practices for Healthcare Delivery Organizations (HDO) to Mitigate Supply Chain Cyber Risks

Press Release Published: 05/12/2022

HDOs must take a multidisciplinary approach that includes criteria for supplier evaluation, risk management, risk treatment, and monitoring and responseSEATTLE – May 12, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and...

PCI DSS Version 4.0: Responding to Sensitive Data Discovery Incidents

Blog Published: 05/12/2022

This blog was originally published by PKWARE here. Written by Marc Punzirudu, Field CTO, PKWARE. At the end of March, the PCI Standards Security Council (PCI SSC) publicly released the most recent update to the PCI Data Security Standards (DSS), version 4.0. While much speculation has occurred ...

Google Cloud CISO Phil Venables to Keynote Cloud Security Alliance’s SECtember

Press Release Published: 05/12/2022

Targeted sessions and state-of-the-art educational activities at this year's event provide a deep awareness of today’s most pressing strategic cloud, cybersecurity issuesSEATTLE – May 12, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, c...

SSE: The MVP of The Cybersecurity Mesh Architecture

Blog Published: 05/12/2022

This blog was originally published by Axis Security here. Overtime IT has adopted a number of siloed security services. These services work adjacent to one another, rather than WITH one another. As you would’ve guessed, this increases complexity and decreases efficiency. This is why we must do aw...

SAP Security Patch Day April 2022: In Focus: Spring4Shell and SAP MII

Blog Published: 05/11/2022

This blog was originally published by Onapsis here. Written by Thomas Fritsch, Onapsis. Highlights of April SAP Security Notes analysis include:April Summary - 35 new and updated SAP security patches released, including six HotNews Notes and six High Priority Notes. SAP affected by Spring4Shell -...

Threat Activity Clusters: Project Ice Cream

Blog Published: 05/11/2022

This blog was originally published by Alert Logic here. Written by Josh Davies, Product Manager, Alert Logic. The Challenge Continuously hunting for the latest and emerging threats and campaigns requires dedicated SOC analysts, data scientists, and security researchers. This human led pro...

Threat Detection Software: A Deep Dive

Blog Published: 05/10/2022

This blog was originally published by Panther here. Written by Mark Stone, Panther. As the threat landscape evolves and multiplies with more advanced attacks than ever, defending against these modern cyber threats is a monumental challenge for almost any organization. Threat detection is about an...

Container Security Best Practices

Blog Published: 05/10/2022

This blog was originally published by Sysdig here. Written by Álvaro Iradier, Sysdig. Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences.According to the 2020 CNFC Survey, 92 ...

Why Machine Identity Management Has Become a Critical Priority for Organizations

Blog Published: 05/09/2022

This blog was originally published by Entrust here. Written by Samantha Mabey, Product Marketing Management Director, Certificate Solutions at Entrust. As the number of machine identities continues to rise, so does the urgency to make sure they are being properly managed. In fact, in a recent s...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.