Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
A Tale for the Ages & How DSPM Saved the Day

Blog Published: 05/04/2023

Originally published by Laminar. Written by Karen Sung, Sr Director of Field & Channel Marketing, Laminar. Today, I want to tell a story of data security posture management (DSPM).The tale of DSPM is about a representative company that faced challenges in securing its sensitive data in the...

The Pros and Cons of Zero Trust Security

Blog Published: 05/08/2023

Originally published by TrueFort. As an industry best practice, Zero Trust Security has gained much respect in recent years as the recognized way to prevent insider threats and increase the overall security of a company’s network. Many in the cybersecurity industry are of the philosophy that a...

Data Flow Security: Mitigating the Risks of Continuous Data Movement in the Cloud

Blog Published: 05/09/2023

Originally published by Dig Security. Written by Yotam Ben-Ezra. Executive Summary Data movement is ubiquitous in cloud environments due to diffuse architectural patterns and broad organizational access to data.Uncontrolled data flows can create compliance issues and lead to poor visibility ov...

A Complete Roadmap for Tackling a Ransomware Incident

Blog Published: 05/09/2023

Written by David Balaban. Ransomware continues to keep enterprises and governments on their toes. The unscrupulous operators of notorious strains such as LockBit, Clop, ALPHV/BlackCat, and Conti are increasingly adept at infiltrating networks and raiding them via two-step extortion that combin...

Maintaining PCI Compliance when Using Multiple Processors

Blog Published: 05/09/2023

Originally published by TokenEx. Written by Anni Burchfiel. Compliance with PCI DSS 4.0 (the Payment Card Industry Data Security Standard) is a necessary, but complicated, part of accepting payments for your business. Any system that processes or stores cardholder data, including third-party p...

Four Considerations for Building a Secure and Efficient Hybrid Cloud Enterprise

Blog Published: 05/10/2023

Originally published by Signal Hill. Written by Steve Jones, President and Founder, Signal Hill. Most organizations today are operating within a hybrid cloud environment, where the IT enterprise is made up of both on-prem hardware and public cloud-hosted services. While the public cloud offer...

8 Things Healthcare Organizations Can Do to Ensure HIPAA Compliance in the Cloud

Blog Published: 05/11/2023

Originally published by Schellman. “Clouds come floating into my life, no longer to carry rain or usher storm, but to add color to my sunset sky,” said Bengali polymath Rabindranath Tagore. It’s a nice, optimistic sentiment, but if you’re a healthcare provider using the cloud, you’re likely th...

Responding to Insider Risk is Hard. Here Are 4 Things You Need to Do.

Blog Published: 05/11/2023

Originally published by Code42. Written by Meredith Atkinson. Data doesn’t move outside your organization by itself. It’s your employees who move it. Data loss from insiders is a growing concern for organizations. In fact, there was a 32% year-over-year average increase in the number of inside...

Exploring Challenges and Solutions for API Security

Blog Published: 05/11/2023

Originally published by CXO REvolutionaries. Written by Sanjay Kalra, VP, Product Management, Zscaler. It’s an unfortunate reality that APIs are easy to expose but difficult to defend. By acting as translators between applications, they have become the favored tools for ensuring apps of varied...

Keeping VIP Emails Safe: Why Your Executives Are Your Largest Security Concern

Blog Published: 05/15/2023

Originally published by Abnormal Security. Written by Mike Britton. Account takeovers are, unfortunately, relatively easy to execute and incredibly difficult for legacy email security solutions to detect. Additionally, once an account has been compromised, it can lead to more costly attacks su...

Community Alert: Organized Credential Stuffing Attack Observed on Azure Cloud Environments

Blog Published: 05/17/2023

Originally published by Gem Security on May 5, 2023. Written by Alice Klimovitsky. Over the past few days, researchers at Gem Security have been tracking what appears to be an organized credential stuffing attack playing out on Azure cloud environments. This post serves as a community warning ...

Why Hybrid Cloud Computing Makes Sense for the Healthcare Industry

Blog Published: 05/18/2023

Originally published by Sangfor Technologies. Written by Nicholas Tay Chee Seng, Cloud Chief Technology Officer, Sangfor Technologies. Healthcare is one of the biggest beneficiaries of cloud adoption as it relies on technical innovation by design, and cloud computing has made each aspect of in...

CSA’s PayForward Cloud Security Training Program

Blog Published: 05/26/2023

Accessible Cloud Security Training for Disadvantaged Individuals The COVID-19 pandemic and resulting lockdown saw an increase in cloud usage and adoption. Many enterprises pivoted to the cloud to take advantage of its elasticity, scalability, and agility to enhance their time to market. There ...

Cyberthreats You Need to Know (and What to Do About Them)

Blog Published: 05/24/2023

Originally published by Schellman in October 2022. Did you know that we’ve just come to the end of National Cybersecurity Awareness Month?When you think about it, October is a fitting choice for such a designation. After all, this is the time of year we’re all watching scary movies about vampi...

Insider Threat Detection: What You Need To Know

Blog Published: 05/25/2023

Originally published by Code42. Written by Aimee Simpson. The modern hybrid and remote workplace relies more than ever on cloud-based applications and data sharing. Because of the evolving cybersecurity landscape, security professionals must rely on a comprehensive insider threat detection str...

Vulnerability Prioritization – Combating Developer Fatigue

Blog Published: 06/01/2023

Originally published by Sysdig on February 14, 2023. Written by Miguel Hernández. We are in early 2023, and we have over 2700 new vulnerabilities registered in CVE. It is still a challenge for developers to endure the fatigue of continual vulnerability prioritization and mitigation of new thre...

Top Ways to Find and Protect Sensitive Data in the Cloud

Blog Published: 06/06/2023

Originally published by Laminar. Written by Michael Holburn, Solutions Engineer, Laminar. Cloud data risk is more prevalent than ever. Laminar Labs scanned publicly facing cloud storage buckets and found personally identifiable information (PII) in 21% of these buckets – or one in five. Despit...

AWS Strengthens Security with Default Encryption on S3, Is Your Data Fully Protected?

Blog Published: 06/07/2023

Originally published by Dig Security. Written by Sharon Farber. Executive summary As with any change to security policy, it’s important to consider it in the context of the shared security model. The ultimate responsibility for protecting sensitive data rests on the customer, rather than the c...

Identity in the Cloud is at its Breaking Point

Blog Published: 05/16/2023

Originally published by Strata. The hardest part of identity and access management (IAM) technology is making it work with multi-vendor infrastructure and the growing number of applications that enterprises rely on to get business done. Primarily because the last-mile integration of applicatio...

5 Benefits of Adding a DSPM Solution to Your Security Stack

Blog Published: 05/18/2023

Originally published by Laminar. Written by Michael Holburn, Solutions Engineer, Laminar. Last year, data security posture management appeared in the Gartner Hype Cycle for the first time. And the hype has only grown bigger since then. But why is DSPM at the forefront of today’s security conve...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
134
135
136
138
140
141
142
Last »