Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Highlights from the 2023 Cloud Threat Report

Blog Published: 07/24/2023

Originally published by Aqua Security. Written by Chris Simmons, Senior Director Product Marketing, Aqua Security. The adoption of cloud native technologies has become a cornerstone to helping business build and run applications. Cloud computing has revolutionized the way organizations design,...

Protecting PII in the Cloud

Blog Published: 07/25/2023

Written by Ashwin Chaudhary, CEO, Accedere. Cloud computing has revolutionized the way businesses operate, providing flexibility, scalability, and cost savings. PII (Personal Identifiable Information) refers to any data that can be used to identify a specific individual. PII is often sensit...

Multi-Cloud vs. Hybrid Cloud: Choosing the Right Cloud

Blog Published: 07/26/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. Today’s digitally dominated economy has transformed the global landscape. Efficient and cost-effective IT infrastructure, namely cloud computing, is critical to providing organizations with the competitive ...

Four Ways to Quickly Determine Your Atomization Issue and Next Steps to Fix it

Blog Published: 07/27/2023

Originally published by Netography. Written by Martin Roesch, CEO, Netography. Network atomization didn’t happen overnight. It’s been a progression over the last fifteen-plus years driven by digital transformation, a rise in multi-cloud strategies, and the shift to a hybrid workforce. And now,...

The Consequences of Expired Payment Info

Blog Published: 09/28/2023

Originally published by TokenEx. Written by Valerie Hare. Ecommerce businesses lose $18 billion in sales revenue every year due to cart abandonment. 30 percent of shoppers will abandon their cart if they have to re-enter their credit card details. Since most credit cards expire after three to...

Stopping Phishing Attacks and Socially-Engineered Threats from ChatGPT

Blog Published: 08/01/2023

Originally published by Abnormal Security. Written by Jade Hill. What’s the difference between a tool and a weapon? It’s all about intent. What someone uses for creative purposes can also be used for malicious purposes.Consider generative AI, which includes popular technologies like ChatGPT an...

Meeting and Scaling Compliance with Intentional IaC Design

Blog Published: 08/03/2023

Originally published by Coalfire. Written by Christian Stano, Senior Consultant, Cloud Services, Coalfire.Key takeaways Utilizing consolidated, “smart” compliance-aware Terraform module design decreases audit risk and cost and maintains or accelerates developer velocity by shifting the burden ...

Last Mile Enforcement: Securing Those Unmanageable Non-Standards-Based Applications

Blog Published: 07/27/2023

Originally published by Strata.Is it possible to have modern authentication for both standards-based and non-standards-based apps? In today’s rapidly-evolving business environment, enterprise applications are crucial for driving innovation and productivity. From an identity standpoint, they ar...

Dissecting Cloud Ransomware: Lessons Learned and How to be Prepared

Blog Published: 08/04/2023

Originally published by Dig Security. Written by Sharon Farber. Our most recent webinar, “Dissecting Cloud Ransomware: Lessons learned and how to be prepared?” saw Yotam Ben Ezra (Chief Product Officer) and Ofir Balassiano (Head of Security Research) engaging in an in-depth exploration of all ...

Cloud Vulnerability Management Program

Blog Published: 07/28/2023

Written by Kazi Arif, Senior Consultant, AT&T Cybersecurity. Continuous technological advancements introduce critical vulnerabilities to your organization that malicious actors seek to exploit. Despite considerable time, money, and resources invested into security, achieving 100% protectio...

Compromised Accounts Are Being Weaponized – Here’s How to Fight Back

Blog Published: 07/31/2023

Originally published by Code42. Written by Christian Wimpelmann. Compromised user accounts have always been the most significant — and simplest — cybersecurity risk in the enterprise. Stolen credentials were the vector of choice for more than 40% of attacks in 2022, according to Verizon’s 2022...

Building Business Trust in the Dark Forest of the Internet

Blog Published: 07/21/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. “The universe is a dark forest. Every civilization is an armed hunter stalking through the trees like a ghost, gently pushing aside branches that block the path and trying to tread without sound.” - Cixi...

New Research: Life Sciences Organizations are Ahead of the Curve, but Vulnerabilities Persist

Blog Published: 07/21/2023

Originally published by Code42. Written by Clea Ostendorf. From HIPAA regulations, to lost business opportunities, to stolen IP and trade secrets, organizations in the Life Sciences sector stand to lose a great deal to Insider Risk. Though all sectors are faced with the threat of data loss fro...

Microsoft Executive Shawn Bice to Discuss the Intersection of AI, Cloud, and Cybersecurity at Cloud Security Alliance’s SECtember 2023

Press Release Published: 07/25/2023

Industry veteran will hold a keynote fireside chat on the widespread integration of Generative AI within cloud security solutions and what the future may bringSEATTLE – July 25, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certific...

Hospitals and Ransomware: The Human Cost of Weak Cybersecurity

Blog Published: 07/24/2023

Originally published by NCC Group.Written by Sourya Biswas, Technical Director, NCC Group.While data breaches have been the most prominent consequence of cyber attacks in the last decade, ransomware attacks have been fast catching up. And if you’ve been following the news around ransomware, yo...

CSA’s Enterprise Architecture: Security and Risk Management (SRM)

Blog Published: 07/22/2023

Written by CSA’s Enterprise Architecture Working Group. The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects, and risk management professionals to leverage a common set of solutions and controls. It can be used to assess op...

Navigating Cloud Security Challenges: Key Concerns for Cybersecurity Professionals

Blog Published: 07/25/2023

Written by Scott Caveza, Tenable. As organizations expand their use of public cloud and adopt a cloud-first strategy, cybersecurity teams encounter mounting complexity and new forms of risk. Cloud service providers (CSPs) often apply patches silently and fix misconfigurations without any notic...

Maximizing ROI on Cybersecurity Training

Blog Published: 07/25/2023

Originally published by Coalfire. With many organizations facing understaffed IT and security departments with limited time and budget, it's smart to ask, "How do the benefits of security awareness training outweigh the costs?"Key Takeaways:Traditional training for compliance is ineffective fo...

Around the Horn with a Cybersecurity Summer

Blog Published: 07/25/2023

Like many of you I presume, summer is my favorite time of the year. Where I live, the weather is perfect and life seems to be an endless parade of beaches, cookouts, and baseball. The challenge is to stay focused on work. For this update, I decided to cheat a bit, leverage some baseball nomenc...

Building a Data Management Plan

Blog Published: 07/26/2023

Originally published by BARR Advisory. Written by Christine Falk. Building and operating a data management plan can be time consuming and overwhelming. You don’t have to go it alone. BARR Advisory asked Dariek Howard, manager, Attest Services, to share his thoughts and recommendations for buil...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
141
142
143
145
147
148
149
Last »