Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
FedRAMP Just Got Better – And is Here to Stay

Blog Published: 08/15/2023

Originally published by Coalfire. Written by Tom McAndrew, Chief Executive Officer, Coalfire. President Biden signed the National Defense Authorization Act (NDAA), taking a giant step forward in securing the federal government’s cloud-first mission. The FedRAMP® (Federal Risk and Authorization...

Pentesting for Cloud Systems: What You Need to Know

Blog Published: 08/10/2023

Originally published by Synack. Security Breaches in Cloud SystemsMost businesses today perform at least some of their compute functions in the cloud. For good reason. Processing in the cloud can lead to increased productivity while reducing capital and operational costs. But, as with any comp...

Reflecting on the Journey of Cloud Adoption and Security Thus Far

Blog Published: 08/11/2023

Written by Raghvendra Singh, Head, Cloud Security CoE, TCS.The latter half of 2023 is here, and the cloud trend shows no signs of reversal. Few might have predicted the power of cloud computing a decade ago, when there were obvious questions about its security, sustainability, cost, and overal...

Why Compliance Doesn’t Equal Security

Blog Published: 08/18/2023

Originally published by BARR Advisory. Written by Devin Olsen, Associate Consultant, Attest Services, BARR Advisory. One of the worst mistakes a business leader can make is believing that compliance equals security.There are many examples of this, but the most egregious often relate to passwor...

AI Security and Risk Management

Blog Published: 08/11/2023

Artificial Intelligence (AI) is revolutionizing various industries, but it is also bringing forward security and risk management challenges. As AI integrates into our daily lives, concerns about safeguarding the confidentiality, integrity, and availability of AI systems and data grow alongs...

New Top-Level Domains: Overblown or Undermining Our Security?

Blog Published: 08/11/2023

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. In May, Google generated a tempest in the cybersecurity teakettle with this announcement on Twitter:Today, Google Registry is launching eight new top-level domains: .dad, .phd, .prof, .esq, .foo, .zip,...

Managing Cloud Misconfigurations Risks

Blog Published: 08/14/2023

Written by Ashwin Chaudhary, CEO, Accedere. Entities worldwide are rapidly migrating their business, services, and IT operations to the Cloud environment. Most entities across the globe have migrated their owned or on-premises data centers to IaaS as it offers direct access to its cloud server...

Azure's Kubernetes Service (AKS): Analysis of Security Flaws and Countermeasures

Blog Published: 08/14/2023

Written by Abhishek Bansal, Founder, Autharva.Reviewed by Arun Dhanaraj, Vice President of Cloud Practices, Mizuho. IntroductionContainers have brought about a sea change in the way software engineers build, package, and distribute their programs. The Azure Kubernetes Service (AKS), which lets...

Network Defense Platform: The Evolution Needed for Modern Enterprise Security

Blog Published: 08/15/2023

Originally published by Netography. Written by Martin Roesch, CEO, Netography. I’ve written before that the fundamental organizing principles of network security include protecting users, applications, data, and devices. With these organizing principles, it’s not uncommon for enterpris...

Data-Driven AI: Understanding the Risks and Mitigations

Blog Published: 08/15/2023

Written by Tarun Gupta, Enterprise Risk, Compliance and Assurance Leader, G42. In recent years, the rapid advancements in artificial intelligence (AI) have revolutionized various industries, unleashing unprecedented opportunities for innovation and growth. Among the various approaches to AI,...

Cloud Data Access – From Chaos to Governance

Blog Published: 08/16/2023

Originally published by Dig Security. Written by Benny Rofman. Controlling access to sensitive data is the bread and butter of any cybersecurity strategy. However, the cloud adds many complications on the road to least privilege. Below we delve into the realities of data access governance in t...

The Importance of Digital Trust in the Era of Web 3

Blog Published: 08/16/2023

Originally published by DigiCert. Written by Dr. Avesta Hojjati. For better or for worse, every aspect of our lives today is digitally connected – from how we socialize to where we work to even how our health devices are connected. Yet as we constantly engage online, how do we know that our fo...

How to Prepare for the SEC's New Cyber Disclosure Rule

Blog Published: 08/16/2023

Originally published by Schellman. The Securities and Exchange Commission's (SEC) final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure will require buy-in and active preparation from several departments of your organization to accommodate the new requi...

5 Reasons Phishing is Your Biggest Cybersecurity Problem

Blog Published: 08/17/2023

Originally published by Abnormal Security. Written by Callie Hinman Baron, Content Marketing Manager, Abnormal Security. Phishing attacks generally don’t make the headlines. And if you ask a security professional to rank email attack types by the level of threat they pose to their organization...

The Evolution of AI from GPT-1 to GPT-4

Blog Published: 08/17/2023

Written by Prikshit Goel, Vice President, Cloud Security, Cybersecurity Services and Hitesh Saini, Platform Engineering Head, Cloud Security, Cybersecurity Services, HCLTech. The evolution of Generative Pre-trained Transformers (GPTs) has been nothing short of revolutionary, marking significan...

Ephemeral Cloud Access: Unlocking Seamlessly Integrated Innovations in Multi-Cloud IAM

Blog Published: 08/17/2023

Originally published by Britive.In the present landscape of cloud operations, businesses are expanding their digital footprint to scale across multiple cloud platforms and the need for efficient identity and access management (IAM) is becoming more critical than ever. Modern multi-cloud IAM re...

Proactive Threat Hunting with Anomaly Detection in the Cloud

Blog Published: 08/18/2023

Originally published by Uptycs. Written by Laura Kenner. As our systems increasingly shift towards the cloud, security strategies must evolve to protect these novel environments. Traditional security approaches may not apply or function optimally in the cloud's unique landscape.Craig Chamberla...

Cyberspace: From Asymmetric Warfare Arena to Tool of State

Blog Published: 08/21/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. "In the midst of chaos, there is also opportunity." -Sun TzuWe are living in a world where cyber capabilities are a de facto strategic asset for nations, an integral part of their policy, and a critical ...

Insider Threat: An Enemy in the Ranks

Blog Published: 08/21/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director and Jared Snyder, Security Consultant, NCC Group. Recently, an attempt by a Russian crime syndicate to subvert a Tesla employee to plant ransomware in the company’s systems made the news. Thankfully, the employee w...

Navigating IAM Challenges for Data Protection and Access Control

Blog Published: 08/19/2023

Written by the Identity and Access Management Working Group. In today's fast-paced technological landscape, where businesses rely heavily on the cloud, Identity and Access Management (IAM) emerges as a linchpin in securing data and resources. As organizations transition their operations to the...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
143
144
145
147
149
150
151
Last »