Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Accelerating Zero Trust Maturity: Strategic Quick Wins

Blog Published: 11/20/2023

Written by Chris Hogan, Vice President, Enterprise Security Architecture and Innovation, Mastercard. In the evolving landscape of cybersecurity, Zero Trust has transformed from a buzzword to become a pivotal framework for modernizing security practices. It’s a structured journey that many orga...

Building an Effective User Identity Ecosystem Through Secure Digital Access

Blog Published: 11/17/2023

Written by Sanjay Karandikar, Director & Global Practice Head for IAM, Cybersecurity, HCLTech. In today's rapidly evolving digital landscape, user identity and cybersecurity concepts have emerged as pivotal concerns. With the widespread adoption of cloud technology and the ever-expanding a...

Generative AI in the Workplace: Striking a Balance Between Innovation and Risk

Blog Published: 11/17/2023

Originally published by CXO REvolutionaries. Written by Christopher Jablonski, Director, CXO REvolutionaries & Community, Zscaler. Given what we’ve observed since the launch of OpenAI’s ChatGPT last Fall, generative AI and large language models look poised to eventually make every employee...

Cloud Identity and Access Management Game Changers: Top 3 Innovations in Cloud Security for 2023

Blog Published: 11/20/2023

Originally published by Britive. As multi-cloud business operations proliferated throughout 2023, it became clear that the future of cloud security favors those committed to staying on the cutting edge of access management. 2023 delivered an arsenal of innovative trends and strategies to navig...

You’ve Tackled Shadow IT - Now It’s Time to Tackle Shadow DevOps

Blog Published: 11/21/2023

Originally published by Dazz. Written by Noah Simon, Head of Product Marketing, Dazz. For years, companies have been solving Shadow IT - the use of software, hardware, or SaaS services without the knowledge or approval of the IT team. While Shadow IT remains an evolving challenge, IT and Secur...

Kubernetes Security Companies: 10 Considerations for Business Leaders

Blog Published: 11/21/2023

Originally published by Uptycs. Written by Dan Verton. Kubernetes security may not be part of the everyday interactions of non-technical business leaders, but it directly affects their responsibilities and the organization’s overall health. The security risks associated with Kubernetes environ...

Behind the Curtain with a CCZT Developer: Cybersecurity Expert Omoruyi Osagiede

Blog Published: 11/22/2023

The Certificate of Competence in Zero Trust (CCZT) is the first vendor-neutral credential available for industry professionals to demonstrate their expertise in Zero Trust principles. The winner of Cyber Defense Magazine’s 2024 Global InfoSec Award for Cutting-Edge Cybersecurity Training, the ...

What is Cloud Security: 15 Essential Cloud Security Terms

Blog Published: 12/01/2023

Cloud computing is a model for enabling on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal effort. A cloud can consist of nearly any computing resources, ranging from processors and memory to networks, storage...

Human Discretion is Great, Right? Not When it’s the Lifeblood of Social Engineering Attacks

Blog Published: 12/04/2023

Originally published by CXO REvolutionaries. Written by Brett James, CTO in Residence, Zscaler. Fight social engineering attacks with zero trust principlesWhen people talk about zero trust, the first thing that comes to mind is the network, the infrastructure, or the architecture of the enterp...

A Recap of Recent Cybersecurity Incidents at Universities

Blog Published: 12/07/2023

Originally published by Schellman. When considering cybersecurity, many may first think of cutting-edge tech companies. Healthcare providers may spring to mind for others and government agencies for still others. But strong cybersecurity—if it’s not already—is becoming paramount in every secto...

Artificial Intelligence and Cybersecurity

Blog Published: 11/27/2023

Originally published by CyberGuard Compliance.AI has the potential to greatly enhance cybersecurity capabilities, but it also introduces new concerns and challenges. Here are some of the key AI-related cybersecurity concerns:Adversarial Attacks: Malicious actors can use AI to craft sophisticat...

5 Tips to Defend Against Access Brokers This Holiday Season

Blog Published: 11/27/2023

Originally published by CrowdStrike. Access brokers are decking the halls with advanced social engineering scams and vulnerability exploits to blend in with normal users and make a quick profit by selling credentials and other access methods.The holiday season brings a shift in how people and ...

How ISO 42001 “AIMS” to Promote Trustworthy AI

Blog Published: 11/28/2023

Originally published by Schellman.The regulation and responsible use of artificial intelligence (AI) has been a hot topic of 2023, prompting the release of NIST’s AI Risk Management Framework to help organizations secure this emerging tech. More standards are on the way that will address the n...

Not Just Code Vulnerabilities: The Overlooked Cause of Software Supply Chain Attacks

Blog Published: 11/29/2023

Originally published by Astrix. According to Gartner: “Software supply chain attacks have added a new dimension to software security problems because the software delivery pipelines and the tools used to build and deploy software are the new attack vectors.” While the software supply chain has...

Compromising Identity Provider Federation

Blog Published: 12/08/2023

Originally published by CrowdStrike. CrowdStrike’s Incident Response team has seen a recent increase in cases involving adversaries that abuse identity provider federation to gain access to protected services by adding and authorizing rogue domains to federation. From these cases, patterns hav...

A People-Centric Approach to Patching the Human Firewall

Blog Published: 11/29/2023

Originally published by CXO REvolutionaries.When an attacker scans your environment for entryways, what’s the most promising vulnerability they will discover?Verizon's 2023 Data Breach Investigations Report found that over 74% of breaches required human exploitation to be successful. That mean...

Biden’s “Sweeping” AI Executive Order is Here. Is the Cybersecurity Industry Ready?

Blog Published: 12/08/2023

Originally published by Synack on October 31, 2023. Written by Katie Bowen, Vice President, Public Sector, Synack.   (4/3/25) Editor's Note: The Biden AI Executive Order was rescinded by the Trump administration and any links to the White House website now return a 404. P...

How to Modernize Permissioning with the Cross-Cloud Solution Shaping the Future of IDaaS

Blog Published: 11/30/2023

Originally published by Britive. Businesses rely more today than ever before on cloud-based services and multi-cloud infrastructures to power their operations. Managing identity and access across these diverse environments can be challenging, and that’s where Identity as a Service (IDaaS) come...

Telehealth and HIPAA Compliance: What You Need to Know Now

Blog Published: 11/30/2023

Originally published by CyberGuard Compliance. In the early days of the COVID-19 pandemic, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued a Notification of Enforcement Discretion which announced that the OCR would would be exercising it enforcement discretion...

Microsoft 365 and Azure AD: Addressing Misconfigurations and Access Risks

Blog Published: 11/30/2023

Originally published by Reco.Written by Gal Nakash. In this blog post, we'll explore a real-world use case involving a SaaS Threat Detection module and its revelation of a common threat within Office 365: disabled users retaining access to sensitive company data. Disabled users can continue to...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
152
153
154
156
158
159
160
Last »