Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Building A SaaS Security Program: A Quick Start Guide

Blog Published: 09/28/2021

Written by Bryan Solari, AppOmni Every few years a new technology takes hold of businesses worldwide, expanding adoption at a speed that far outpaces our ability to secure it. Inevitably, the security shortfalls of this technology become known, and we build risk mitigation strategies that mel...

Latest Paper from Cloud Security Alliance Examines Top 10 Blockchain Attacks, Vulnerabilities, and Weaknesses

Press Release Published: 09/28/2021

In the last five years, 43 exchanges have been publicly hacked, and more than 49 Decentralized Finance protocols have been exploited, resulting in a loss of more than $2.8 billionSEATTLE – Sept. 28, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining s...

Understanding Compliance

Blog Published: 09/28/2021

This blog was originally published by CyberCrypt here.Tip: Don’t treat compliance merely as a checklist. Use the process as an audit of your security controls. Put security first: Build security around your threat model and then confirm that you are compliant.As regulators demand stricter securit...

5 Areas Exposing Your AWS Deployments to Security Threats

Blog Published: 09/27/2021

This blog was originally published on Vectra.ai Let’s be honest, the cloud has come at us fast this past year—especially if you’re a security practitioner. Like lining up to race Usain Bolt in the 100 meters kind of fast. Only he’s the cloud and you’re trying to keep up. As soon as you get se...

Cloud Security Alliance Announces Recipients of 2021 Ron Knode Service Awards

Press Release Published: 09/24/2021

Volunteers recognized for dedication, efforts to furthering cloud security best practicesSEATTLE – Sept. 24, 2021 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment,...

When Leadership Ignores DDoS Risk - 3 Tips for CISOs

Blog Published: 09/24/2021

This blog was originally published by MazeBolt here. Written by Yotam Alon, MazeBolt. A global telecom company suffered substantial damage from a DDoS attack, surprising its board and C-suite leaders, who had believed that they were well protected from DDoS attackers. The sudden attack brought...

Think Your Data is Secure? Three Questions You Need to Answer Right Now

Blog Published: 09/24/2021

Written by Yaki Faitelson, Co-Founder and CEO of Varonis. As organizations become more data driven, they store more data in more places and access it in more ways -- with phones, tablets and laptops. These ever-connected endpoints serve as gateways to large, centralized troves of sensitive infor...

Zero Trust Adoption Report: How Does Your Organization Compare?

Blog Published: 09/23/2021

This blog was originally published by Microsoft here.Written by Vasu Jakkal; Corporate Vice President, Security, Compliance and Identity; Microsoft.From the wide adoption of cloud-based services to the proliferation of mobile devices. From the emergence of advanced new cyberthreats to the recent ...

Why the World Needs Proactive Cybersecurity

Blog Published: 09/21/2021

This blog was originally published by Bitglass here.Written by Ben Rice, Bitglass.Computing is now in a ubiquitous state with users able to connect to a dizzying number of services and applications. Companies have networked together everything to reduce costs, increase automation, and achieve dig...

Survey Report: Cloud Security Posture Management and Misconfiguration Risks

Blog Published: 09/20/2021

Written by VMware.The worldwide public cloud services market grew 24.1% YoY in 2020.[1] With companies relying heavily on public clouds as the driver for digital transformation, the security of their cloud applications, data, and underlying infrastructure remains a top priority for Chief Informat...

How to Establish a Culture of Secure DevOps

Blog Published: 09/20/2021

This blog was originally published by Sysdig here.Written by Chris Kranz, Sysdig.We’re constantly told to “Shift Left” and that Secure DevOps is the only way to have confidence in your cloud native applications. But speaking to end-users and industry colleagues, it’s clear that there are some maj...

The Adoption of Multi-Cloud Drives the Need for Better Data Protection and Management of Encryption Keys and Policy Controls

Blog Published: 09/17/2021

This blog was originally published by Entrust here.Written by Jim DeLorenzo, Entrust.Enterprise adoption of multiple cloud platforms continues in earnest, whether it’s aimed at improving collaboration, reducing datacenter footprint, increasing customer response times or any number of other busine...

Cloud Security Alliance Releases New Guidance For Healthcare Delivery Organizations That Provides Measurable Approach to Detecting and Defending Against Ransomware Attacks

Press Release Published: 09/16/2021

With 560 ransomware attacks on healthcare providers in 2020, HDOs must architect their cloud for failure to better protect patient dataBELLEVUE, WA – SECtember – Sept. 16, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, a...

Reduce Your Risk: Supply Chain Attacks and the Rise of Ransomware

Blog Published: 09/16/2021

This blog was originally published by OneTrust here.Organizations are at risk of an attack on one of their vendors that may impact their day-to-day operations. Citing a recent major breach in the information technology industry as an example, it’s clear that by using ransomware hackers, malicious...

Sallie Mae CSO Jerry Archer Receives Cloud Security Alliance’s 2021 Philippe Courtot Leadership Award

Press Release Published: 09/16/2021

Archer honored for tireless commitment to innovation, peer collaboration, and leading-edge information technologyBELLEVUE, WA – SECtember – Sept. 16, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to he...

Cloud Security Alliance Releases New Guidelines Providing Insight Into Effectively Using Its Industry-Leading Security Assessment, Assurance Tools

Press Release Published: 09/15/2021

Documents provide best practices in using and implementing the Cloud Controls Matrix and Security, Trust, Assurance and Risk (STAR) programBELLEVUE, WA – SECtember – Sept. 15, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of...

Cybersecurity’s Next Fight: How to Protect Employees From Online Harassment

Blog Published: 09/15/2021

This blog was originally published by Microsoft here.The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In this blog post, Microsoft Product Marketing Manager Natalia Godyla talks with Leigh Honeywell, CEO and...

The Evolution of Private Cloud Computing and Shared Responsibility

Blog Published: 09/15/2021

Summary: Cloud computing has changed over the last 10 years – the Private Cloud has undergone a big change too. This blog captures the evolution of the Private Cloud with a focus on the shared responsibility model. A previous blog talks about the different service models as they have evolved...

Latest Research from Cloud Security Alliance Offers Guidance on Designing Serverless Architecture, Adopting Cloud-Native Key Management Systems

Press Release Published: 09/14/2021

Documents offer road maps to those looking to implement new systems within their organizationsBELLEVUE, WA – SECtember – Sept. 14, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure...

Coping With the Ransomware Threat

Blog Published: 09/14/2021

This blog was originally published by Oracle here.Written by Eric Maurice, Oracle.News of successful large-scale ransomware attacks are becoming more frequent. In some instances, companies considered part of the U.S. Critical Infrastructure have been compromised and their normal operations have ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
103
104
105
107
109
110
111
Last »