Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts

Blog Published: 08/09/2022

Originally published by SentinelOne here. Written by Tom Hegel, SentinelOne. Over the last month a crimeware group best known as 8220 Gang has expanded their botnet to roughly 30,000 hosts globally through the use of Linux and common cloud application vulnerabilities and poorly secured conf...

5 Tips for Managing Shadow IT

Blog Published: 08/11/2022

Originally published by ThirdPartyTrust here. Written by Sabrina Pagnotta, ThirdPartyTrust. With remote work exacerbating the use of personal devices, home Wi-Fi networks, and cloud-based services, organizations increasingly face blind spots known as Shadow IT: unsanctioned hardware, services,...

Treating Healthcare’s Insider Threat

Blog Published: 08/16/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. There’s an old joke about why bank robbers rob banks. Because that’s where the money is. Given the valuable assets under their care, banks, fintech, insurance, and other financial institutions have understood that the...

Can Ransomware Infect Encrypted Files?

Blog Published: 08/17/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. By now, you likely know that ransomware has become a major concern for businesses and organizations across the globe. The European Union Agency for Cybersecurity (ENISA) noted a 150% rise in ranso...

What is a Merchant-Initiated Transaction, and Why is it Considered Low Risk?

Blog Published: 08/09/2022

Originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.A merchant-initiated transaction is a payment initiated by the merchant instead of the cardholder. These transactions are initiated on behalf of the customer based on an agreement between the ...

The CISOs Report: A Spotlight on Today’s Cybersecurity Challenges

Blog Published: 08/19/2022

Originally published by CXO REvolutionaries here. Written by Sean Cordero, CISO - Americas, Zscaler. New attacks and attack classes demand new solutions and strategies The swift evolution of IT infrastructures has made cybersecurity more challenging than ever for CISOs. They face a broader ran...

If a Recession Comes, Cut Cyber Professionals at Your Peril

Blog Published: 08/10/2022

Originally published by CXO REvolutionaries here. Written by David Cagigal, CIO, State of Wisconsin (former).I was working for a utility company in 2008 when a bubble burst in the housing market and caused the economy to collapse. We were all asked to tighten our belts. I knew then that I had ...

With Security Analytics, Quality Means More Than Quantity

Blog Published: 08/10/2022

Written by Rohit Dhamankar, Vice President, Threat Intelligence, Alert Logic.In the cybersecurity market, detecting attacks early — hopefully, before a breach occurs, but certainly as early in the kill chain as possible — and neutralizing them before damage is done is critical.But success in t...

The Mendacious Magic of Cloud Tiering

Blog Published: 08/11/2022

Originally published by Nasuni here. Written by Andres Rodriguez, CTO & founder, Nasuni. In the words of the great Arthur C. Clarke, “Any sufficiently advanced technology is indistinguishable from magic.” This is a brilliant maxim, but it doesn’t mean that a solution which appears to be ma...

How to Secure and Protect Your Kubernetes Cluster?

Blog Published: 08/15/2022

Originally published by ARMO here. Written by Rotem Refael, Director of Engineering, ARMO. Kubernetes is the de-facto container management platform of today and the future. It has increased the scalability and flexibility of applications and eliminated vendor lock-in. Kubernetes also brings a ...

An Overview on the Modern, Cloud-Native SOC Platform

Blog Published: 08/15/2022

Originally published by Panther here. Written by Mark Stone, Panther. For the modern security team, the concepts of Security Operations Center (SOC) and Security Information and Event Management (SIEM) are well known and have become increasingly crucial. To defend against the wide range of cyb...

Cloud Security Alliance Releases Illustrative Type 2 SOC 2® Report That Incorporates Its Cloud Controls Matrix Criteria

Press Release Published: 08/09/2022

Document provides American Institute of Certified Public Accountants-approved guidelines for SOC 2 reportingSEATTLE – August 9, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure ...

Context Counts: How to Use Transfer Learning and Model-Aided Labeling to Train Data Tailored Models

Blog Published: 08/17/2022

Originally published by BigID here. Written by Itamar Zaltsman, BigID. Thanks to great advances and breakthroughs in the area of Natural Language Processing (NLP), we have access to a vast amount of ready to use Named Entity Recognition (NER) classifiers. These classifiers are available in man...

What Is Attestation of Compliance (AoC) and Why Does It Matter?

Blog Published: 08/18/2022

Originally published by TokenEx here. Written by Valerie Hare, Content Marketing Specialist, TokenEx.Did you know that a Verizon Payment Security Report found that only 27.9 percent of organizations achieved full compliance with PCI DSS during their validation process in 2019? The Payment Card...

Cyber Resilience – Lessons From Ukraine

Blog Published: 08/18/2022

Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. Alongside the tragic war in Ukraine, cyber-attacks have played their part, too. This complex and increasingly uncertain situation in cyberspace is driving many countries and...

Who Performs a SOC 2 Audit? The Role of SOC 2 Auditors vs. Compliance Software

Blog Published: 08/12/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. Data breaches and ransomware attacks continue to dominate the news cycle. To protect data, and position themselves favorably among prospects and customers, companies need to demonst...

Google Workspace - Log Insights to Your Threat Hunt

Blog Published: 08/16/2022

Originally published by Mitiga here. Written by Ariel Szarf and Lionel Saposnik, Mitiga. Google Workspace is a popular service for document collaboration for organizations and for individual users. Threat actors note that the popularity of this service has increased and search for ways to ex...

An Introduction to CSA STAR and ISO 27001

Blog Published: 08/18/2022

Originally published by Schellman here. Written by Ryan Mackie, Schellman. When making decisions about the kind of compliance your organization needs, the process can be akin to creating an ice cream sundae (albeit, less fun). No doubt your customers and prospects want to see comprehensive a...

Zero Trust for Cloud-Native Workloads: Mitigating Future Log4j Incidents

Blog Published: 08/19/2022

Originally published by Tigera here. Written by Giri Radhakrishnan, Tigera. In my previous blog post, I introduced the brief history of zero trust, the core pillars of a zero-trust model, and how to build a zero-trust model for cloud-native workloads. In this blog post, you will learn how to m...

Global Cybersecurity Experts Take the Stage at SECtember, Hosted by Cloud Security Alliance

Press Release Published: 08/17/2022

Event provides state-of-the-art perspective on cybersecurity threat vectors and solutions rooted in cloud computingSEATTLE – Aug. 17, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a s...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
106
107
108
110
112
113
114
Last »