Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Supply Chain Challenges in the Shadow of Digital Threats

Blog Published: 09/23/2022

Originally published by HCL Technologies here. Written by Andy Packham, SVP & Chief Architect, HCL Microsoft Business Unit. In a monumental move toward greater organizational safety, the US government’s recent Cybersecurity Executive Order marks a major paradigm shift in the battle against...

SAP S/4HANA: 5 Ways to Build In Security From the Start

Blog Published: 09/26/2022

Originally published by Onapsis here. Many SAP customers are currently at the point of either planning or executing a transformation to SAP’s next generation ERP, S/4HANA. More than 18,800 companies[1] have adopted SAP S/4HANA and thousands more are in the process of migrating to the new platf...

Top Threat #4 to Cloud Computing: Lack of Cloud Security Architecture and Strategy

Blog Published: 09/17/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of work...

Better Uptime: The Key to Preventing Revenue Loss

Blog Published: 09/19/2022

Originally published by TokenEx here. Written by Anni Burchfiel, TokenEx. Quick Hits: Uptime is the amount of time hardware or software is active and operating successfully. Downtime costs businesses an average of $926- $17,244 a minute in productivity loss and revenue loss. The most important...

Being a Good Cyber Citizen in a Digital World

Blog Published: 09/20/2022

Originally published by KPMG here. Written by Akhilesh Tuteja, Global Cyber Security Practice Leader, KPMG India. For organizations across all industries, cyber security has become an increasingly important board issue with growing public debate and scrutiny. And its connection to the environm...

Learning Not to Step on Lego: Blast Radius, Cloud Sprawl, and CNAPP

Blog Published: 09/20/2022

Originally published by CXO REvolutionaries here. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. Ever stepped on a Lego block? It hurts, doesn’t it!If not, imagine for a moment that it’s 2 a.m. and you’re navigating your way to the bathroom in the dark. Your child h...

How Sensitive Cloud Data Gets Exposed

Blog Published: 09/23/2022

Originally published by Sentra here. When organizations began migrating to the cloud, they did so with the promise that they’ll be able to build and adapt their infrastructures at speeds that would give them a competitive advantage. It also meant that they’d be able to use large amounts of dat...

Stolen Cookies Enabling Financial Fraud

Blog Published: 09/26/2022

Originally published by Ericom here. Written by Nick Kael, CTO, Ericom Software. Multi-Factor Authentication (MFA) is one of the most frequently recommended best practices for securing data and applications, designed to prevent even cybercriminals who have compromised user credentials in hand ...

The Ripple Effect of a Data Breach

Blog Published: 09/27/2022

Originally published by PKWARE here. The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up imp...

Takeaways From the New Healthcare Interoperability Report

Blog Published: 09/26/2022

Continuing to examine important healthcare information security topics, CSA’s Health Information Management Working Group has released a new report on Healthcare Interoperability. The purpose of this report is to examine the current state of interoperability according to the Office of the Nati...

The Anatomy of Wiper Malware, Part 2: Third-Party Drivers

Blog Published: 09/28/2022

Originally published by CrowdStrike here. Written by Ioan Iacob and Iulian Madalin Ionita, CrowdStrike. In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wip...

3 Trends from Verizon’s 2022 Data Breach Investigations Report

Blog Published: 09/21/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. The Verizon Data Breach Investigations Report is essentially infosec’s report card. It comes out right before summer vacation and gives us an ~120 page snapshot of the state of security. The findings, much like my rep...

Are You Ready for a Slack Breach? 5 Ways to Minimize Potential Impact

Blog Published: 09/22/2022

Originally published by Mitiga here. Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga. TL; DRAs Slack becomes a dominant part of the infrastructure in your organization, it will become a target for attacks and at some point, it is likely to be breached (just like any other...

The Biggest Cloud and Web Security Concerns Today

Blog Published: 09/24/2022

With the continuation of remote work and newsworthy cyber attacks, organizations are struggling to adapt their overall security strategies to the changing landscape. To get a better understanding of the industry’s current attitudes regarding cloud and web security risks, Proofpoint commissione...

Cloud DNS Security – How to Protect DNS in the Cloud

Blog Published: 09/28/2022

Originally published by Sysdig here. Written by Brett Wolmarans, Sysdig. When using DNS in the Cloud, security cannot be overlooked. This article is for cloud architects and security practitioners who would like to learn more about deployment options for DNS security and some security best pra...

How SOC 2 Audits Add Value to an Organization

Blog Published: 09/29/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. From ISO 27001 to PCI DSS to SOC 1 and SOC 2, there is no shortage of security assessments for organizations to pursue. While some audits can be more time intensive than others, the...

One Pane (of Glass) Makes Many Clouds Work

Blog Published: 09/29/2022

Originally published by Entrust here. Written by Tushar Tambay of Entrust and Mark LaRoche of VMware. Cloud computing is a well established part of almost every organization’s IT infrastructure, but the proliferation of these cloud platforms, as well as increased focus on cloud platforms by ha...

2022 State of Public Cloud Security Report Reveals Critical Cloud Security Gaps

Blog Published: 09/30/2022

Originally published by Orca Security here. Written by Bar Kaduri and Deborah Galea, Orca Security. Orca Security has released the 2022 State of the Public Cloud Security report, which provides important insights into the current state of public cloud security and where the most critical secur...

Determining Your Level of CMMC Compliance: The Importance of CUI

Blog Published: 10/03/2022

Originally published by Schellman here. Written by Todd Connor, Schellman. Did you know? The Council of Economic Advisors estimates that malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016. And unfortunately, in the years since, cybercrime has only becom...

Data Breaches Are A “When,” Not An “If.” Here’s How You Can Prepare.

Blog Published: 10/04/2022

Originally published by PKWARE here. Cyber attackers have spent considerable time and resource to develop cyberattack methods that evade detection. Which means a focus on complete attack prevention may be unattainable—or if attainable, not sustainable for very long. Cyber criminals are becomin...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
110
111
112
114
116
117
118
Last »