Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Why XDR Should Be on Your Roadmap for SOC Success

Blog Published: 10/05/2022

Originally published by CrowdStrike here. Written by Scott Simkin, CrowdStrike. Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security professionals have...

Cybercrime Across the U.S.

Blog Published: 10/07/2022

Originally published by ThirdPartyTrust here. Written by Chris Gerben, VP of Marketing, ThirdPartyTrust. Many of us are spending more time on the internet, and technology has taken over how we work, interact with our friends, and even how we pay for goods and services.But spending more time on...

Shining a Light on Visibility for Enhanced Security Posture

Blog Published: 10/04/2022

Originally published by Alert Logic here. Written by Tom Gorup, Vice President of Security and Support Operations, Alert Logic by HelpSystems. Security posture is a largely obscure phrase. It’s used in the industry but if you ask 10 different people what security posture means, you’ll get 10 d...

Survey: What Short Training Courses Most Interest You?

Blog Published: 09/24/2022

CSA is in the process of developing our Cloud Infrastructure Security Training, a series of 1 hour training courses. These courses provide a high-level primer on some of the most critical cloud security topics. Based on research by CSA’s expert working groups, they build upon your cybersecurit...

What is IoT Security?

Blog Published: 09/25/2022

Internet of Things (IoT) devices describe a variety of non-traditional, physical objects including medical devices, cars, drones, simple sensors, and more. IoT represents objects that exchange data with other systems over the internet or other networks. IoT security is the practice of securing...

The Ongoing Cyber Threat to Critical Infrastructure

Blog Published: 09/26/2022

Originally published by Thales here.Written by Marcelo Delima, Senior Manager, Global Solutions Marketing, Thales.The effects of cyberattacks on critical infrastructure can be catastrophic. Security breaches in this sector can be incredibly disruptive to society and are attracting considerable...

8 Common Cloud Misconfiguration Types (And How to Avoid Them)

Blog Published: 09/27/2022

Originally published by Vulcan Cyber here. Written by Roy Horev, Vulcan Cyber. Cloud misconfiguration refers to any errors, glitches, or gaps in the cloud environment that could pose a risk to valuable information and assets. It occurs when the cloud-based system is not correctly configured by...

The Security Risks of Taking a Stand

Blog Published: 09/27/2022

Originally published by CXO REvolutionaries here. Written by Heng Mok, CISO APJ, Zscaler. Organizations face increasing internal and external pressures to take public stands on issues unrelated to their core business. Examples include a broad range of social, political, and global events, whic...

Study: The Truth About SaaS Security and Why No One Cares…Yet

Blog Published: 09/29/2022

Originally published by Axonius here. Written by Tracey Workman, Axonius. A few months ago, we decided to conduct a study of IT and security professionals in the U.S. and Europe to better understand how they’re handling the rapid adoption of SaaS applications across their organizations. We alr...

Data Context is the Missing Ingredient for Security Teams

Blog Published: 09/30/2022

Originally published by Sentra here.Why are we still struggling with remediation and alert fatigue? In every cybersecurity domain, as we get better at identifying vulnerabilities, and add new automation tools, security teams still face the same challenge - what do we remediate first? What pose...

How Much is Your Sensitive Data Costing You? Here’s What CFOs Need to Know.

Blog Published: 09/30/2022

Originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.For many, sensitive data management seems like an inconsequential topic when compared to other business considerations. How can businesses prioritize sensitive data security when a factor like...

SaaS Breaches: How to Think About Security in Cloud Apps and Services

Blog Published: 10/03/2022

Originally published by Mitiga here.Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga.The increasing sophistication of attack groups The Okta breach is yet another indication of what we have been seeing for the past few years in the cybersecurity industry, particularly in t...

You Could Do Zero Trust the Old-Fashioned Way, but Why?

Blog Published: 10/04/2022

Originally published by CXO REvolutionaries here. Written by Kevin Schwarz, Transformation Strategist, ZScaler. Many organizations are trapped in an outdated way of operating and simply do not realize it. People, businesses, and agencies regularly use antiquated processes or technology, never ...

Keeping Your Digital Destiny Firmly in Your Hands

Blog Published: 10/06/2022

Written by Welland Chu, Ph.D, CISA, CISM. What Are the Top Priorities for Governments and Regulated Industries? Great minds think alike. When it comes to cloud adoption, what are the 3 aspects that the governments and regulators of Japan, Australia, Europe, Hong Kong, India, and Singapore...

Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection

Blog Published: 10/03/2022

Originally published by SentinelOne here. Written by By Aleksandar Milenkoski and Jim Walter, SentinelOne. We observe a new trend on the ransomware scene – intermittent encryption, or partial encryption of victims’ files. This encryption method helps ransomware operators to evade detection sys...

Cloud Security Alliance Announces Recipients of 2022 Service Awards

Press Release Published: 09/29/2022

Awards celebrate CSA volunteers’ outstanding efforts to advance cloud security, cybersecurity worldwideSEATTLE – Sept. 29, 2022 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud compu...

Cloud Security Alliance Offers Recommendations for Using Customer Controlled Key Store

Press Release Published: 09/27/2022

Document offers guidance for implementing a key management system (KMS) that is a dependency of a cloud service without being hosted by the serviceSEATTLE – Sept. 27, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and ...

Pivoting from Infrastructure Resilience to True Data Resilience

Blog Published: 10/05/2022

Originally published by ShardSecure here. Written by Julian Weinberger, ShardSecure Sales Engineering & Partner Lead. Traditionally, we achieved resilience by making systems redundant with a primary data center and a backup data center that consisted of all the same infrastructure, devic...

Reversing the Digital Trust Deficit

Blog Published: 10/05/2022

Originally published by KPMG here. Written by Akhilesh Tuteja, Global Cyber Security Practice Leader, KPMG in India. Our seemingly endless reliance on the power of digital technology continues to transform everything from commerce, work and lifestyle to transportation, education, healthcare an...

Facing the Shift-Left Security Conundrum. A True Story

Blog Published: 10/06/2022

Originally published by Ermetic here. Written by Diane Benjuya, Ermetic. There was a time when developers and security teams did not, er, get along. Friction reigned as each struggled to meet their own needs. Security teams forewarned of data breaches, DevOps forewarned of development slowdown...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
111
112
113
115
117
118
119
Last »