Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Cloud Security Alliance Releases Top Threats to Cloud Computing: Egregious 11 Deep Dive; Articulates Cloud Computing’s Most Significant Issues

Press Release Published: 09/23/2020

Case studies provide understanding of how lessons and mitigation concepts can be applied in real-world scenarios with identity and access management controls the most relevant mitigationSEATTLE – Sept. 23, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to de...

CCSK Success Stories: From the Head of IT at a Financial Services Company

Blog Published: 09/22/2020

Written by Faisal Yahya, Head of IT - Cybersecurity and Insurance Enterprise Architect, PT IBS Insurance Broking ServiceThis is the fifth part in a blog series on cloud security education, in which we will be interviewing Faisal Yahya, Head of IT - Cybersecurity and Insurance Enterprise Architect...

Is your vendor platform future proof?

Blog Published: 09/21/2020

Written by WhisticIn the last few years, the InfoSec and data privacy sectors have grown exponentially. From on-premise hardware and servers to fully adopting cloud-based, SaaS-focused security workflows, the InfoSec world of 2020 looks much different from ten years ago. If you’re like most InfoS...

Quantum Bitcoin

Blog Published: 09/19/2020

By Dr. Jonathan Jogenfors, Quantum Bitcoin Inventor, Hacker, Atea Senior Information Security Consultant, CSA Blockchain Cybersecurity and Privacy Best Practices Group AdvisorMoney requires copy protection. If banknotes or coins could be forged, they would hardly be usable in daily life. Blockcha...

​Polyrize Launches Its Inaugural Shadow Identity Report

Blog Published: 09/17/2020

Key trends and challenges in securing cloud identities and privilegesPolyrize, an innovator in managing and securing privileges and identity access across the public cloud, today launched its 2020 Shadow Identity Report, developed by its new SaaS Threat Labs Team. The report covers key trends and...

CCM Addendum for Associated Banks of Singapore

Blog Published: 09/16/2020

Written by: Co-chair - Arun VIVEK, Head of Cloud & Container Security – Cyber Security Services, Standard Chartered BankCSA CCM & Association of Banks in Singapore Cloud Computing Implementation Guide 2.0 Controls This week CSA released a Cloud Controls Matrix (CCM) addendum and Gap Analy...

What is Third Party Risk and Why Does It Matter?

Blog Published: 09/14/2020

Written by WhisticIn the world of information security, third party risk is a topic that comes up often. As more and more organizations turn to SaaS-based vendors and move their operations to a cloud-driven environment, third party risk has become one of the most critical topics for an organizati...

Understanding the Complexities of Securing a Remote Workforce

Blog Published: 09/09/2020

By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however there ...

Diving Deeper: 4 Best Practices for Securing Enterprise Data in Office 365 (O365)

Blog Published: 09/09/2020

By Matt Hines, VP of Marketing at CipherCloud & Ishani Sircar, Product Marketing Manager at CipherCloudSo, here we are, both as workers and employers. The COVID-19 environment hasn’t really changed much from a workforce perspective over the last six months, other than the fact that more of us...

The Service Mesh Wars: Why Istio might not be favorite after all

Blog Published: 09/03/2020

By Gadi Naor, CTO and Co-Founder, AlcideThese days, more organizations are shifting to cloud-native applications, which are designed to run in the cloud and take advantage of the cloud’s dynamic, scalable and readily-available nature. Typically, cloud-native application architectures are made up ...

SSO and the Road to Passwordless

Blog Published: 09/01/2020

By Dave Lewis, Advisory CISO — Global at DuoWe’ve all heard the phrase “every journey starts with a single step.” While this might seem obvious on the face of it, we can often feel pressure to immediately arrive at our destination.Discussions around passwordless often are too simplistic or too co...

Shared Responsibility Model Explained

Blog Published: 08/26/2020

By CloudPassageCloud service providers adhere to a shared security responsibility model, which means your security team maintains some responsibilities for security as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all. D...

3 Ways to Overcome Challenges in Vendor Risk Management

Blog Published: 08/25/2020

Written by WhisticOne of the most significant catalysts for the shift from reactive to proactive vendor security was the change in the way organizations do business and handle data and information.The Changing SaaS LandscapeInfoSec is one of the latest industries to hop on the SaaS train, but it ...

Cloud Security Alliance’s CASB Survey Finds Nearly 70% House Their Most Sensitive Data in Microsoft SharePoint Online/OneDrive

Blog Published: 08/25/2020

By Tim Choi, Director of Product Marketing for ProofpointCOVID-19 changed everything overnight. The traditional perimeter is gone and the things that were planned years in the future—like cloud migration—had to be fast tracked. Immediately.This sudden shift is the latest evidence that organizatio...

Enabling Data Protection and Compliance in the G Suite Environment

Blog Published: 08/21/2020

By Matt Hines, VP of Marketing at CipherCloud & Ishani Sircar, Product Marketing Manager at CipherCloudThe Rise of G Suite and Related Data Security ChallengesWith over 2 billion active users and a market share of 56.97 percent, G Suite is here to stay nd help enable today’s businesses to tac...

Cloud Security Alliance Releases Perspective on Cloud Risk Management Report That Identifies Cloud Computing Rapid Adoption Gaps and Risks

Press Release Published: 08/20/2020

Document provides impartial look at risk by identifying, examining gaps introduced over the last decade by rapid adoption of cloud computingSEATTLE – Aug. 20, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practi...

SaaS Security Series: Understanding Salesforce Administrative Permissions

Blog Published: 08/19/2020

Brian Soby, CTO & Co-founder of AppOmniToday, more than ever, SaaS applications drive the modern enterprise. They are relied upon for managing customer data, allowing internal collaboration, and keeping organizations connected across the world. As the amount of sensitive and business-critical...

Can Passwordless Authentication Be Trusted?

Blog Published: 08/17/2020

By J. Wolfgang Goerlich, Advisory CISO for Duo SecurityEvery new feature we introduce to our users is potentially a new tactic we provide our adversaries. When I was learning to drive, this happened with car steering wheel locks. Do you remember these? Big bars people would put on their steering ...

Cloud Security Alliance, ISACA Announce Strategic Partnership to Reinvent Cloud Auditing and Assurance

Press Release Published: 08/17/2020

Organizations to collaborate on joint venture to bring the Certificate of Cloud Auditing Knowledge (CCAK) to the marketSEATTLE – Aug. 17, 2020 – Global technology association ISACA and the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certificati...

How to secure DevOps

Blog Published: 08/12/2020

By Andrey Pozhogin, Senior Product Marketing Manager, Hybrid Cloud Security at KaperskySupply-chain attacks through public repositories have become more frequent of late. Here’s how to deal with them.Last month, IT news websites reported that RubyGems, the official channel for distributing librar...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
111
112
113
115
117
118
119
Last »