Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Get Free Early Access to TAISE Module 3! Sample the Certificate Experience Today!

All Articles

Home
All Articles
The Top 10 SaaS Data Access Risks

Blog Published: 10/06/2022

Originally published by DoControl here. Written by Corey O'Connor, DoControl. Modern businesses increasingly rely on SaaS applications like Google Drive, Box, Dropbox, and Slack to facilitate daily exchanges of sensitive data and files. Although these tools allow for real-time collaboration th...

What are Microservices?

Blog Published: 10/05/2022

Microservices have been increasingly implemented in organizations. This increase in popularity can be attributed to the ease with which they move through a lifecycle allowing for efficient restart, scale-up, or scale-out of applications across clouds. However, these unique characteristics als...

Think Zero Trust Applies Only to Federal Agencies? Think Again!

Blog Published: 10/07/2022

Originally published by Thales here. In my last blog post, I explained how Federal Civilian Executive Branch (FCEB) agencies can comply with The White House Executive Order (E.O.) around implementing zero trust. These solutions do this by offering various capabilities like Bring-Your-Own-Encry...

Protecting Against Ransomware

Blog Published: 10/07/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliRansomware is a form of malware used by an attacker to encrypt a victim’s data and demand a ransom for the encryption key, which allows the victim access to their data. Part 1 of this blog series further explains what ransomware is and...

What Is Lockdown Mode for iOS and iPadOS and Why Should I Care?

Blog Published: 10/10/2022

Originally published by Lookout here.Written by Christoph Hebeisen, Director, Security Intelligence Research, Lookout.Apple recently announced a new feature in its upcoming iOS and iPadOS called Lockdown Mode. The aim is to protect users such as corporate executives, government officials, jour...

How to Detect Ransomware

Blog Published: 10/08/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliOnce you know what ransomware is and how to protect your organization against it, it’s important to learn how to respond if a ransomware attack occurs. The first step: detecting the ransomware attack! The Detect Function of the Nationa...

CSA’s New Zero Trust Training and Why It's Needed

Blog Published: 10/10/2022

Zero Trust has possibly been the most mentioned concept in the cybersecurity arena over the last 12 months. For some, it is a revolutionary approach. For others, it is an evolution of a series of trends already ongoing for over a decade. Finally, there are people who consider it just a buzzwor...

Grand Theft Hacker: A Look at The Rockstar Games and Uber Hack

Blog Published: 10/10/2022

Originally published by Skyhigh Security here. Written by Arnie Lopez, WW Systems Engineering, Skyhigh Security. What does one of the most successful ride-sharing platforms and one of the world’s most popular video games share in common?If you said, “Cars,” you would be right.If you said, “Bot...

What Is a Feistel Cipher?

Blog Published: 10/11/2022

Originally published by TokenEx here. Written by Valerie Hare, Content Marketing Specialist, TokenEx. Quick Hits: Feistel cipher is a design model designed to create different block ciphers, such as DES. The model uses substitution and permutation alternately. This cipher structure is based on...

Preventing Security Risks by Controlling SaaS Sprawl

Blog Published: 10/11/2022

Originally published by Axonius here. Written by Kathleen Ohlson, Axonius. The rapid growth of SaaS adoption continues. The necessity of SaaS applications for productivity and collaboration moved organizations to onboard them as fast as they could. But now these organizations have this sprawl ...

26 AWS Security Best Practices to Adopt in Production

Blog Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to...

What is SAP Security (and Why Does It Matter?)

Blog Published: 10/12/2022

Originally published by Onapsis here. An Overview of SAP Applications Business-critical applications such as ERP, SCM, CRM, SRM, PLM, HCM, BI and others support essential business functions and processes of the world’s largest commercial and governmental organizations, including supply chain, ...

Auto-Remediation in SaaS Security: Why SSPM Clients Frequently Prefer Guided Remediation

Blog Published: 10/13/2022

Written by James Alston, Senior Solutions Engineer, AppOmni. In the ongoing struggle to relieve Security teams of tedious manual work while still providing exceptional protection, auto-remediation has emerged as a frequently-discussed topic related to SSPM solutions. And its potential is c...

Can You “Fail” a SOC 2 Examination?

Blog Published: 10/13/2022

Originally published by A-LIGN here. Written by Alex Welsh, Manager, ISO Practice, A-LIGN. Although you can’t “fail” your SOC 2 report, it can result in report opinions to be noted as “modified” or “qualified”. Learn what this means for your organization.Is your organization planning for a SOC...

Best Defense? Good Cloud Offense

Blog Published: 10/14/2022

Originally published by Cloudtango here. Written by Jordi Vilanova, Cloudtango. Ever since cybersecurity began in the 70s, the focus was always building a good defense as part of the main strategy. The problem with conventional security has traditionally been its reactive nature to security, s...

What is Cloud Data Security?

Blog Published: 10/14/2022

Originally published by Laminar Security here. Written by Andy Smith, Laminar Security. Shifting to the cloud is a necessary step in the digital transformation required for businesses to get and stay ahead. The cloud allows employees to access resources from almost anywhere at any time, enhanc...

It’s Not ‘See You Later.’ It’s ‘Goodbye’: Moving on from Tokenization in the Age of Ransomware

Blog Published: 10/12/2022

Written by Arti Raman, CEO, Titaniam. Invented in 2001, tokenization addresses the risk of losing cardholder data from eCommerce platforms and remains the golden standard for protecting sensitive information.The concept was simple: Swap payment card numbers for substitute numbers, i.e., tokens...

Cybersecurity Skills Shortage Provides Rare Cross-Training Opportunities

Blog Published: 10/12/2022

Originally published by CXO REvolutionaries here. Written by Kavitha Mariappan, EVP, Customer Experience and Transformation, Zscaler. Are you familiar with the saying, “you are the average of the five people you spend the most time with?” It speaks to how our social environment and relationshi...

Types of Sensitive Data: What Cloud Security Teams Should Know

Blog Published: 10/13/2022

Originally published by Sentra here. Not all data is created equal. If there’s a breach of your public cloud, but all the hackers access is company photos from your last happy hour… well, no one really cares. It’s not making headlines. On the other hand if they leak a file which contains the p...

Do You See Yourself in Cyber? | Protect Yourself During Cybersecurity Awareness Month

Blog Published: 10/17/2022

Originally published by Alert Logic by HelpSystems on October 1, 2022. Written by Antonio Sanchez, Alert Logic. There’s more than ghosts and goblins to be on the lookout for in October. Phishers, hackers, and other nefarious characters are on the prowl – every day – trying to infiltrate your d...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
112
113
114
116
118
119
120
Last »