Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
FedRAMP vs. ISO 27001

Blog Published: 10/28/2022

Originally published by Schellman here. Ever seen those jugglers that manage to balance multiple spinning plates at the same time? As impressive as it is, you figure you’d be happy to spin just the one plate successfully. For cloud service providers (CSPs), you have lots of different proverbi...

All Eyes on Cloud | Why the Cloud Surface Attracts Attacks

Blog Published: 10/28/2022

Originally published by SentinelOne here. Cloud environments have seen a meteoric rise in the past decade. What began as means of data storage has now become a full-scale computing platform, enabling a global shift in how businesses share, store, optimize, and manage information. However, thre...

Cloud Security Alliance Partners with SecurityScorecard

Press Release Published: 10/20/2022

Agreement will help speed the advancement of continuous cyber risk monitoring across industriesSEATTLE – Oct. 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computin...

New Study from Cloud Security Alliance and BigID Finds That Organizations Are Struggling to Track, Secure Sensitive Data in the Cloud

Press Release Published: 10/20/2022

Over 1,500 IT and security professionals reveal the state of cloud data security in 2022SEATTLE – Oct. 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing envir...

As Gaming Moves to the Cloud, Web App Attacks Multiply

Blog Published: 10/21/2022

Originally published by Ericom here. Written by Gerry Grealish, Ericom CMO. The online gaming industry is huge and growing fast. Sales topped $193 billion in 2021 and are anticipated to reach almost $211 billion by 2025. Attacks on the industry are increasing as well, as cybercriminals, in...

Higher Ed Campuses Have Digitized: Protecting Sensitive Data Requires a Unified Approach

Blog Published: 10/21/2022

Originally published by Lookout here. Written by Tony D'Angelo, Vice President, Public Sector, Lookout. Higher education institutions have long been subjected to ransomware and other cyber attacks, which has had a huge impact on their operations. In 2020 alone, ransomware attacks affected near...

What Any Executive Needs to Know About Zero Trust

Blog Published: 10/21/2022

Why should a company executive be interested in Zero Trust? Isn’t that supposed to be obvious? Apparently, it’s not; otherwise, we wouldn’t have nearly 1 billion successful ransomware attacks between January 2021 and June 2022.Whether we like it or not, lately, Zero Trust is becoming synonymou...

Cybersecurity Awareness Month Doesn’t Have to Be Scary

Blog Published: 10/24/2022

Originally published by Blue Lava here. Written by Veronica Wolf, Director of Product & Content Marketing, Blue Lava. In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors surrounding cybersecurity. We’ve also gathered up a few r...

Traditional Data Security Tools Fail at 60% Rate

Blog Published: 10/24/2022

Written by Titaniam. Titaniam’s ‘State of Data Exfiltration & Extortion Report’ shows that organizations may be less protected from security threats than they believe. Ransomware is becoming more and more about extortion, and current data loss prevention tactics aren’t measuring up to the ...

Using the CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) as a Procurement Tool

Blog Published: 10/22/2022

IntroductionThe CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) is an industry-wide initiative to standardize security and risk management assessments of cloud computing vendors. The CAIQ was developed to provide a consistent way for cloud service providers (CSPs), customers, and...

Responding to and Recovering from a Ransomware Attack

Blog Published: 10/22/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince Campitelli After learning what ransomware is, how to protect your organization against it, and how to detect it, it’s time to learn how to respond and recover if a ransomware attack occurs. In this blog, we’ll explain how to mitigate and contain...

How Cybersecurity Insurance Can Work To Help An Organization

Blog Published: 10/25/2022

Originally published by Thales here. Written by Anthony Dagostino, CEO and Co-Founder, Converge. For many years, organizations had limited options for addressing data protection risks. A company could never eliminate risk, but they could try to reduce or mitigate it. In the last 20+ years, cyb...

SaaS Security Use Case Series: Device-to-SaaS User Risk

Blog Published: 10/26/2022

Originally published by Adaptive Shield here. Written by Eliana Vuijsje, Marketing Director, Adaptive Shield. Typically, when threat actors look to infiltrate an organization’s SaaS apps, they look to SaaS app misconfigurations as a means for entry. However, employees now use their personal de...

3 Reasons to Add Cloud Data Security to 2023 Cybersecurity Budgets

Blog Published: 10/27/2022

Originally published by Laminar here. Written by Andy Smith, Laminar. Why Cloud Data Is So ImportantCloud data is growing at an exponential rate, and attackers have taken notice. Data breaches in 2021 increased by 68% over the year prior. As cloud data continues to grow, so too will the risk o...

A SECtember Refrain: CxOs Need Help Educating Their Boards

Blog Published: 10/26/2022

The concerns and challenges discussed during this September’s SECtember Conference and adjoining CxO Trust Summit ran the gamut. However, one refrain focused on chief information security officers’ need for more help and guidance on messaging cybersecurity problems, required security controls,...

Information Security Management and the Connectivity Gap: Solving for the Missing Links in Enterprise Information Security

Blog Published: 11/01/2022

Originally published by Tentacle. Written by Danielle Morgan, Tentacle. Let’s start with the basics: a foundational definition of Information Security management is the process of developing, maintaining, and continuously improving processes aligned with the main goal of ensuring sensitive dat...

Supply Chain Attack via a Trojanized Comm100 Chat Installer

Blog Published: 11/02/2022

Originally published by CrowdStrike. Leveraging a combination of advanced machine learning and artificial intelligence, a new supply chain attack was identified during the installation of a chat-based customer engagement platform. The supply chain attack involved a trojanized installer for the...

What Lawyers Need to Do to Defend Their Clients and Themselves from Cyber Risk

Blog Published: 11/02/2022

Originally published by Ericom. Written by Nick Kael, CTO, Ericom. Absolute trust is the essential basis of the relationship between law firms and their clients. Lawyers steer clients through complex and often sensitive personal and business situations, helping them navigate difficult issues t...

SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company

Blog Published: 11/03/2022

Originally published by Varonis. Written by Rachel Hunt, Varonis. Some people love taking risks — swimming with great white sharks, climbing El Capitan without a rope, camping in grizzly bear territory with an open jar of peanut butter, and scariest of all, assuming your SaaS data is secur...

Cloud Security Alliance Announces Trusted Cloud Consultant Program

Press Release Published: 10/27/2022

New program connects enterprise companies with trusted, qualified consultantsSEATTLE – Oct. 27, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, tod...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
114
115
116
118
120
121
122
Last »