Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Everything You Need to Know About ISO 27001 Certification

Blog Published: 01/27/2023

Originally published by A-LIGN. With bad actors targeting sensitive data, many organizations are looking for new ways to monitor and improve their data security. Enter: ISO/IEC 27001:2013. A useful way to establish credibility with stakeholders, customers, and partners, ISO 27001 can help de...

Your Guide to IAM – and IAM Security in the Cloud

Blog Published: 01/27/2023

Originally published by Ermetic. As user credentials become a coveted target for attackers, IAM (Identity Access Management) technologies are gaining popularity among enterprises. IAM tools are used in part to implement identity-based access security practices in the cloud. But is IAM security...

CircleCI Cybersecurity Incident Hunting Guide

Blog Published: 01/30/2023

Originally published by Mitiga. Written by Doron Karmi, Deror Czudnowski, Ariel Szarf, and Or Aspir, Mitiga. On January 4, CircleCI published a statement announcing the investigation of a security incident. In this technical blog, we will share how to hunt for malicious behavior that may be ca...

Securing Cloud Workloads in 5 Easy Steps

Blog Published: 01/30/2023

Originally published by Tigera. Written by Senthil Nithiyananthan, Tigera. As organizations transition from monolithic services in traditional data centers to microservices architecture in a public cloud, security becomes a bottleneck and causes delays in achieving business goals. Traditional ...

How to Avoid Cybersecurity Whack-a-Mole

Blog Published: 01/31/2023

Originally published by Nasuni on November 8, 2022. Written by Jason Patterson, Nasuni. Although Cybersecurity Awareness Month is behind us now, that is no reason to take the focus off the subject. This year’s theme – “See Yourself in Cyber” – highlighted the fact that strong security really c...

FedRAMP Certification: An Overview of Why It Matters

Blog Published: 01/31/2023

Originally published by Titaniam. Cybersecurity is now in the spotlight as data breaches become a near-daily story. Organizations are consuming massive amounts of personal data that is directly tied to everyday people, and they’re often utilizing cloud-based services to help store them. This c...

Does Cloud Log Management Shield You From Threats? CloudTrail vs CloudWatch

Blog Published: 02/01/2023

Originally published by Sysdig. Written by Brett Wolmarans, Sysdig. What is different about cloud log management versus on-premises? The answer may seem simple, but several elements such as CloudTrail vs. CloudWatch come into play. In this article, we will cover some of the most important diff...

Beyond BEC: How Modern Phishing Has Evolved Past Email

Blog Published: 02/02/2023

Originally published by Lookout. Written by Hank Schless, Lookout. Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for nearly $2.4 billion in cyber crime losses in 2021. At its root, it’s a type of...

CCSK Success Story: From the Head of IT Infrastructure and Security

Blog Published: 02/03/2023

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverag...

How Confident Are You in Your Security Posture?

Blog Published: 01/30/2023

Originally published by Contino. Written by Marcus Maxwell, Security Practice Lead, Contino. Comparison might be the thief of joy, but it can also be a vital sign that you’re on the right (or wrong) track. Our customers often ask us how their security postures compare to those of other organis...

A Checklist for CSA’s Cloud Controls Matrix v4

Blog Published: 02/01/2023

Originally published by NCC Group. Written by Nandor Csonka, Director of Cloud Security, NCC Group. The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is an internationally recognized framework that helps cloud service providers (CSPs) and cloud service customers (CSCs) manage risk....

“Hi ChatGPT, please help Cybersecurity”

Blog Published: 01/31/2023

“Cloud is just a bunch of APIs,” said Mark Russinovich of Microsoft at CSA’s SECtember 2021 conference. Mark was simplifying the definition of cloud to get after the essential characteristic that has allowed it to flourish and conquer other forms of computing. The on-demand provisioning of com...

Reframing Password Management: What We Learned from the LastPass Breach

Blog Published: 02/02/2023

Originally published by BARR Advisory. In August of 2022, LastPass, the cloud-based password saver, was breached as bad actors stole information that would eventually lead them to access a copy of the data vaults of tens of thousands of customers. When the firm was hacked for a second time in ...

Shift Left, Save Resources: DevSecOps and the CI/CD Pipeline

Blog Published: 02/03/2023

Originally published by CXO REvolutionaries. Written by Gary Parker, Field CTO - AMS, Zscaler. Reaching the final phase of the software development lifecycle only to discover a significant security flaw is a waste of time, money, and effort. That’s why integrating security checks into the cont...

Social Media Traffic Monitoring – From Thought Police to Security Priority

Blog Published: 02/06/2023

Originally published by Netography. Written by Mal Fitzgerald, Sales Engineer, Netography. It seems as though every week we hear about another government agency that has banned a specific social media platform from their government-issued devices. There are a multitude of reasons for banning s...

Exposed Remote Desktop Protocol Actively Targeted by Threat Actors to Deploy Ransomware

Blog Published: 02/06/2023

Originally published by Cyble on December 2, 2022. Cyble Global Sensors Intelligence and Darkweb findings show TAs actively targeting RDP Cyble Research and Intelligence Labs (CRIL) discovered multiple ransomware groups targeting open Remote Desktop Protocol (RDP) ports. RDP allows users to ac...

Building a Better DSPM by Combining Data Classification Techniques

Blog Published: 02/08/2023

Originally published by Sentra. The increasing prevalence of data breaches is driving many organizations to add another tool to their ever growing security arsenal - data security posture management, or DSPM. This new approach recognizes that not all data is equal - breaches to some data ca...

Empowering Individuals and Organizations to ‘Respect Privacy’

Blog Published: 02/14/2023

Originally published by BARR Advisory on January 23, 2023. Written by Kyle Cohlmia, BARR Advisory. This week is Data Privacy Week, an annual campaign hosted by the National Cybersecurity Alliance. The theme of this year’s Data Privacy Week is “respect privacy,” with the goal to help individual...

Four Questions to Ask About Your Cloud Security Posture

Blog Published: 02/15/2023

Originally published by Lookout. Written by David Richardson, Vice President, Product, Lookout. For most organizations, the decision to adopt cloud technologies is a simple one. Cloud apps streamline operations and costs while enabling users to access resources from anywhere and on any dev...

A Closer Look at BlackMagic Ransomware

Blog Published: 02/21/2023

Originally published by Cyble on December 7, 2022. New Ransomware disrupting Transportation and Logistics Industry in Israel During a routine threat-hunting exercise, Cyble Research and Intelligence Labs (CRIL) came across a new ransomware group named “BlackMagic” ransomware. This ransomware ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
124
125
126
128
130
131
132
Last »