How to Calculate Security Posture
Blog Published: 07/08/2024
Originally published by Normalyze.Written by Vamsi Koduru.To many, data security posture can seem like an abstruse concept that’s difficult to understand, much less quantify. But by developing a clear methodology and breaking the process down into measurable steps, data security teams can provide...
Navigating the New SEC Cybersecurity Regulations in M&A Transactions
Blog Published: 07/03/2024
Originally published by CXO REvolutionaries.Picture this: you've just finalized your M&A deal, only to discover a cybersecurity incident emerging—whether it's a breach, data leak, or system compromise. Suddenly, the clock is ticking, and you're faced with a tight deadline to report this mater...
Quantum Readiness Importance: A Comprehensive Guide
Blog Published: 07/03/2024
Written by Ascertia.Digital security is evolving at a blistering pace. The advent of quantum computing represents both a formidable challenge and a significant opportunity. Ascertia recognises the need for businesses to prepare for this technological shift to ensure the integrity of digital ident...
Supremacy of AI in Compliance Services: The Dawn of a New Era
Blog Published: 07/02/2024
Written by Ashwin Chaudhary, CEO, Accedere.In the ever-evolving world of finance and business, compliance has always been a critical pillar. However, the traditional methods of ensuring compliance are becoming gradually more inadequate in the face of growing regulatory complexity and data volumes...
Cloud Security Study: Most Surveyed Organizations Suffered a Cloud-Related Breach Over an 18-Month Period
Blog Published: 07/02/2024
Originally published by Tenable. Written by Diane Benjuya. What issues affect cloud security teams today? How are they tackling these challenges? Which tools do they use to measure success? These are just a few of the questions Tenable sought to answer in its recently published "2024 Cloud Securi...
And now for something completely different… a Cloud Security Alliance RFI
Blog Published: 07/01/2024
The RFI submission period is now closed. Learn more about CSA's current AI activities by filling out our interest form. This blog is markedly different from any other I have posted on our website. While we have responded to a few Requests for Proposal (RFP) or Requests for Information (RFI) over ...
The Rise of QR Code Phishing Attacks: Exploring Quishing Threats
Blog Published: 07/01/2024
Originally published by Abnormal Security.Bad actors have been using phishing emails to steal sensitive data for three decades. Impersonating a trusted individual or brand and manufacturing a sense of urgency, attackers deceive targets into providing private information like login credentials or ...
Navigating IT-OT Convergence: A Strategic Imperative for Enterprise Success
Blog Published: 07/01/2024
Written by S Sreekumar, VP and Global Practice Head, Cybersecurity, HCLTech and José Grandmougin, Senior Director Consulting System Engineering GSI and OT, Fortinet.In the ever-evolving landscape of digital transformation, the convergence of Information Technology (IT) and Operational Technology ...
AI Data Considerations and How ISO 42001—and ISO 9001—Can Help
Blog Published: 06/28/2024
Originally published by Schellman.While the rapid pace at which artificial intelligence (AI) technology has been both developing and impacting several areas of our daily lives continues, so too do the concerns about the tech’s safety, privacy, and bias. As there’s no stopping the ongoing integrat...
Dumping a Database with an AI Chatbot
Blog Published: 06/27/2024
Originally published by Synack.Written by Kuldeep Pandya.We’re seeing AI chatbots a lot these days. They’re everywhere from Notion to AWS Docs. Many companies have started implementing their AI chatbots either using OpenAI API or a custom AI model.While making these AI chatbots is easy, the utmos...
Cloud Security in 2024: Addressing the Shifting Landscape
Blog Published: 06/27/2024
Written by Thales.As cloud infrastructures become integral to business operations, securing them is climbing the priority ladder for businesses in every sector. In fact, cloud security is a top concern for nearly two-thirds (65%) of security and IT management professionals now, and 72% claim it w...
AI is Now Exploiting Known Vulnerabilities - And What You Can Do About It
Blog Published: 06/26/2024
Originally published by Dazz.In a recent study from the University of Illinois Urbana-Champaign (UIUC), researchers demonstrated the ability for Language Learning Models (LLMs) to exploit vulnerabilities simply by reading threat advisories. While some are arguing that the sample size was rather s...
9 Best Practices for Preventing Credential Stuffing Attacks
Blog Published: 06/26/2024
Written by StrongDM.Online accounts are repositories of sensitive personal information, making it crucial to protect this data from cybercriminals. As credential stuffing attacks become more frequent, it's essential to stay one step ahead of attackers to ensure the security of your employees' and...
AI Deepfake Security Concerns
Blog Published: 06/25/2024
Ken Huang is the CEO of DistributedApps.ai and Co-Chair of the CSA AI Organizational Responsibilities and AI Controls Working Groups. Huang is an acclaimed author of eight books on AI and Web3, a core contributor to OWASP's Top 10 Risks for LLM Applications, and heavily involved in the NIST Gener...
Building Security Around Human Vulnerabilities
Blog Published: 06/25/2024
Written by Benjamin Corll, CISO in Residence, Zscaler.Why are organizations spending money on cybersecurity solutions when studies show 88% of data breaches are caused by human mistakes? If you’re a cybersecurity leader you have probably heard some variation of this question from people skeptical...
How a CNAPP Can Take You from Cloud Security Novice to Native in 10 Steps
Blog Published: 06/25/2024
Originally published by Tenable. Written by Shai Morag. Security professionals are used to protecting on-premises resources, but the cloud is more complex than on-prem – especially in multi-cloud environments. Meanwhile, breaches are happening at a furious pace. The new Tenable 2024 Cloud S...
SEC Clarifies Rules on Disclosure of Cybersecurity Incidents: Here’s What You Need to Know
Blog Published: 06/25/2024
Originally published by BARR Advisory.The Securities and Exchange Commission (SEC) recently published updated guidance for public companies on how and when to disclose cybersecurity incidents.Issued as a follow-up to new rules adopted by the commission last year, the updated guidance is intended ...
CSPM vs ASPM – What’s the Difference?
Blog Published: 06/24/2024
Written by Josh Dreyfus, Director of Product Marketing, ArmorCode.The software security space moves fast, and new acronyms pop up like weeds. Many of them sound similar, even if they do very different things. Take CSPM (Cloud Security Posture Management) and ASPM (Application Security Posture Man...
Dmitri Alperovitch’s Vision for Cyber Defense
Blog Published: 06/24/2024
Originally published by Automox.Episode SummaryIn this episode of the CISO IT podcast, host Jason Kikta interviews Dmitri Alperovitch, author of the book 'World on the Brink' and chairman of Automox's board. They discuss the evolution of IT and cybersecurity over the past few decades, the importa...
Do SOC 2 and ISO 27001 the Right Way with CSA STAR
Blog Published: 06/21/2024
At the CSA Cloud Trust Summit 2024, CSA’s CEO Jim Reavis gave the presentation “Do SOC 2 and ISO 27001 the right way with CSA STAR.” In this condensed transcript of the presentation, Jim provides an overview of the SOC 2 and ISO 27001 frameworks and how they relate to the CSA STAR program. You ca...
