Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Align cybersecurity controls with evolving regulations and make a real impact in the industry. Join CSA's Regulatory Analysis and Compliance Engineering Working Group!

All Articles

Home
All Articles
Living-off-the-Land Attack: PowerDrop

Blog Published: 07/27/2023

Originally published by ThreatLocker.On June 6, 2023, Adlumin Threat Research discovered a living-off-the-land attack, PowerDrop, using a malicious PowerShell script to target the US aerospace industry. LOTL attacks leverage powerful built-in tools to masquerade as legitimate processes. Ther...

Authenticating the Authenticators: A Zero Trust Thought Experiment

Blog Published: 07/26/2023

Quis custodiet ipsos custodes?This first-century Latin phrase translates as “Who watches the watchmen?”, and has made its way through classical philosophy and into popular culture. (Fellow Watchmen fans, I’m thinking of you). Fast-forwarding 2,000 years into our familiar domain of information ...

Generative AI: Proposed Shared Responsibility Model

Blog Published: 07/28/2023

Overview Large Language Models (LLMs) have gained attention due to the recent burst in popularity of ChatGPT, a consumer-centric chatbot released by OpenAI which uses Generative AI capabilities. The impact of ChatGPT on companies and enterprises has been huge, as has been the impact of the op...

The Essential Capabilities of a DSPM Solution

Blog Published: 08/01/2023

Originally published by Laminar. Written by Lisa Bilawski, Director of Content Marketing, Laminar. There’s been a worldwide shift from on-premises to cloud storage and a boom in data democratization (making data accessible and usable across the entire organization). These two shifts have resul...

Mitigating Risks and Optimizing Benefits in Vendor Consolidation

Blog Published: 08/02/2023

Written by G Kiran Raju, Microsoft Ecosystem, Business Development & Product Offerings, Cybersecurity & GRC Services, HCLTech and David Branscome, Global Partner Solutions Architect – Security, Microsoft. With an accelerating pace of technological innovation, organizations face a doubl...

How Zero Trust Can Enable Digital Trust

Blog Published: 08/02/2023

Originally published by DigiCert. Written by Jason Sabin. Digital trust and zero trust are both common cybersecurity phrases, but what do they mean and what is the difference between them?In our connected world where everything is online, traditional boundaries no longer apply and neither do t...

In the Age of Innovation, Does Security Hold the Key?

Blog Published: 08/03/2023

CSA recently conducted a survey delving into the intersection of security and innovation. Our mission with this study was to untangle the intricate relationship between security and innovation, shedding light on how security is perceived within the organizational framework, its role in driving...

Cloud Security Alliance Research Reveals Relationship Between Security and Innovation

Press Release Published: 08/03/2023

Research sponsored by Expel provides surprising insights into shifting cloud security strategies and trendsHerndon, Va., August 3, 2023 – Expel, the security operations provider that aims to make security easy to understand, use and improve, today unveiled a new report, “Security-Enabled Innov...

API Security: The Fabric of the Future

Blog Published: 08/03/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. We cannot solve our problems with the same thinking we used when we created them." - Albert EinsteinThe digital landscape is transforming at a breakneck pace. The next frontier? API security. In our inte...

PCI Compliance Explained - Secure Your Credit Card Information Successfully

Blog Published: 08/04/2023

Originally published by BARR Advisory. Written by Kyle Cohlmia. According to the 2023 Verizon Data Breach Investigations Report (DBIR), financial motive was the motivation for 95% of the past year’s data breaches. In today’s business world, it only takes the tap of a card or click of a button ...

PoC Exploit: Fake Proof of Concept with Backdoor Malware

Blog Published: 08/04/2023

Originally published by Uptycs. Threat Researchers: Nischay Hegde and Siddartha Malladi. A deceptive twist has appeared within cybersecurity norms—a proof of concept (PoC) that, rather than demonstrating a vulnerability, stealthily harbors a hidden backdoor. Recently discovered by the Uptycs t...

How Do You Protect Your Data in the Age of Hybrid Work?

Blog Published: 08/07/2023

Written by Sundaram Lakshmanan, Chief Technology Officer, Lookout. We live in an age where hybrid work and bring-your-own-device (BYOD) programs have become the norm. The result is that you’re tasked with protecting your data in an environment that’s far more complex than in the past. With m...

Startups Don’t Need Cyber Security (Or Do They?)

Blog Published: 08/07/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director, NCC Group. Every new day seems to reveal news of yet another data breach or ransomware attack. CNET published a great article towards the end of 2019 cataloging the major data breaches last year. While I won’t nam...

Who’s Who in Cloud Security? CSPM, CIEM, CWPP & CNAPP Explained

Blog Published: 08/08/2023

Originally published by Sysdig. Written by Alba Ferri. Cloud Native Application Protection Platforms – or CNAPP solutions – are steadily gaining traction as the best solutions to address Cloud Native security.Regardless of your cloud adoption maturity (whether you’re PoC-ing some services in t...

Secrets of Securing Intellectual Property (IP) in the Cloud

Blog Published: 08/08/2023

Written by Satish Govindappa. In this article, we will explore the risks, challenges, and strategies for effectively securing intellectual property (IP) in the cloud, as it’s related to the modern chip design industry. I will also share 7 pillars (the Secret Recipe) for successfully protecting...

Behind The Breach: Self-Service Password Reset (SSPR) Abuse in Azure AD

Blog Published: 08/09/2023

Originally published by Obsidian Security.In several recent investigations of SaaS security incidents, the Obsidian threat research team identified a novel attack vector in the wild: abuse of the Azure AD self-service password reset (SSPR) feature.With the glaring lack of coverage around this ...

Are Hybrid Workers at More Risk of Cyber Threats?

Blog Published: 08/10/2023

Originally published by ThreatLocker. Introduction Did you know that in 2023, 74% of US companies support or plan to support hybrid workers? The global COVID-19 pandemic shut down enterprises worldwide, forcing companies to devise creative ways to maintain business productivity while keeping w...

How to Overcome the Challenges of Legacy Identity Migration

Blog Published: 08/09/2023

Written by Eric Olden, CEO of Strata Identity. Originally published on Forbes. Identity has always been the cornerstone for controlling access to the apps and data employees and customers need. And with the advent of cloud computing, managing identity now requires organizations to reconcile th...

Cybersecurity: Where Do Canadian Companies Stand?

Blog Published: 08/09/2023

Written by NOVIPRO. The widespread adoption of remote work has disrupted Canadian companies’ cybersecurity practices. However, according to the latest IT Landscape in Canadian Small, Medium, and Large Enterprises 2023 report, few companies appear ready to invest more in protecting their and...

Joe Sullivan to Share His Perspective on the Existential Challenges of Being a CISO at Cloud Security Alliance’s SECtember 2023

Press Release Published: 08/10/2023

Former Uber CSO will draw on personal experience to help security leaders navigate crossroads of stringent regulations and corporate and personal riskSEATTLE – Aug. 10, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, a...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
142
143
144
146
148
149
150
Last »