Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Building a SOC for Compliance

Blog Published: 04/11/2024

Originally published by RegScale.There are not many things I have hated in my professional life more than getting surprised in an audit. It is embarrassing, damages your credibility, and makes it harder to accomplish your strategic goals as you get distracted by fighting the small forest fires...

Artificial Intelligence and Cybersecurity: What to Know Right Now

Blog Published: 03/29/2024

Originally published by Schellman.Similar to the way the launch of the first satellite, Sputnik, both introduced a new technology era—the space race—and raised some alarm, the ongoing adoption of generative artificial intelligence (AI) is beginning to permeate industries worldwide, prompting q...

The Elephant in the Cloud

Blog Published: 03/29/2024

Originally published by Pentera.Written by Aviv Cohen.As much as we love the cloud, we fear it as well.We love it because cloud computing services of Amazon, Azure, and Google have transformed operational efficiency and costs, saving us money, time, and alleviating much of the IT burden. We al...

UN AI Resolution, EU AI Act, and Cloud Security Alliance's Recent Efforts: White Paper on AI Organizational Responsibility for Core Security

Blog Published: 04/01/2024

Updated 5/8/24.In a world where artificial intelligence (AI) is rapidly becoming an integral part of our lives, ensuring its secure and responsible development and deployment is more critical than ever. The Cloud Security Alliance (CSA) has taken a significant step forward in this direction wi...

Mapping the Impact of Cloud Remediation

Blog Published: 04/09/2024

Originally published by Tamnoon. Written by Michael St.Onge, Principal Security Architect, Tamnoon. What is impact analysis?Performing an impact analysis is a critical step in the cloud remediation process that employs methodical techniques to answer the questions: “What might go wrong if we i...

Evaluate the Security of Your Cloud Service Provider with the CSA STAR Registry

Blog Published: 04/13/2024

The CSA STAR Registry is kind of a big deal in the cloud security world. It's a global database filled with over 2,000 assessments completed by cloud service providers (CSPs), documenting their security, privacy, and governance policies. Anyone can access the Registry for free to find cloud se...

10 Tips to Guide Your Cloud Email Security Strategy

Blog Published: 04/17/2024

Originally published by Abnormal Security. Written by Lane Billings. As enterprises have migrated to Microsoft 365 and Google Workspace, they’ve seen the perks: easy collaboration, greater agility, and lower costs.But for most organizations, the challenge of determining how to keep data protec...

“Toxic Combinations” are Inadequate: A Case Study

Blog Published: 04/02/2024

Originally published by Skyhawk Security.Written by Chen Burshan, CEO, Skyhawk Security.Posture management has turned into an exercise in prioritization, but this hasn’t made us safer.If a Tree Falls in the Forest…We all know the adage, “If a tree falls in the forest and nobody is there to hea...

The Secret to Supercharging LLMs: It's Not Answers, It's Questions

Blog Published: 04/10/2024

Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance & Compliance Working Group.Stop talking to your AI, start collaborating with it. Prompt engineering is the key to unlocking the full potential of LLMs. This mastery of questioning is so valuable that a prompt engineer may ea...

Ensuring Trust and Compliance: The Importance of Accredited Auditors for ISO 27001

Blog Published: 04/11/2024

Originally published by BARR Advisory.Written by Cameron Kline, Director, Attest Services, BARR Advisory.As an internationally recognized certification, ISO 27001 is one of the most highly regarded and thorough cybersecurity assessments an organization can undergo. Achieving and maintaining an...

Cloud Security Alliance Artificial Intelligence (AI) Webinar Series Will Address Pivotal Cloud Computing Topics in Leadup to AI Summit at RSA

Press Release Published: 04/02/2024

Thought-leadership webinars to provide key insights on elevating organizations’ cybersecurity postureSEATTLE – April 2, 2024 – Throughout the month of April, the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices ...

Privacy Isn't Just About Data: It's About Dignity

Blog Published: 04/02/2024

Written by Dr. Chantal Spleiss, CSA AI Governance and Compliance Working Group Co-Chair.The consequences of a privacy breach extend far beyond data loss, potentially triggering deep feelings of shame. Less than 15% of countries do not have or are drafting a privacy law emphasizing the huge imp...

Designed to Deceive: 6 Common Look-alike Domain Tactics

Blog Published: 04/03/2024

Originally published by Abnormal Security.Written by Mick Leach.With threat actors lurking around every digital corner, it can sometimes make scrolling through an inbox feel like traversing a minefield. Employing various strategies to deceive their targets, attackers count on end-user oversigh...

Threats to Water: The Achilles’ Heel of Critical Infrastructure

Blog Published: 04/08/2024

Originally published by CXO REvolutionaries.Written by David Cagigal, Former CIO of the State of Wisconsin.Recent cyberattacks on the water industry raise the prospect of more frequent, widespread, damaging incidents that threaten disruption to lives and livelihoods. I know the chaos that stem...

Detecting Compromised Accounts in Microsoft 365

Blog Published: 04/04/2024

Originally published by InsiderSecurity.IntroductionIn today's digital age, cybersecurity is of paramount importance, with organizations facing an ever-evolving landscape of cyber threats and attacks. InsiderLab (our dedicated team of cybersecurity experts) conducts in-depth research and analy...

Cloud Relationships: Getting to Grips With the ‘Vendor of My Vendor’

Blog Published: 04/15/2024

Written by Thales.Over the course of centuries, we have learned a valuable lesson: building walls or burying treasure on shifting sand brings no advantages. This timeless wisdom can be applied to the present era, where businesses struggle to find the perfect storage solution for their data, wh...

Cloud Gaming and Data Security: Balancing Fun and Privacy

Blog Published: 04/12/2024

Written by Ashwin Chaudhary, CEO, Accedere.Cloud gaming, also known as game streaming, has revolutionized the gaming industry. It allows players to enjoy high-quality games without the need for powerful local hardware. However, this convenience comes with its own set of security challenges. ...

The Widening Overlap Between Cloud Workloads and Cybersecurity

Blog Published: 04/17/2024

Written by David Balaban.There’s no denying that the cloud has revolutionized the way businesses operate, offering on-demand scalability, greater agility, and reduced IT infrastructure costs. To the average organization, a shift from on-prem to cloud-based is truly a quantum leap in terms of b...

Kernel Introspection from Linux to Windows

Blog Published: 04/18/2024

Originally published by Sysdig.Written by Nigel Douglas.The cybersecurity landscape is undergoing a significant shift, moving from security tools monitoring applications running within userspace to advanced, real-time approaches that monitor system activity directly and safely within the kerne...

The Modern Data Stack Has Changed the Security Landscape

Blog Published: 04/05/2024

Written by Uday Srinivasan, CTO, Acante.The way businesses analyze, transform and share data has radically changed over the past few years. We are in the post-Hadoop era with the Apache Software Foundation retiring over 10 Hadoop-related projects over the last three years. The shift of enterpr...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
164
165
166
168
170
171
172
Last »