Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Participate in the CSA Top Threats to Cloud Computing 2025 peer review to help shape industry insights!

All Articles

Home
All Articles
CSA Community Spotlight: Establishing Cloud Security Standards with Dr. Ricci Ieong

Blog Published: 04/03/2024

CSA began establishing standards for cloud security assurance and compliance back in 2009, when the company was officially incorporated and we released the first version of our cloud security best practices. The following year, we developed the Cloud Controls Matrix (CCM), and in 2012, the CSA...

CSA Turns 15: Kicking Off the Next 85 Years of Cloud Security Excellence

Blog Published: 04/04/2024

As we celebrate the 15th anniversary of the Cloud Security Alliance (CSA), I'm compelled to marvel at our journey from ambitious upstarts to a critical global stakeholder for cybersecurity. Our goal, audacious as it may sound, is not just to leave a mark on the cloud security landscape, but to...

Why Cyber Defenders Should Embrace a Hacker Mindset

Blog Published: 04/10/2024

Originally published by Pentera. Written by Nelson Santos. Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introd...

Securing Non-Human Identities: Lessons from the Cloudflare Breach

Blog Published: 04/10/2024

Originally published by Oasis Security. Written by Roey Rozi, Director of Solutions Architecture, Oasis Security. Cloudflare disclosed on February 2nd that it had been breached by a suspected nation-state attacker. This breach exploited multiple unrotated and exposed secrets. The chain of even...

Building a SOC for Compliance

Blog Published: 04/11/2024

Originally published by RegScale.There are not many things I have hated in my professional life more than getting surprised in an audit. It is embarrassing, damages your credibility, and makes it harder to accomplish your strategic goals as you get distracted by fighting the small forest fires...

Artificial Intelligence and Cybersecurity: What to Know Right Now

Blog Published: 03/29/2024

Originally published by Schellman.Similar to the way the launch of the first satellite, Sputnik, both introduced a new technology era—the space race—and raised some alarm, the ongoing adoption of generative artificial intelligence (AI) is beginning to permeate industries worldwide, prompting q...

The Elephant in the Cloud

Blog Published: 03/29/2024

Originally published by Pentera.Written by Aviv Cohen.As much as we love the cloud, we fear it as well.We love it because cloud computing services of Amazon, Azure, and Google have transformed operational efficiency and costs, saving us money, time, and alleviating much of the IT burden. We al...

UN AI Resolution, EU AI Act, and Cloud Security Alliance's Recent Efforts: White Paper on AI Organizational Responsibility for Core Security

Blog Published: 04/01/2024

Updated 5/8/24.In a world where artificial intelligence (AI) is rapidly becoming an integral part of our lives, ensuring its secure and responsible development and deployment is more critical than ever. The Cloud Security Alliance (CSA) has taken a significant step forward in this direction wi...

Mapping the Impact of Cloud Remediation

Blog Published: 04/09/2024

Originally published by Tamnoon. Written by Michael St.Onge, Principal Security Architect, Tamnoon. What is impact analysis?Performing an impact analysis is a critical step in the cloud remediation process that employs methodical techniques to answer the questions: “What might go wrong if we i...

Evaluate the Security of Your Cloud Service Provider with the CSA STAR Registry

Blog Published: 04/13/2024

The CSA STAR Registry is kind of a big deal in the cloud security world. It's a global database filled with over 2,000 assessments completed by cloud service providers (CSPs), documenting their security, privacy, and governance policies. Anyone can access the Registry for free to find cloud se...

10 Tips to Guide Your Cloud Email Security Strategy

Blog Published: 04/17/2024

Originally published by Abnormal Security. Written by Lane Billings. As enterprises have migrated to Microsoft 365 and Google Workspace, they’ve seen the perks: easy collaboration, greater agility, and lower costs.But for most organizations, the challenge of determining how to keep data protec...

“Toxic Combinations” are Inadequate: A Case Study

Blog Published: 04/02/2024

Originally published by Skyhawk Security.Written by Chen Burshan, CEO, Skyhawk Security.Posture management has turned into an exercise in prioritization, but this hasn’t made us safer.If a Tree Falls in the Forest…We all know the adage, “If a tree falls in the forest and nobody is there to hea...

The Secret to Supercharging LLMs: It's Not Answers, It's Questions

Blog Published: 04/10/2024

Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance & Compliance Working Group.Stop talking to your AI, start collaborating with it. Prompt engineering is the key to unlocking the full potential of LLMs. This mastery of questioning is so valuable that a prompt engineer may ea...

Ensuring Trust and Compliance: The Importance of Accredited Auditors for ISO 27001

Blog Published: 04/11/2024

Originally published by BARR Advisory.Written by Cameron Kline, Director, Attest Services, BARR Advisory.As an internationally recognized certification, ISO 27001 is one of the most highly regarded and thorough cybersecurity assessments an organization can undergo. Achieving and maintaining an...

Cloud Security Alliance Artificial Intelligence (AI) Webinar Series Will Address Pivotal Cloud Computing Topics in Leadup to AI Summit at RSA

Press Release Published: 04/02/2024

Thought-leadership webinars to provide key insights on elevating organizations’ cybersecurity postureSEATTLE – April 2, 2024 – Throughout the month of April, the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices ...

Privacy Isn't Just About Data: It's About Dignity

Blog Published: 04/02/2024

Written by Dr. Chantal Spleiss, CSA AI Governance and Compliance Working Group Co-Chair.The consequences of a privacy breach extend far beyond data loss, potentially triggering deep feelings of shame. Less than 15% of countries do not have or are drafting a privacy law emphasizing the huge imp...

Designed to Deceive: 6 Common Look-alike Domain Tactics

Blog Published: 04/03/2024

Originally published by Abnormal Security.Written by Mick Leach.With threat actors lurking around every digital corner, it can sometimes make scrolling through an inbox feel like traversing a minefield. Employing various strategies to deceive their targets, attackers count on end-user oversigh...

Threats to Water: The Achilles’ Heel of Critical Infrastructure

Blog Published: 04/08/2024

Originally published by CXO REvolutionaries.Written by David Cagigal, Former CIO of the State of Wisconsin.Recent cyberattacks on the water industry raise the prospect of more frequent, widespread, damaging incidents that threaten disruption to lives and livelihoods. I know the chaos that stem...

Detecting Compromised Accounts in Microsoft 365

Blog Published: 04/04/2024

Originally published by InsiderSecurity.IntroductionIn today's digital age, cybersecurity is of paramount importance, with organizations facing an ever-evolving landscape of cyber threats and attacks. InsiderLab (our dedicated team of cybersecurity experts) conducts in-depth research and analy...

Cloud Relationships: Getting to Grips With the ‘Vendor of My Vendor’

Blog Published: 04/15/2024

Written by Thales.Over the course of centuries, we have learned a valuable lesson: building walls or burying treasure on shifting sand brings no advantages. This timeless wisdom can be applied to the present era, where businesses struggle to find the perfect storage solution for their data, wh...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
164
165
166
168
170
171
172
Last »