Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
How CSA Corporate Membership Enhances Your STAR Submission

Blog Published: 07/09/2024

In today’s digital age, cloud security is more important than ever. Organizations are looking for cloud service providers that not only meet but exceed security standards. The CSA STAR (Security, Trust, Assurance and Risk) Registry is a valuable resource that highlights service providers who a...

Buckle Up: BEC and VEC Attacks Target Automotive Industry

Blog Published: 07/15/2024

Originally published by Abnormal Security.Written by Mick Leach.While every organization across every vertical is at risk of experiencing advanced email attacks, there are certain industries that, for various reasons, periodically become the go-to target for threat actors. Our research reveale...

Data Breach Accountability: Who’s to Blame?

Blog Published: 07/16/2024

Written by Chad Walter, CRO, Paperclip. Data breaches have surged in frequency and cost—to the tune of $8 trillion dollars globally in 2023. And this isn’t just impacting the companies who are breached; these costs impact customer trust and contribute to global inflation. We are also seeing ...

New Cloud Security Guidance from CSA

Blog Published: 07/17/2024

In the last seven years, several revolutionary developments have occurred in the cloud computing industry. Considering the impact of these changes, CSA has released a new version of our Security Guidance for Critical Areas of Focus in Cloud Computing. We have completely revamped this updated 5...

The Cybersecurity Tower of Babel Requires Focus on Business Fundamentals: Part 2

Blog Published: 07/25/2024

Written by Elad Yoran & Patricia Schouker. Enterprises are facing a great deal of change driven by the recent proliferation of security tools. With so many solutions needed to cover different portions of the environment, the result has been the fragmentation of enterprise security into a c...

Streamlining Compliance: Leveraging OSCAL Automation for Effective Risk Management

Blog Published: 07/16/2024

Originally published by RegScale.Written by Esty Peskowitz.Navigating FedRAMP compliance complexities is growing more challenging by the day. The use of automation in everyday activities has become a necessity for security professionals. During a fireside chat at Coalfire’s RAMPCon event on Ju...

Hacking Paris 2024: Olympic Cyber Threats

Blog Published: 07/11/2024

Originally published by CXO REvolutionaries. Written by Rob Sloan, VP, Cybersecurity Advocacy, Zscaler.Despite repeated predictions of cyber-fueled chaos at the Olympic and Paralympic Games since at least 2004, to date, no Olympics has ever been significantly disrupted. There is reason to beli...

Analysis of the 2024 Verizon Data Breach Investigations Report

Blog Published: 07/12/2024

Originally published by BARR Advisory.The 2024 Verizon Data Breach Investigations Report (DBIR)—an annual report examining dominant trends in data breaches and cyberattacks throughout the world—is now out for review. Verizon began releasing this report in 2008, and throughout its tenure it has...

Revamping Third Party Vendor Assessments for the Age of Large Language Models

Blog Published: 07/10/2024

Written by MJ Schwenger, Member of the CSA AI Working Group.Originally published on LinkedIn.Introduction The increasing adoption of Large Language Models (LLMs) in the supply chain presents a new challenge for traditional Third-Party Vendor Security Assessments (TPVRAs). This blog explores ...

Cloud Security Alliance Announces 2024 Chapter Ambassadors List

Press Release Published: 07/11/2024

Annul program recognizes individuals who best exemplify CSA valuesSEATTLE – July 11, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, is pleased to...

Non-Human Identity Management

Blog Published: 07/15/2024

Originally published by Oasis.Non-human identities, or NHIs, serve as digital gatekeepers, enabling secure machine-to-machine and human-to-machine access and authentication within modern enterprise systems. The push for innovation has led to the adoption of microservices, third-party solutions...

3 Reasons Data Access & Data Classification Are Crucial

Blog Published: 07/17/2024

Originally published by Cyera. Written by Jaye Tillson.The digital revolution has irrevocably transformed our world. From the constant stream of social media updates to the ever-growing network of internet-connected devices, we generate a staggering amount of data every single day. Experts at ...

Assessment, Remediation, and Certification Framework for Anything as a Service (XaaS) Products

Blog Published: 07/19/2024

Written by the CSA Enterprise Authority to Operate (EATO) Working Group.Introduction by Jim Reavis, CEO of the Cloud Security AllianceI would say that a lesson learned from spending many years in the cybersecurity industry is that one-size-fits-all solutions are rarely the approach we need to ...

CSA Working Group Interview: Zero Trust Research with Solutions Architect Vaibhav Malik

Blog Published: 07/22/2024

Zero Trust is one of the most widely talked about cybersecurity trends today and is instrumental for raising the cybersecurity baseline and eliminating risk. Through the Zero Trust Advancement Center and Zero Trust Working Group, CSA aims to develop consistent Zero Trust standards. The Zero Tr...

The Leadership Tightrope: Why Leading in Today's Workforce is a Balancing Act

Blog Published: 07/17/2024

Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.Leadership. It's a word that's often tossed around (as if we all understand what it is and how it’s performed). Yet, truly effective leaders are very hard to find. Some might see leadership as a natura...

Breach Debrief: Twilio’s Authy Breach is a MFA Wakeup Call

Blog Published: 07/18/2024

Originally published by Adaptive Shield.Inside the HackEarlier this week, Twilio issued a security alert informing customers that hackers had exploited a security lapse in the Authy API to verify Authy MFA phone numbers. Hackers were able to check if a phone number was registered with Authy by...

Integrating PSO with AI: The Future of Adaptive Cybersecurity

Blog Published: 07/23/2024

Written by Sayali Paseband, Senior Security Consultant, Verisk.In the ever-evolving landscape of cybersecurity, where threats are becoming more sophisticated, advanced, and pervasive, conventional defense mechanisms are no longer sufficient. We need to develop new technologies and innovations ...

Asking the Right Questions About ASPM

Blog Published: 07/24/2024

Originally published by Dazz.You may have heard this Gartner stat: 40% of organizations developing proprietary applications will adopt ASPM by 2026. In the next two years do you have a plan in place for adopting an ASPM solution? Noah Simon, Head of Product Marketing at Dazz recently hosted a ...

10 Important Questions to Add to Your Security Questionnaire

Blog Published: 07/18/2024

Originally published by Vanta.The technology your organization uses is integral to its success. When selecting vendors, security should be at the forefront of your decision. A strong vendor review process is crucial for selecting partners that align with your company's security goals, and secu...

Enhancing AI Reliability: Introducing the LLM Observability & Trust API

Blog Published: 07/19/2024

Written by CSA Research Analysts Marina Bregkou and Josh Buker.Based on the idea presented by Nico Popp in ‘A trust API to enable large language models observability & security (LLMs)’.IntroductionLarge Language Models (LLMs) are becoming integral to numerous applications, from chatbots t...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
173
174
175
177
179
180
181
Last »