ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

All Articles
Addressing Account Takeovers: Security Leaders Share Their Concerns

Blog Published: 09/03/2024

Originally published by Abnormal Security.Written by Ryan Schwartz.For many security stakeholders, the phrase “account takeover” brings to mind email account compromise. But today’s cloud application ecosystems are increasingly broad, interdependent, and complex. As these apps proliferate—and ...

The State of Cyber Resiliency in Financial Services

Blog Published: 08/29/2024

Written by Troy Leach, Chief Strategy Officer and John Yeoh, Global VP of Research, CSA. Global disruptions, changing regulatory oversight, and emerging AI threats are just some of the issues that cybersecurity professionals must prepare for today. In the upcoming report “Cloud Resiliency in F...

Can You Have Bulletproof Security Without Network Lag? Unveiling the Secret

Blog Published: 09/03/2024

Written by Vaibhav Dutta, Associate Vice President and Global Head - Cybersecurity Products & Services, Tata Communications. Originally published by CRN.Securing a modern enterprise network can feel like a high-wire act. Complex security measures, can slow down critical applications, hinde...

The Top Ten IT Outages in History

Blog Published: 09/03/2024

Editorial Note: The lessons learned and changes that may result from the CrowdStrike incident may take quite some time to fully understand. CSA is providing a platform for member experts to weigh in on this issue. The opinions of this article represent those of the member, not those of CSA.Wri...

The Why and the How of Managed CNAPP

Blog Published: 09/05/2024

Originally published by Tamnoon.Written by Ran Nahmias, CBO, Tamnoon.CNAPP is a fundamental piece of the cloud security puzzle – but poor implementations, lack of in-house expertise, and insufficient prioritization can lead to disappointing outcomes. At a time when security teams are stretched...

Building Secure and Compliant SaaS Apps – Identity Security Best Practices

Blog Published: 09/05/2024

Originally published by CyberArk.Written by Sam Flaster. Do you need to secure high-risk access to the back end of your customer-facing apps? Yes, you do – assuming you care about cybersecurity risk, uptime or compliance with SOC II and NIST and AWS, Azure and GCP architecture frameworks. To...

Mechanistic Interpretability 101

Blog Published: 09/05/2024

Written by Ken Huang, CEO of DistributedApps.ai and VP of Research at CSA GCR.Why are neural networks so notoriously difficult to interpret, and how have researchers attempted to crack this black box in the past? This blog post is an initial attempt to discuss this and introduce Mechanistic In...

Five Levels of Vulnerability Prioritization: From Basic to Advanced

Blog Published: 09/04/2024

Originally published by Dazz.Vulnerabilities are being disclosed at record pace. Since the common vulnerabilities and exposures (CVE) program was established by MITRE in 1999, there have been over 300,000 unique vulnerabilities published - and a significant portion of these have been found in ...

Zero Footprint Attacks: 3 Steps to Bypass EDR with Reflective Loading

Blog Published: 09/04/2024

Originally published by Pentera.EDR (Endpoint Detection and Response) evasion techniques are becoming increasingly common amongst attackers as they evolve their strategies to bypass security measures without being detected. There are many different types of EDR evasion techniques, many of whic...

Discover Cloud Security Services That are Enabled with CSA STAR

Blog Published: 09/06/2024

Cloud computing security services help organizations protect their cloud environments from threats, unauthorized access, data breaches, and other security risks. With a myriad of offerings out there, choosing the right cloud security service can be a daunting task. Fortunately, CSA’s Security,...

AI Regulations on the Horizon: Transforming Corporate Governance and Cybersecurity

Blog Published: 09/10/2024

Written by Sukhomoy Debnath.Corporate Governance in Cybersecurity and GRC:Corporate governance in cybersecurity and GRC involves establishing frameworks to manage cybersecurity strategies aligned with business objectives, legal requirements, and standards. It encompasses setting strategic dire...

Maximize Cloud Security Excellence: The Power of CSA Corporate Membership

Blog Published: 09/10/2024

Written by Martin Hall.Staying on top of cloud security has never been more important for organizations. Since 2009, CSA Corporate Membership has provided invaluable benefits to security, cloud, technology, and business stakeholders.If you’re a solution provider, enterprise organization, or pa...

IDC Analyst Brief Findings: Trust Centers Can Help Organizations Save Time and Accelerate Sales

Blog Published: 09/12/2024

Originally published by Vanta.It's never been more important for organizations to demonstrate their security practices in order to win the trust of customers. ‍Historically, companies have used static web pages to demonstrate their security posture. And while these can act as helpful marketing...

5 Key Data Privacy and Compliance Trends in 2024

Blog Published: 09/13/2024

Originally published by Scrut Automation.SMBs Juggle Compliance, Competition, and Chaos This year has already seen some monumental changes in the works pertaining to data privacy and compliance. SMBs constantly need to make tradeoff and prioritization decisions when it comes to not only these ...

Burdens and Benefits of Shared Security Responsibility Model (SSRM) in Cloud Computing

Blog Published: 09/13/2024

Originally published by CAS Assurance. What is the SSRM?The SSRM is the concept in cloud computing that defines and assigns security responsibilities in the cloud ecosystem between the Cloud Service Providers (CSPs) and the Cloud Service Customers (CSCs). As with many things on the planet ear...

The Top 3 Trends in LLM and AI Security

Blog Published: 09/16/2024

How can enterprises accelerate AI adoption in a safe and secure manner?Originally published by Enkrypt AI.Written by Sahil Agarwal.As a Math PhD scholar and AI expert, I’ve had the pleasure of attending numerous industry conferences and listening to Fortune 100 executives on the latest AI tren...

The Edge Revolution: Transforming Experiences in a Hyperconnected World

Blog Published: 09/17/2024

Originally published by Tata Communications. Written by Neelakantan Venkataraman, Vice President and Global Head - Cloud and Edge Business, Tata Communications. In today’s ever-evolving IT landscape, the surge in data generation and the proliferation of IoT devices have created what we call ...

The DORA Quest: Beware of Vendors with Magic Beans

Blog Published: 09/06/2024

Originally published by Own Company.Written by Matthew O'Neill, Field CTO, Own Company.You can't escape the sheer volume of vendors sharing information about the Digital Operational Resilience Act (DORA) and how buying their tooling will make you compliant, which we all know is nonsense. DORA ...

Pioneering Transparency: Oklahoma’s Proposed Artificial Intelligence Bill of Rights

Blog Published: 09/06/2024

Originally published by Truyo.In the ever-evolving landscape of technology, the emergence of artificial intelligence (AI) has brought both promise and challenge. With AI permeating various aspects of our lives, from customer service interactions to content creation, ensuring transparency, acco...

7 Most Commonly Asked PCI Compliance Questions

Blog Published: 09/09/2024

Originally published by CyberGuard Compliance.Ignorance is not an excuse for failing a PCI DSS audit or, worse yet, being victimized by a data breach. The Payment Card Industry Data Security Standard (PCI DSS) clearly defines responsibilities and guidelines for protecting sensitive information...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.