Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
CSA Community Spotlight: Promoting Data Security Best Practices with Compliance Officer Rocco Alfonzetti, Jr.

Blog Published: 09/25/2024

Celebrating 15 years of advancing cloud security, CSA has established itself as a leader in defining best practices and fostering collaboration within the industry. Since its founding in 2009, CSA's success has been deeply rooted in the innovative work of its research working groups, which dri...

How to Set Up Your First Security Program

Blog Published: 09/26/2024

Originally published by Vanta.There's no one size fits all when it comes to setting up your organization’s first security program. Each organization has a unique set of business needs, guardrails to implement, and data it needs to protect, which is why it’s important to remember that every sec...

How to Prepare for Inevitable Risks to Your SaaS Data

Blog Published: 09/26/2024

Written by Mike Melone, Sr. Content Marketing Manager, Own Company.The phrase "it's not if, it's when" has been echoed in cybersecurity circles for years, but it’s never rang truer than it does now. In Q2 2024, Check Point Research saw a 30% YoY increase in cyber attacks globally, reaching 1,6...

Overcoming Challenges in Governing Scanner Adoption - Step by Step

Blog Published: 09/19/2024

Originally published by Dazz.IntroductionReady to tackle a challenging topic for DevSecOps and security teams in the application security space? Ready or not—let’s talk about increasing and governing the adoption of scanners.The Application Security ProcessApplication security is a labyrinth w...

The Cloud Security Layer Cake: Modern Use Cases for PAM

Blog Published: 09/19/2024

Originally published by CyberArk.Written by Sam Flaster.Warm. Rich. Chocolatey. The way I see it, a proper chocolate layer cake is the best sensory experience a human can have. Let’s go a bit further still: good chocolate cake is the height of human achievement.In the world of enterprise IT, o...

Continuous Compliance Monitoring: A Must-Have Strategy

Blog Published: 09/23/2024

Originally published by BARR Advisory. Written by Cody Hewell and Brett Davis. A report by Proofpoint indicated that nearly 70% of CISOs feel their organization is at risk of experiencing a material cyber attack in the next 12 months. While annual assessments and audits will help your organiz...

Is Your Production Data Secure? That’s a Hard NO.

Blog Published: 09/23/2024

Originally published by Paperclip.Written by Mike Bridges.The culture of cybersecurity and data protection is broken. Let’s look at it from a unique point of view. You’ve got an employee who is terrible at their job, consistently makes mistakes, and puts the company in harm’s way. Even worse, ...

8 Ways to Reduce Data Storage Costs

Blog Published: 09/24/2024

Originally published by Normalyze.Written by Vamsi Koduru.Many organizations don’t store their data. They hoard data.Too often, organizational data accumulates in a never-ending cycle of unnecessary duplication and hoarding. As a result, they suffer ever-growing data storage fees and significa...

What is the CSA STAR Program? An Intro for Beginners

Blog Published: 09/24/2024

Has someone brought up the CSA STAR Program or the CSA Cloud Controls Matrix and you have no idea what that means? This blog is the place to start for all of you non-IT professionals and cloud newbies.Cloud computing is a way to access computer resources (including networks, servers, storage, ...

AI Regulation in the United States: CA’s ADMT vs American Data Privacy and Protection Act

Blog Published: 09/24/2024

Originally published by Truyo.In the evolving landscape of artificial intelligence (AI) regulation, the United States finds itself at a crossroads, with two significant pieces of legislation vying to shape the future of AI governance: the California Automated Decisionmaking Technology law and ...

What are the Benefits of a Social Engineering Campaign?

Blog Published: 09/25/2024

Originally published by Schellman.For as long as the concept of cybersecurity has been around, much of the focus has centered on sophisticated technical controls—firewalls, password strength, network segmentation, endpoint protection, encryption, etc. And while implementation and regular testi...

Massive NHI Attack: 230 Million Cloud Environments Were Compromised

Blog Published: 09/27/2024

Originally published by Astrix.Massive NHI Attack: Insecure AWS Stored Credentials Lead to Compromise of 230 Million Cloud Environments. Researchers from Unit 42 have uncovered a sophisticated and large-scale cyberattack targeting over 230 million AWS, cloud and SaaS environments. The attack e...

When Walls Crumble: A CISO's Guide to Post-Breach Recovery

Blog Published: 09/30/2024

Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.Let's face it, folks – breaches happen. As a CISO (as much as it pains me to say), this is unlikely to change in the near future. Even organizations with the "best" defenses are occasionally overwhelme...

Implementing the Shared Security Responsibility Model in the Cloud

Blog Published: 09/27/2024

CSA's Cloud Trust Summit 2024 featured an expert panel discussion about v2 of our CCM v4.0 Implementation Guidelines. Led by CSA's Lefteris Skoutaris, the panelists included:David Skrdla, Senior IT Auditor, Internal Audit, American Fidelity Corp/CamGen PartnersKerry Steele, Principal, Payments...

How Multi-Turn Attacks Generate Harmful Content from Your AI Solution

Blog Published: 09/30/2024

A simple yet powerful way to break Generative AI chatbots Written by Satbir Singh, Enkrypt AI.Generative AI models have improved detecting and rejecting malicious prompts. And most models have basic safety alignment training to avoid responding to queries such as: “How can I commit fina...

Shielding Yourself from Phishing - Identifying and Dodging Typical Schemes

Blog Published: 10/01/2024

Written by Abel E. Molina, Softchoice. "Those who fail to learn from history are condemned to repeat it." - W. ChurchillThe above quote feels especially pertinent in cybersecurity, where gleaning lessons from prior breaches strengthens our future defenses. With Cybersecurity Month upon us, the...

Empowering BFSI with Purpose-Built Cloud Solutions

Blog Published: 10/01/2024

Originally published by Tata Communications. Written by Rajesh Awasthi, VP & Global Head of Managed Hosting and Cloud Services, Tata Communications. India's financial sector is undergoing a profound transformation, driven by a confluence of technological advancements, regulatory changes,...

What ‘Passwordless’ Really Means for Privileged Access Management

Blog Published: 10/03/2024

Originally published by CyberArk.Written by Sam Flaster.Privileged access management (PAM) programs aim to secure the highest-risk access in an organization, including using privileged credentials like passwords, SSH keys and application secrets. So, how can PAM and identity security teams pre...

AI Legal Risks Could Increase Due to Loper Decision

Blog Published: 10/03/2024

Written by Dan Stocker, with contributions from the CSA AI Governance and Compliance Working Group.AI and regulationIn just a short few years, artificial intelligence (AI) has gone through a massive hype cycle, and is entering a period where it will directly impact the broader population. Ther...

Secure by Design: Implementing Zero Trust Principles in Cloud-Native Architectures

Blog Published: 10/03/2024

Written by Vaibhav Malik, Global Partner Solutions Architect, Cloudflare.Organizations are increasingly adopting AI-native application workloads in the rapidly evolving landscape of cloud computing and AI. These innovative solutions, powered by advanced technologies like large language models ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
180
181
182
184
186
187
188
Last »