Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Cloud Security Alliance Issues Comprehensive Guidelines for Auditing Artificial Intelligence (AI) Systems, Beyond Compliance

Press Release Published: 11/14/2024

Paper presents a holistic overview and applicable methodology for impartially assessing intelligent systemsSEATTLE – Nov. 14, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure c...

How AI Changes End-User Experience Optimization and Can Reinvent IT

Blog Published: 11/15/2024

Originally published by CXO Revolutionaries.Written by Christopher Jablonski, Director, CXO REvolutionaries & Community.Improving the user experience is a top priority as businesses adapt to hybrid work, increase usage of SaaS applications, and new business demands. Everyone — employees, p...

Group-Based Permissions and IGA Shortcomings in the Cloud

Blog Published: 11/18/2024

Originally published by Britive.Groups make it easier to assign permissions to multiple users at once, reducing the administrative burden and shortening delays on getting appropriate levels of access. Traditional identity governance and administration (IGA) solutions have been pivotal in manag...

Managing AI Risk: Three Essential Frameworks to Secure Your AI Systems

Blog Published: 11/19/2024

Originally published by BARR Advisory.Artificial intelligence (AI) is transforming the way businesses operate across industries, driving advancements in automation, decision-making, and customer experiences. From healthcare to finance, AI has unlocked new opportunities for efficiency and innov...

Why Application-Specific Passwords are a Security Risk in Google Workspace

Blog Published: 11/19/2024

Originally published by Valence.Written by Jason Silberman.The digital world is constantly changing, and with it, the methods used to secure sensitive information. Decisions made years ago continue to shape today’s landscape. The inception of Gmail by Google marked a pivotal moment in history,...

Top Threat #5 - Third Party Tango: Dancing Around Insecure Resources

Blog Published: 11/18/2024

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether...

CSA Community Spotlight: Addressing Emerging Security Challenges with CISO Pete Chronis

Blog Published: 11/18/2024

As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we reflect on the pivotal role CSA volunteers and contributors have played in shaping the future of cloud security. Founded in 2009, CSA quickly established itself as an instrumental leader in the cloud security space, dedic...

Cloud Security Alliance Announces Winners of the 2024 Juanita Koilpillai Awards

Press Release Published: 11/20/2024

Award honors volunteers for their valuable contributions towards fulfilling CSA’s mission of promoting best practices to help ensure a secure cloud computing environmentSEATTLE – Nov. 20, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raisi...

The Lost Art of Visibility, in the World of Clouds

Blog Published: 11/20/2024

Written by Vito Nozza, Softchoice.“The power of visibility can never be underestimated” Margaret ChoAs many of you have read my past blogs, I like to quote individuals who have had experience in certain subjects. Although the above quote was meant for a different context, it bears true for thi...

It’s Time to Split the CISO Role if We Are to Save It

Blog Published: 11/22/2024

Originally published by CXO REvolutionaries.Written by David Cagigal, Former CIO of the State of Wisconsin.The chief information security officer role carries with it huge responsibility. Today's CISOs manage a 24/7 cybersecurity operation, stay ahead of cybercriminals, and comply with an ever...

5 Big Cybersecurity Laws You Need to Know About Ahead of 2025

Blog Published: 11/20/2024

Originally published by Schellman.Written by Jordan Hicks.Generally, with new cybersecurity regulations, organizations affected are provided a “grace period” to make the necessary adjustments to achieve full compliance before enforcement begins. Looking toward the horizon and 2025, many new la...

AI-Powered Cybersecurity: Safeguarding the Media Industry

Blog Published: 11/20/2024

Written by Satyavathi Divadari, Founder and President of the CSA Bangalore Chapter, in collaboration with the AI Technology and Risk Working Group.In the fast-paced world of media, where delivering authentic news quickly is essential, cybersecurity plays a critical role in protecting data, ens...

A Vulnerability Management Crisis: The Issues with CVE

Blog Published: 11/21/2024

For decades, the cybersecurity industry has relied on the Common Vulnerabilities and Exposures (CVE) program to standardize vulnerability documentation and guide threat intelligence. The program assigns a unique identifier to each discovered security vulnerability. Then, it ranks the vulnerabi...

CSA Community Spotlight: Nerding Out About Security with CISO Alexander Getsin

Blog Published: 11/21/2024

As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we take pride in the organization's extensive research accomplishments throughout the years that have defined the trajectory of cloud security. Since its founding in 2009, CSA has produced groundbreaking research that has se...

How Cloud-Native Architectures Reshape Security: SOC2 and Secrets Management

Blog Published: 11/22/2024

Written by Adam Cheriki, Co-Founder & CTO, Entro Security.As cloud-native architectures transform business operations, they bring unique security challenges. The rapid expansion of microservices, containers, and serverless functions has increased the number of secrets, making their protect...

The Evolution of DevSecOps with AI

Blog Published: 11/22/2024

Written by Rahul Kalva.Abstract The integration of artificial intelligence (AI) into DevSecOps is reshaping the way organizations approach security within their software development and deployment processes. As DevSecOps aims to embed security practices seamlessly into the DevOps pipeline, AI...

Cross-Platform Account Takeover: 4 Real-World Scenarios

Blog Published: 11/25/2024

Originally published by Abnormal Security.Account takeover (ATO) is a well-known attack method that has been documented for years. However, a less common type of attack occurs when ATO is used as the initial attack vector to gain access to another account, this is known as cross-platform ATO. ...

How the Alert Readiness Framework Supports Augmented Cybersecurity

Blog Published: 11/25/2024

Originally published by Devoteam.Traditional cybersecurity models that focus solely on prevention are no longer enough. Gartner’s “Augmented Cybersecurity“ whitepaper highlights the urgent need for organisations to adopt a more balanced approach—one that prioritises response and recovery as we...

What Are the ISO 42001 Requirements?

Blog Published: 11/25/2024

Originally published by Schellman. Written by Megan Sajewski. When seeking ISO 42001:2023 certification, you must ensure that your artificial intelligence management system (AIMS) aligns with the standard’s key clauses (4-10), each of which focuses on a specific facet—context, leadership, pla...

Cyber Essentials vs. Cyber Essentials Plus: Key Differences

Blog Published: 11/26/2024

Originally published by Vanta.If you wish to fortify your organization’s cybersecurity posture, obtaining a Cyber Essentials certification is a good idea. It enables IT managers to be more aware of the cybersecurity risks in their environment and take actionable steps to mitigate them. Before ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
185
186
187
189
191
192
193
Last »