Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
New Report from Cloud Security Alliance Highlights Key Aspects of Data Resiliency in the Financial Sector

Press Release Published: 12/10/2024

Findings emphasize the importance of regulatory compliance, strategic cloud adoption, regional considerations, and the need for continuous improvement in security practices SEATTLE – Dec. 10, 2024 – Financial institutions (FIs) are cautiously but increasingly adopting cloud technologies, while...

Level Up Your Cloud Security Skills With This Jam-Packed Training Bundle

Blog Published: 12/11/2024

Written by Kayla Mauriello.Seasoned cybersecurity professionals from CTOs to developers are facing a challenging situation: organizations transitioning to new cloud architecture are invariably exposed to new vulnerabilities that traditional security measures don’t address. Keeping pace with th...

Test Time Compute

Blog Published: 12/13/2024

Written by Ken Huang, CEO of DistributedApps.ai and VP of Research at CSA GCR.Everyone seems to talk about Test-Time Computation or Test Time Compute (TTC) as a way to scale the reasoning capability of large language models (LLMs). What is it about and why is it important now? This blog post i...

Zero-Code Cloud: Building Secure, Automated Infrastructure Without Writing a Line

Blog Published: 12/16/2024

Written by Rahul Kalva.Abstract In today’s fast-paced DevOps environment, the demand for agile infrastructure deployment is driving innovation beyond traditional Infrastructure-as-Code (IaC). Code-less deployment solutions represent a breakthrough, enabling teams to automate infrastructure se...

Decoding the Volt Typhoon Attacks: In-Depth Analysis and Defense Strategies

Blog Published: 12/17/2024

Originally published by InsiderSecurity.The Volt Typhoon campaign has raised alarms across cybersecurity circles, targeting critical infrastructure with stealthy and sophisticated techniques. This analysis breaks down the methods, exploitation tactics, and practical defenses organizations can ...

Managed Security Service Provider (MSSP): Everything You Need to Know

Blog Published: 12/18/2024

Originally published by Vanta.The security and compliance landscape is ever-evolving, meaning the demands organizations need to meet today can change rapidly. While most IT teams have defined processes to handle these requirements, they may not have the capacity to address all the tasks necess...

The EU AI Act and SMB Compliance

Blog Published: 12/18/2024

Originally published by Scrut Automation.Written by Nicholas Muy, Chief Information Security Officer, Scrut Automation.On July 12, 2024, the European Union (EU) Official Journal published the full text of the AI Act. This set into motion the final chapter of the most impactful security and pri...

Why Digital Pioneers are Adopting Zero Trust SD-WAN to Drive Modernization

Blog Published: 12/19/2024

Originally published by CXO REvolutionaries.Written by Mike Gemza, CTO, Cornerstone Building Brands.At a time when cyberthreats are becoming more advanced and network infrastructure needs are increasing, it's not just important to use a zero trust approach to software-defined wide-area network...

How to Demystify Zero Trust for Non-Security Stakeholders

Blog Published: 12/19/2024

Written by Erick Tauil, Presales Engineer.Alright, let’s dive into a topic that often feels like a riddle wrapped in an enigma: Zero Trust. Communicating its concepts to non-security stakeholders can be quite frustrating and often met with a blank stare. After 15 years in cybersecurity, I’ve s...

Global Data Sovereignty: A Comparative Overview

Blog Published: 01/06/2025

Written by Thales.In a cloud-driven world where data is stored off-premises and distributed across global servers, the question of who controls data is complex. Maintaining control over data becomes increasingly crucial for businesses as data grows in value. This concern gave rise to the conce...

Mastering Security Compliance with Continuous Controls Monitoring

Blog Published: 01/02/2025

Originally published by RegScale.Written by Ivy Shelby.With regulations in a constant state of flux, compliance has become a continuous, strategic priority rather than a mere checklist task. As businesses expand and their operations become more intricate, managing compliance grows more complex...

Modern Day Vendor Security Compliance Begins with the STAR Registry

Blog Published: 12/20/2024

We require a modern approach to accurately assess our use of current technology.This month marks 25 years since I managed my first cybersecurity attack. At the time, I was CTO for an internet service provider that suffered the compromise, which in those days was mostly script kiddies defacing...

The Critical Role of OT Security in the Oil and Gas (O&G) Industry

Blog Published: 01/03/2025

Originally published by HCLTech.Written by Devkant Sharma, Group Manager, PMG Lead, Cybersecurity, HCLTech.In today's increasingly digitized world, Operational Technology (OT) systems, which encompass the hardware and software that monitor and control physical devices, processes and events, ar...

Lanes in the Road: How Small and Medium Businesses Can Allocate Cybersecurity Responsibility

Blog Published: 01/06/2025

Originally published by Scrut Automation.Written by Nicholas Muy, Chief Information Security Officer, Scrut Automation.After suffering a devastating ransomware attack in early 2023, the law firm Mastagni Holstedt turned around and sued its Managed Service Provider (MSP), LanTech. While the leg...

Navigating Cloud Challenges with Repatriation

Blog Published: 01/07/2025

Written by Rajesh Awasthi, VP & Global Head of Managed Hosting and Cloud Services, Tata Communications.Originally published by DQ India.Cloud computing has transformed business operations with its scalability, flexibility, and cost-efficiency, encouraging organisations to modernise their I...

Breaking Into the U.S. Market: Cybersecurity Compliance to Fuel International Growth

Blog Published: 01/08/2025

Originally published by BARR Advisory.Expanding into the U.S. market offers Europe-based cloud service providers (CSPs) exciting new growth opportunities—but cybersecurity standards aren’t exactly the same across the pond. For security leaders who are used to GDPR and other European frameworks...

What is Protocol Break? A Deep Defense to Isolate Attackers in the Cloud

Blog Published: 01/09/2025

Originally published by Reemo.Written by Florent Paret.In today's digital landscape, marked by a proliferation of increasingly sophisticated cyberattacks, secure remote access to information systems has become a top priority. Protocol break, a technique that involves isolating systems by inter...

How to Secure Cloud Environments and Minimize Data Breach Risks

Blog Published: 01/10/2025

Originally published by Tenable. Written by Gad Rosenthal. The rapid shift to cloud computing has transformed how organizations manage and store their data. But as cloud adoption has grown, the risks have been heightened as well. Seeing opportunity, cybercriminals are increasingly targeting c...

Next-Gen Cybersecurity with AI: Reshaping Digital Defense

Blog Published: 01/10/2025

Written by Rahul Kalva.Abstract As the cyber threat landscape evolves, leveraging Artificial Intelligence (AI) has become imperative for creating robust, proactive defenses. AI's ability to detect, predict, and respond to threats in real-time sets it apart as a transformative force in cyberse...

Your Essential 10-Step GDPR Compliance Checklist

Blog Published: 01/07/2025

Originally published by Vanta.Written by Jess Munday.If your business entails collecting and/or processing the personal data of European Union (EU) or United Kingdom (UK) citizens, complying with the General Data Protection Regulation (GDPR) is a priority.‍The regulation is quite comprehensive...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
188
189
190
192
194
195
196
Last »