Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Adapting Strong IAM Strategies to Combat AI-Driven Cyber Threats

Blog Published: 01/08/2025

Written by Jordi Vilanova, Cloudtango.In early 2024, T-Mobile experienced a significant data breach where attackers exploited weak IAM controls to gain access to the personal information of over 30 million customers. The attackers used a combination of phishing attacks and stolen credentials t...

The Trouble with Large Language Models and How to Address AI “Lying”

Blog Published: 01/13/2025

Originally published by Schellman.Written by Avani Desai, CEO, Schellman.Even as AI systems become more advanced and enmeshed in daily operations, concerns regarding whether large language models (LLMs) are generating accurate and true information remain paramount throughout the business lands...

AI-Generated Attacks Are Here. Zero Trust Is How We Fight Back.

Blog Published: 01/16/2025

Originally published by Illumio on December 9, 2024.Written by Raghu Nandakumara, Head of Industry Solutions, Illumio.Last month, I attended the Illumio World Tour stops in New York City and Sydney as well as Black Hat MEA. One topic dominated conversations: generative AI (GenAI) and its growi...

Enhancing NIS2/DORA Compliance: A Business-Centric Approach

Blog Published: 01/16/2025

Originally published by Devoteam.Written by Kris Mandryk, Lead Consultant, Devoteam Belgium.The cybersecurity landscape is evolving with the arrival of the European Union’s NIS2 Directive and the Digital Operational Resilience Act DORA). These regulations elevate the standards for how organisa...

Training Your LLM Dragons: Why DSPM is the Key to AI Security

Blog Published: 01/17/2025

Originally published by Proofpoint DSPM (formerly Normalyze).Written by Parag Bajaria.AI’s transformative potential comes with a price—its complexity and reliance on sensitive data make it a prime target for security threats. For most organizations, the two primary use cases, custom large lang...

AI and Compliance for the Mid-Market

Blog Published: 01/17/2025

Originally published by Scrut Automation.Written by Jayesh Gadewar.Over the past year and a half, artificial intelligence (AI) has been impossible to ignore—and with good reason. Beyond the broader business implications, AI has the potential to accelerate cybersecurity and compliance efforts a...

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Blog Published: 01/21/2025

Written by Ella Siman, Wing Security.Originally published by The Hacker News.In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Mi...

5 Questions to Ask a Potential Privileged Access Management Vendor

Blog Published: 01/23/2025

Originally published by Britive.With the speed and scale of growing identities and innovation in the cloud, finding the right Privileged Access Management (PAM) solution is critical to securing sensitive resources without sacrificing operational speed and flexibility.However, not all PAM platf...

RBI and BYOD Policies: Securing Personal Devices in the Workplace

Blog Published: 01/23/2025

Originally published on the Reemo Blog.Written by Florent Paret, Reemo.The rise of hybrid work and Bring Your Own Device (BYOD) has introduced new challenges for IT security teams. Personal devices, often less controlled than corporate devices, can serve as entry points for cyber threats.Remot...

The Emerging Cybersecurity Threats in 2025 - What You Can Do To Stay Ahead

Blog Published: 01/14/2025

Contributed by Softchoice.Written by Abel E. Molina, Principal Architect, Security, Microsoft.As we look ahead to 2025, the landscape of cyber threats is evolving at a rapid pace, posing significant challenges for businesses, governments, and individuals. As the first blog of the year, I felt ...

Secrets & Non-Human Identity Security in Hybrid Cloud Infrastructure: Strategies for Success

Blog Published: 01/14/2025

Written by Itzik Alvas, Entro.Secrets & Non-Human Identities (NHIs) security in hybrid cloud environments is a critical challenge in today’s IT landscape. Passwords, API keys, certificates, and tokens are not just digital assets; they are the lifeblood of your organization’s security. Prot...

The EU AI Act: A New Era of AI Governance Began August 1st

Blog Published: 01/15/2025

Originally published by Truyo.Written by Dan Clarke.The European Union’s AI Act, which entered into force August 1, 2024, marks a historic milestone as the world’s first comprehensive regulation for artificial intelligence. This groundbreaking legislation, initially agreed upon in December 202...

Your Guide to SaaS Compliance: Key Areas and Best Practices

Blog Published: 01/21/2025

Originally published by Vanta.Many IT managers find compliance to be one of the most complex aspects of the SaaS space. For instance, in a LogicMonitor survey on cloud solutions, 60% of the respondents highlighted governance and compliance as one of their top challenges when engaging with SaaS...

Unlocking the Power of AI: An Intro to Prompt Engineering

Blog Published: 01/15/2025

Artificial Intelligence (AI) has become a cornerstone of innovation, transforming industries and reshaping how we interact with technology. At the heart of this revolution lies Large Language Models (LLMs)—AI systems designed to understand and generate human-like text.However, even the most ad...

Quantum Artificial Intelligence: Exploring the Relationship Between AI and Quantum Computing

Blog Published: 01/20/2025

In October 2024, CSA hosted the 3-day Global AI Symposium. Experts at the forefront of artificial intelligence (AI) delivered insights into the benefits, uses, and misuses of AI. A standout session was “Quantum Artificial Intelligence: Exploring the Future of Intelligent Computing” with sis...

Cloud Security Alliance and Whistic Partner to Advance Secure and Responsible Development of Artificial Intelligence (AI) Technologies

Press Release Published: 01/20/2025

Organizations collaborate on mutual goal of evaluating risks and defining controls related to Generative Artificial IntelligenceSEATTLE – Jan. 20, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help en...

Solving the Cyber Workforce Puzzle

Blog Published: 01/22/2025

Originally published by CXO REvolutionaries.Zscaler EVP, Customer Experience & Transformation Kavitha Mariappan recounts her conversation with CISA Director Jen Easterly and Girls Who Code CEO Dr. Tarika Barrett.Ernő Rubik said "If you are curious, you will find the puzzles around you and,...

SOC Expert Perspectives: 5 Key Social Engineering Threats

Blog Published: 01/22/2025

Originally published by Abnormal Security.Written by Mick Leach.Social engineering attacks are an escalating threat to modern organizations, with data breaches caused by these tactics taking an average of 257 days to contain, as revealed in IBM’s 2024 Cost of a Data Breach Report. Additionally...

How to Get Security and Privacy Engineering Right the First Time

Blog Published: 01/23/2025

Originally published by BARR Advisory.In today’s evolving digital landscape, the importance of security and privacy engineering cannot be overstated. Security and privacy engineering is a comprehensive discipline that focuses on designing and implementing systems that are inherently secure and...

Top 5 Myths of Non-Human Identity Security

Blog Published: 01/24/2025

Originally published by Aembit.Written by Apurva Davé, Chief Marketing Officer, Aembit.We recently released one of the first comprehensive surveys of non-human identity (NHI) perceptions across security, developer, and DevOps practitioners. After digging into the responses – alongside our ong...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
189
190
191
193
195
196
197
Last »