Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Top 5 Myths of Non-Human Identity Security

Blog Published: 01/24/2025

Originally published by Aembit.Written by Apurva Davé, Chief Marketing Officer, Aembit.We recently released one of the first comprehensive surveys of non-human identity (NHI) perceptions across security, developer, and DevOps practitioners. After digging into the responses – alongside our ong...

Cloud Security Alliance Issues Series of Tools to Assist Organizations in Mitigating Cybersecurity Risks Associated with Distributed Ledger Technology

Press Release Published: 01/23/2025

Documents provide critical resources for creating a more secure environment for all shared network participantsSEATTLE – Jan. 23, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure clo...

What is Third-Party Risk Management and Why Does It Matter?

Blog Published: 01/24/2025

Originally published by Schellman.Written by Sara Mylin.As threats continue to evolve and grow more creative and sophisticated, cybersecurity remains a paramount concern of organizations everywhere. But these days, it’s not enough to implement the necessary data to protect the data in your sys...

New Report Details a Rising Toxic Cloud Trilogy of Vulnerabilities

Blog Published: 01/27/2025

Originally published by Tenable. Written by Shai Morag. Cloud computing has revolutionized the way businesses and individuals manage data, offering unparalleled scalability, flexibility and convenience. But alongside the rise of the cloud, the cybersecurity community has been confronte...

Understanding Domain Generation Algorithms (DGAs)

Blog Published: 01/27/2025

Originally published by CXO REvolutionaries.Written by Ben Corll, Contributor, Zscaler.Domain generation algorithms (DGAs) are an at least semi-sophisticated technique used by malware authors and distributors to ensure the resilience and adaptability of their malicious infrastructure. DGAs dyn...

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass

Blog Published: 01/28/2025

Originally published by Oasis Security.Written by Tal Hason.Oasis Security's research team uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) implementation, allowing attackers to bypass it and gain unauthorized access to the user’s account, including Outlook e...

Top Threat #8 - Patch, Protect, Prevail: Navigating System Vulnerabilities

Blog Published: 01/30/2025

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whe...

Zero Trust Approach to Privileged Access Management

Blog Published: 01/29/2025

Originally published by HCLTech.Written by Sanjay Karandikar, AVP and Global Practice Head - IAM, HCLTech and David Higgins, Senior Director, Field Technology Office, CyberArk,As organizations navigate cybersecurity's complexities, adopting a zero trust mindset has become crucial for securing ...

Unlocking the Value of AI: Safe AI Adoption for Security Practitioners

Blog Published: 01/30/2025

Originally published by Proofpoint DSPM (formerly Normalyze).Written by Ravi Ithal.As a security practitioner or CISO, you likely find yourself in a rapidly evolving landscape where the adoption of AI is both a game-changer and a challenge. In the recent webinar, Safe AI Adoption: Protecting Y...

The Compliance Automation Revolution: Time for Real Change

Blog Published: 01/28/2025

In my recent travels, speaking with security leaders across the globe, one theme keeps coming up: we're drowning in compliance requirements while struggling to demonstrate real security improvements. When you hear that the average US firm is spending between 1.3 and 3.3 percent of its total em...

What to Expect When Starting Out With Microsegmentation

Blog Published: 01/28/2025

Originally published by Illumio.Written by Christer Swartz, Solutions Marketing Director, Illumio.According to Gartner, “By 2026, 60% of enterprises working toward zero trust architecture will use more than one deployment form of microsegmentation, which is up from less than 5% in 2023.” Micr...

Paying Off Compliance Debt: An Unseen Challenge

Blog Published: 01/31/2025

Originally published by AuditCue on LinkedIn.Written by Gaurav Kulkarni.As companies grow and scale, certain tedious, unglamorous, yet critical tasks quietly accumulate. Much like how engineering teams grapple with technical debt, companies must regularly revisit and refine their compliance pr...

Embracing Innovation Over the Status Quo

Blog Published: 01/31/2025

Originally published by CXO REvolutionaries.Written by Rob Sloan, VP, Cybersecurity Advocacy, Zscaler."No one ever got fired for buying IBM." The familiar adage has long been the bedrock of decision-making for many chief information officers and chief information security officers, who often f...

Cloud Security Alliance Issues SaaS AI-Risk for Mid-Market Organizations Survey Report

Press Release Published: 01/28/2025

Report looks to help mid-market organizations manage their expanding Software as a Service (SaaS) environments SEATTLE – Jan. 28, 2025 – Mid-market organizations today are engaged in a unique balancing act, where they are required to manage and defend a growing digital footprint, but lack the ...

Cloud Security Alliance Releases Comprehensive Guide to Navigating Artificial Intelligence (AI) Governance, Security, and Management

Press Release Published: 01/29/2025

Report equips organizations with the knowledge and strategies necessary to harness the power of AI responsibly and effectivelySEATTLE – Jan. 29, 2025 – Today, the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices...

How Can ISO/IEC 42001 & NIST AI RMF Help Comply with the EU AI Act?

Blog Published: 01/29/2025

Contributed by Accedere.Written by Ashwin Chaudhary, CEO, Controllo.ai.The adoption of AI technologies has skyrocketed in the last few years. In 2019, 58% of organizations used AI for at least one business function; by 2024, that number jumped to 72%. The use of genAI nearly doubled from 2023 ...

Can GenAI Services Be Trusted? | At the Discovery of STAR for AI

Blog Published: 01/29/2025

Whenever new technologies are introduced into our personal lives, organizations, or even society as a whole, we always ask the same question: Can I trust it?Most recently, how many of us have asked ourselves whether, how, and within which limits we can trust LLM/GenAI services and their provid...

Rethinking NHI Security Strategies for the Cloud Era

Blog Published: 01/30/2025

Originally published by Britive.Non-human identities (NHIs) have emerged as a critical component of modern cloud environments. From API keys and CI/CD pipelines to service accounts and other automated processes, NHIs are indispensable for enabling innovation, automation, and scale.However, as ...

ISO 42001 vs. HITRUST’s AI Frameworks: Which Standard is Right for Your Organization?

Blog Published: 02/03/2025

Originally published by BARR Advisory.As more organizations leverage artificial intelligence to fuel growth and drive productivity, new cybersecurity frameworks have emerged to help businesses across all industries demonstrate to customers and partners that they’re using and managing AI safely...

DeepSeek: Rewriting the Rules of AI Development

Blog Published: 01/29/2025

AI Usage Statement: This research was done with Claude Desktop, Web Search, Web Document Fetch, and Sequential Thinking. Claude wrote the report, under the direction of Kurt Seifried and validated by ChatGPT. Methodology, templates, and raw conversation are available upon request. January 2025...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
190
191
192
194
196
197
198
Last »