Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Bias Testing for AI in the Workplace: Why Companies Need to Identify Bias Now

Blog Published: 02/05/2025

Originally published by Truyo.Written by Dan Clarke, President, Truyo.Artificial Intelligence (AI) is rapidly transforming the landscape of many industries, from healthcare to hospitality. While the benefits of AI are undeniable, the potential for bias within these systems poses significant et...

From 2024 to 2025: How These GRC Trends are Reshaping the Industry

Blog Published: 02/05/2025

Originally published by Scrut Automation.Written by Aayush Ghosh Choudhory.According to Cybersecurity Ventures, the global cost of cybercrime is projected to hit a staggering $10.5 trillion in 2025, rising from $9.5 trillion in 2024. This stark reminder of the urgent need for strong cybersecur...

Agentic AI Threat Modeling Framework: MAESTRO

Blog Published: 02/06/2025

This blog post presents MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic AI. If you are a security engineer, AI researcher, or developer working with these advanced systems, M...

BeyondTrust Breach: A Wake-Up Call for Remote Access Security

Blog Published: 02/07/2025

Written by Florent Paret, Reemo.The recent security incident involving BeyondTrust and the US Treasury Department, as reported by The Verge, serves as a stark reminder of some vulnerabilities in traditional bastion-style remote access solutions. By exploiting flaws to gain access to API keys, ...

Top Threat #9 - Lost in the Cloud: Enhancing Visibility and Observability

Blog Published: 02/03/2025

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whe...

Implementing CCM: Assurance & Audit Controls

Blog Published: 02/04/2025

CSA’s Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It contains 197 control objectives structured into 17 domains that cover all key aspects of cloud technology. You can use CCM to systematically assess a cloud implementation. CCM also provides guidance ...

The Future of Compliance is Here: Automation, Intelligence, and a Shift to Proactive Security

Blog Published: 02/04/2025

Written by Ruchi Khurana, Lead Product Manager, Google and Raj Krishnamurthy, CEO, ComplianceCow.We all know that today’s regulatory landscape is constantly shifting. Organizations face an ever-growing web of compliance requirements, demanding meticulous adherence to complex rules and standard...

5 Key Insights from Osterman Research on AI’s Role in Defensive Cybersecurity

Blog Published: 02/04/2025

Originally published by Abnormal Security.Written by Emily Burns.Artificial Intelligence (AI) has reshaped nearly every industry, but its impact on cybersecurity is particularly transformative. While AI opens doors to unparalleled efficiencies and innovation, it also gives rise to a new genera...

An 8-Step HIPAA Compliance Checklist to Meet Privacy and Security Requirements

Blog Published: 02/04/2025

Originally published by Vanta.HIPAA, an acronym for the Health Insurance Portability and Accountability Act, is one of the most important federal regulatory frameworks for healthcare organizations. It’s an elaborate law that imposes many stringent requirements for patient privacy and data secu...

Implementing CCM: Ensure Secure Software with the Application and Interface Security Domain

Blog Published: 02/05/2025

CSA’s Cloud Controls Matrix (CCM) is a security framework for cloud computing. It contains 197 control objectives structured into 17 domains. These domains cover all key aspects of cloud technology.You can use CCM to systematically assess a cloud implementation. CCM also provides guidance on w...

AI in Agriculture: Smarter Crops, Healthier Livestock, Better Yields

Blog Published: 02/10/2025

Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance & Compliance Working Group. Artificial Intelligence (AI) is reshaping agriculture, helping farmers tackle labor shortages, unpredictable weather, and rising resource costs. From smart irrigation to disease detection, AI-dri...

What's the Baseline for Cyber Resilience?

Blog Published: 02/11/2025

Originally published by Illumio.Written by Michael Adjei, Director, Systems Engineering, EMEA, Illumio. Cyber resilience is an organization’s ability to bounce back, keep the lights on, and maintain smooth operations, even after a cyber incident. At its core, resilience isn't just about pro...

How Repsol’s DLP Strategy Enables a Fearless Embrace of GenAI

Blog Published: 02/13/2025

Originally published by CXO REvolutionaries.Written by Javier García Quintela, CISO, Repsol SA.Madrid-based global energy provider Repsol is fully committed to meeting the ambitious goal of net-zero carbon emissions by 2050, as outlined in the Paris Agreement. Technology is considered a core ...

3 Important Tips for Effective Employee Security Awareness

Blog Published: 02/06/2025

Originally published by Schellman.Written by Ryan Buckner.These days, every organization has a security program to protect themselves from escalating attacks with growing sophistication. And while much of the focus centers on defending against outsider threats, an equally important component o...

When Technology Isn’t the Problem: The Psychology of IT Transformation

Blog Published: 02/06/2025

Originally published by CXO REvolutionaries.Written by Pam Kubiatowski, Global VP, CTO in Residence, Zscaler.Enterprises transform network architectures to be more agile and better able to meet business goals. But transitioning your network from a traditional hub-and-spoke to a cloud services ...

Five Steps to Zero Trust

Blog Published: 02/07/2025

Contributed by Softchoice.Written by Abel E. Molina, Principal Architect, Security, Softchoice.The Critical Need for Zero TrustThe threat of cyber-attacks is both immediate and severe. According to the Small Business Administration (SBA), 50% of SMBs have faced at least one cyber-attack, with ...

Master Your Disaster

Blog Published: 02/10/2025

Originally published by HanaByte.Written by Otis Thrasher, Staff Security Consultant, HanaByte.Life is full of ups and downs, and no one can avoid them. This includes natural disasters, accidents, and loss of loved ones. The digital world operates on a similar principle. It’s not a question of...

How I Used Free Tools to Resource Jack API Keys

Blog Published: 02/11/2025

Originally published by Aembit.Written by Ashur Kanoon, Technical Product Marketing, Aembit.How much damage could an attacker do with free tools and minimal effort? That’s the question I set out to answer – and the results even surprised me. In less than 10 minutes, I managed to exploit expose...

5 Ways Non-Human Identity Ownership Impacts Your Security Program

Blog Published: 02/12/2025

Originally published by Oasis Security.Written by Guy Feinberg.As we meet with customers to discuss non-human identity security strategy, the topic of ownership comes up more frequently as one of the key component for any comprehensive Non-Human Identity Managament (NHIM) program. Our discover...

From Y2K to 2025: Evolution of the Cybersecurity and Information Security Landscape over the Past 25 Years

Blog Published: 02/12/2025

Written by the CSA New Jersey Chapter:Stanley Mierzwa, Ph.D.; CISSP, Director, Center for Cybersecurity, Transformational Learning and External Affairs, Kean University Eliot Perez, Director, Information Technology, Township of Bedminster, New Jersey Remember Y2K, in the context of the worry...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
191
192
193
195
197
198
199
Last »