Bias Testing for AI in the Workplace: Why Companies Need to Identify Bias Now
Blog Published: 02/05/2025
Originally published by Truyo.Written by Dan Clarke, President, Truyo.Artificial Intelligence (AI) is rapidly transforming the landscape of many industries, from healthcare to hospitality. While the benefits of AI are undeniable, the potential for bias within these systems poses significant et...
From 2024 to 2025: How These GRC Trends are Reshaping the Industry
Blog Published: 02/05/2025
Originally published by Scrut Automation.Written by Aayush Ghosh Choudhory.According to Cybersecurity Ventures, the global cost of cybercrime is projected to hit a staggering $10.5 trillion in 2025, rising from $9.5 trillion in 2024. This stark reminder of the urgent need for strong cybersecur...
Agentic AI Threat Modeling Framework: MAESTRO
Blog Published: 02/06/2025
This blog post presents MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic AI. If you are a security engineer, AI researcher, or developer working with these advanced systems, M...
BeyondTrust Breach: A Wake-Up Call for Remote Access Security
Blog Published: 02/07/2025
Written by Florent Paret, Reemo.The recent security incident involving BeyondTrust and the US Treasury Department, as reported by The Verge, serves as a stark reminder of some vulnerabilities in traditional bastion-style remote access solutions. By exploiting flaws to gain access to API keys, ...
Top Threat #9 - Lost in the Cloud: Enhancing Visibility and Observability
Blog Published: 02/03/2025
Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whe...
Implementing CCM: Assurance & Audit Controls
Blog Published: 02/04/2025
CSA’s Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It contains 197 control objectives structured into 17 domains that cover all key aspects of cloud technology. You can use CCM to systematically assess a cloud implementation. CCM also provides guidance ...
The Future of Compliance is Here: Automation, Intelligence, and a Shift to Proactive Security
Blog Published: 02/04/2025
Written by Ruchi Khurana, Lead Product Manager, Google and Raj Krishnamurthy, CEO, ComplianceCow.We all know that today’s regulatory landscape is constantly shifting. Organizations face an ever-growing web of compliance requirements, demanding meticulous adherence to complex rules and standard...
5 Key Insights from Osterman Research on AI’s Role in Defensive Cybersecurity
Blog Published: 02/04/2025
Originally published by Abnormal Security.Written by Emily Burns.Artificial Intelligence (AI) has reshaped nearly every industry, but its impact on cybersecurity is particularly transformative. While AI opens doors to unparalleled efficiencies and innovation, it also gives rise to a new genera...
An 8-Step HIPAA Compliance Checklist to Meet Privacy and Security Requirements
Blog Published: 02/04/2025
Originally published by Vanta.HIPAA, an acronym for the Health Insurance Portability and Accountability Act, is one of the most important federal regulatory frameworks for healthcare organizations. It’s an elaborate law that imposes many stringent requirements for patient privacy and data secu...
Implementing CCM: Ensure Secure Software with the Application and Interface Security Domain
Blog Published: 02/05/2025
CSA’s Cloud Controls Matrix (CCM) is a security framework for cloud computing. It contains 197 control objectives structured into 17 domains. These domains cover all key aspects of cloud technology.You can use CCM to systematically assess a cloud implementation. CCM also provides guidance on w...
AI in Agriculture: Smarter Crops, Healthier Livestock, Better Yields
Blog Published: 02/10/2025
Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance & Compliance Working Group. Artificial Intelligence (AI) is reshaping agriculture, helping farmers tackle labor shortages, unpredictable weather, and rising resource costs. From smart irrigation to disease detection, AI-dri...
What's the Baseline for Cyber Resilience?
Blog Published: 02/11/2025
Originally published by Illumio.Written by Michael Adjei, Director, Systems Engineering, EMEA, Illumio. Cyber resilience is an organization’s ability to bounce back, keep the lights on, and maintain smooth operations, even after a cyber incident. At its core, resilience isn't just about pro...
How Repsol’s DLP Strategy Enables a Fearless Embrace of GenAI
Blog Published: 02/13/2025
Originally published by CXO REvolutionaries.Written by Javier García Quintela, CISO, Repsol SA.Madrid-based global energy provider Repsol is fully committed to meeting the ambitious goal of net-zero carbon emissions by 2050, as outlined in the Paris Agreement. Technology is considered a core ...
3 Important Tips for Effective Employee Security Awareness
Blog Published: 02/06/2025
Originally published by Schellman.Written by Ryan Buckner.These days, every organization has a security program to protect themselves from escalating attacks with growing sophistication. And while much of the focus centers on defending against outsider threats, an equally important component o...
When Technology Isn’t the Problem: The Psychology of IT Transformation
Blog Published: 02/06/2025
Originally published by CXO REvolutionaries.Written by Pam Kubiatowski, Global VP, CTO in Residence, Zscaler.Enterprises transform network architectures to be more agile and better able to meet business goals. But transitioning your network from a traditional hub-and-spoke to a cloud services ...
Five Steps to Zero Trust
Blog Published: 02/07/2025
Contributed by Softchoice.Written by Abel E. Molina, Principal Architect, Security, Softchoice.The Critical Need for Zero TrustThe threat of cyber-attacks is both immediate and severe. According to the Small Business Administration (SBA), 50% of SMBs have faced at least one cyber-attack, with ...
Master Your Disaster
Blog Published: 02/10/2025
Originally published by HanaByte.Written by Otis Thrasher, Staff Security Consultant, HanaByte.Life is full of ups and downs, and no one can avoid them. This includes natural disasters, accidents, and loss of loved ones. The digital world operates on a similar principle. It’s not a question of...
How I Used Free Tools to Resource Jack API Keys
Blog Published: 02/11/2025
Originally published by Aembit.Written by Ashur Kanoon, Technical Product Marketing, Aembit.How much damage could an attacker do with free tools and minimal effort? That’s the question I set out to answer – and the results even surprised me. In less than 10 minutes, I managed to exploit expose...
5 Ways Non-Human Identity Ownership Impacts Your Security Program
Blog Published: 02/12/2025
Originally published by Oasis Security.Written by Guy Feinberg.As we meet with customers to discuss non-human identity security strategy, the topic of ownership comes up more frequently as one of the key component for any comprehensive Non-Human Identity Managament (NHIM) program. Our discover...
From Y2K to 2025: Evolution of the Cybersecurity and Information Security Landscape over the Past 25 Years
Blog Published: 02/12/2025
Written by the CSA New Jersey Chapter:Stanley Mierzwa, Ph.D.; CISSP, Director, Center for Cybersecurity, Transformational Learning and External Affairs, Kean University Eliot Perez, Director, Information Technology, Township of Bedminster, New Jersey Remember Y2K, in the context of the worry...