Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Participate in the CSA Top Threats to Cloud Computing 2025 peer review to help shape industry insights!

All Articles

Home
All Articles
Rethinking NHI Security Strategies for the Cloud Era

Blog Published: 01/30/2025

Originally published by Britive.Non-human identities (NHIs) have emerged as a critical component of modern cloud environments. From API keys and CI/CD pipelines to service accounts and other automated processes, NHIs are indispensable for enabling innovation, automation, and scale.However, as ...

ISO 42001 vs. HITRUST’s AI Frameworks: Which Standard is Right for Your Organization?

Blog Published: 02/03/2025

Originally published by BARR Advisory.As more organizations leverage artificial intelligence to fuel growth and drive productivity, new cybersecurity frameworks have emerged to help businesses across all industries demonstrate to customers and partners that they’re using and managing AI safely...

DeepSeek: Rewriting the Rules of AI Development

Blog Published: 01/29/2025

AI Usage Statement: This research was done with Claude Desktop, Web Search, Web Document Fetch, and Sequential Thinking. Claude wrote the report, under the direction of Kurt Seifried and validated by ChatGPT. Methodology, templates, and raw conversation are available upon request. January 2025...

Seize the ‘Zero Moment of Trust’

Blog Published: 01/31/2025

Data loops at the center of ZTA and CTEM can boost your cyber programWritten by Chris Jablonski, Director, CXO Revolutionaries & Community. In 2011, Google released a groundbreaking report called ZMOT: Winning the Zero Moment of Truth, sending shockwaves across the marketing world. ZMOT r...

Bias Testing for AI in the Workplace: Why Companies Need to Identify Bias Now

Blog Published: 02/05/2025

Originally published by Truyo.Written by Dan Clarke, President, Truyo.Artificial Intelligence (AI) is rapidly transforming the landscape of many industries, from healthcare to hospitality. While the benefits of AI are undeniable, the potential for bias within these systems poses significant et...

From 2024 to 2025: How These GRC Trends are Reshaping the Industry

Blog Published: 02/05/2025

Originally published by Scrut Automation.Written by Aayush Ghosh Choudhory.According to Cybersecurity Ventures, the global cost of cybercrime is projected to hit a staggering $10.5 trillion in 2025, rising from $9.5 trillion in 2024. This stark reminder of the urgent need for strong cybersecur...

Agentic AI Threat Modeling Framework: MAESTRO

Blog Published: 02/06/2025

Written by Ken Huang, CEO of DistributedApps.ai, CSA Fellow, Co-Chair of CSA AI Safety Working Groups. This blog post presents MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic...

BeyondTrust Breach: A Wake-Up Call for Remote Access Security

Blog Published: 02/07/2025

Written by Florent Paret, Reemo.The recent security incident involving BeyondTrust and the US Treasury Department, as reported by The Verge, serves as a stark reminder of some vulnerabilities in traditional bastion-style remote access solutions. By exploiting flaws to gain access to API keys, ...

Top Threat #9 - Lost in the Cloud: Enhancing Visibility and Observability

Blog Published: 02/03/2025

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whe...

Implementing CCM: Assurance & Audit Controls

Blog Published: 02/04/2025

CSA’s Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It contains 197 control objectives structured into 17 domains that cover all key aspects of cloud technology. You can use CCM to systematically assess a cloud implementation. CCM also provides guidance ...

The Future of Compliance is Here: Automation, Intelligence, and a Shift to Proactive Security

Blog Published: 02/04/2025

Written by Ruchi Khurana, Lead Product Manager, Google and Raj Krishnamurthy, CEO, ComplianceCow.We all know that today’s regulatory landscape is constantly shifting. Organizations face an ever-growing web of compliance requirements, demanding meticulous adherence to complex rules and standard...

5 Key Insights from Osterman Research on AI’s Role in Defensive Cybersecurity

Blog Published: 02/04/2025

Originally published by Abnormal Security.Written by Emily Burns.Artificial Intelligence (AI) has reshaped nearly every industry, but its impact on cybersecurity is particularly transformative. While AI opens doors to unparalleled efficiencies and innovation, it also gives rise to a new genera...

An 8-Step HIPAA Compliance Checklist to Meet Privacy and Security Requirements

Blog Published: 02/04/2025

Originally published by Vanta.HIPAA, an acronym for the Health Insurance Portability and Accountability Act, is one of the most important federal regulatory frameworks for healthcare organizations. It’s an elaborate law that imposes many stringent requirements for patient privacy and data secu...

Implementing CCM: Ensure Secure Software with the Application and Interface Security Domain

Blog Published: 02/05/2025

CSA’s Cloud Controls Matrix (CCM) is a security framework for cloud computing. It contains 197 control objectives structured into 17 domains. These domains cover all key aspects of cloud technology.You can use CCM to systematically assess a cloud implementation. CCM also provides guidance on w...

AI in Agriculture: Smarter Crops, Healthier Livestock, Better Yields

Blog Published: 02/10/2025

Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance & Compliance Working Group. Artificial Intelligence (AI) is reshaping agriculture, helping farmers tackle labor shortages, unpredictable weather, and rising resource costs. From smart irrigation to disease detection, AI-dri...

What's the Baseline for Cyber Resilience?

Blog Published: 02/11/2025

Originally published by Illumio.Written by Michael Adjei, Director, Systems Engineering, EMEA, Illumio. Cyber resilience is an organization’s ability to bounce back, keep the lights on, and maintain smooth operations, even after a cyber incident. At its core, resilience isn't just about pro...

How Repsol’s DLP Strategy Enables a Fearless Embrace of GenAI

Blog Published: 02/13/2025

Originally published by CXO REvolutionaries.Written by Javier García Quintela, CISO, Repsol SA.Madrid-based global energy provider Repsol is fully committed to meeting the ambitious goal of net-zero carbon emissions by 2050, as outlined in the Paris Agreement. Technology is considered a core ...

3 Important Tips for Effective Employee Security Awareness

Blog Published: 02/06/2025

Originally published by Schellman.Written by Ryan Buckner.These days, every organization has a security program to protect themselves from escalating attacks with growing sophistication. And while much of the focus centers on defending against outsider threats, an equally important component o...

When Technology Isn’t the Problem: The Psychology of IT Transformation

Blog Published: 02/06/2025

Originally published by CXO REvolutionaries.Written by Pam Kubiatowski, Global VP, CTO in Residence, Zscaler.Enterprises transform network architectures to be more agile and better able to meet business goals. But transitioning your network from a traditional hub-and-spoke to a cloud services ...

Five Steps to Zero Trust

Blog Published: 02/07/2025

Contributed by Softchoice.Written by Abel E. Molina, Principal Architect, Security, Softchoice.The Critical Need for Zero TrustThe threat of cyber-attacks is both immediate and severe. According to the Small Business Administration (SBA), 50% of SMBs have faced at least one cyber-attack, with ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
191
192
193
195
197
198
Last »