Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
A Starter’s Guide to PCI 4.0 Compliance for Non-Human Identities

Blog Published: 02/26/2025

Originally published by Aembit.   For many of today’s hybrid and data-driven enterprises, non-human identities (NHIs) – often referred to as machine and service accounts – are emerging as one of the most overlooked risks.  While much attention has been devoted to securing ...

What is the DSA? And What Does It Mean for Cloud Providers?

Blog Published: 02/26/2025

Originally published by Thales.   Two hundred years ago, safety and child labor laws were monstrously lax compared to today's standards. In two hundred years more, our ancestors will look back with similar disbelief on our regulation of digital services. However, it is also true t...

Cloud Security Alliance Survey Report Examines How Organizations Assess and Manage Cybersecurity and Data Risks

Press Release Published: 02/27/2025

Survey findings reveal the challenges organizations face and the opportunities they have to strengthen their security posture SEATTLE – Feb. 27, 2025 – In an era of complex hybrid and multi-cloud environments, organizations are grappling with the nuance of identifying, prioritizing, and mi...

How is AI Strengthening Zero Trust?

Blog Published: 02/27/2025

Written by Aparna Achanta, Principal Security Architect, IBM.    Introduction The cybersecurity landscape is changing rapidly, given the ever-evolving nature of cyber threats. The increased adoption of artificial intelligence (AI) for the design and launch of cyberatta...

AI Gone Wild: Why Shadow AI Is Your IT Team’s Worst Nightmare

Blog Published: 03/04/2025

Written by Aditya Patel, Cloud Security Specialist, AWS. Edited by Marina Bregkou and Josh Buker, CSA.   Soon after ChatGPT had become viral, in early 2023, an electronics company learned the hard way why unsanctioned AI tools are a ticking time bomb. Some employees had fed proprietar...

The Evolution of DDoS Attacks: Why APIs Are in the Crosshairs

Blog Published: 03/05/2025

Written by Vaibhav Dutta, Associate Vice President and Global Head-Cybersecurity Products & Services, Tata Communications. Originally published by ETCISO.   In today’s hyper-connected world, Application Programming Interfaces (APIs) have become the backbone of all digita...

Are You Asking the Right Questions About AI?

Blog Published: 03/07/2025

Originally published by Illumio. Written by Trevor Dearing, Director of Critical Infrastructure Solutions, Illumio.   CISOs have a tough job. They’re trying to protect their organizations from more and more advanced threats. And with AI risks on the rise, it's only going to ...

The ISAC Advantage for Collective Threat Intelligence

Blog Published: 02/27/2025

Originally published by CXO REvolutionaries.   With cyberthreats rapidly increasing in sophistication, today’s CISOs cannot afford to stand alone. To outsmart some of the world’s most ingenious and nefarious criminals, we must pool our knowledge, blend our insights, and present a unit...

Building Better GRC Habits: Why 2025 Is the Year To Embrace Continuous Controls Monitoring

Blog Published: 02/27/2025

Originally published by RegScale.   Every January, we commit to building better habits. We buy gym memberships, download meditation apps, or swear to finally learn that new language. But here’s a thought: how well are our organizations carrying out their own New Year’s resolutions?&nbs...

The HIPAA Security Rule is Changing. Here’s What You Need to Know.

Blog Published: 03/03/2025

Originally published by BARR Advisory.   The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is preparing to make sweeping changes to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. OCR published a proposal outl...

The Shift to Risk-Based Data Security Posture Management

Blog Published: 03/03/2025

Modern data environments are becoming increasingly complex and organizations have come to realize that traditional compliance-driven cybersecurity strategies are no longer sufficient. Instead, a growing number of companies are adopting a data-centric approach that emphasizes proactive risk re...

Why Unified Data Security is Essential for Modern Enterprises

Blog Published: 03/11/2025

Originally published by Skyhigh Security. Written by Hari Prasad Mariswamy, Director, Product Management for Data Protection, Skyhigh Security.   As enterprises expand into digital-first operations, data security challenges grow exponentially. Sensitive information...

Cloud Security Alliance (CSA) Furthers Responsible Artificial Intelligence (AI) Safety Practices with Launch of Premier AI Safety Ambassador Program

Press Release Published: 03/03/2025

Ambassador Program strengthens CSA’s mission to ensure AI safety and accountability SEATTLE – March 3, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing ...

Agentic AI Identity Management Approach

Blog Published: 03/11/2025

Written by Ken Huang, CEO of DistributedApps.ai, CSA Fellow, Co-Chair of CSA AI Safety Working Groups, and CEO of DistributedApps.ai.   Traditional identity management systems like OAuth and SAML were designed for human users and/or static machine identities. However, they fall short i...

AI Agents: Human or Non-Human?

Blog Published: 03/13/2025

Originally published by Oasis Security. Written by Marta Dern.   During CES 2025, Jensen Huang (CEO of NVIDIA) stated in his keynote:  ... In the future these AI agents are essentially digital workforce that are working alongside your employees doing things for you on...

A.I in Cybersecurity: Revolutionizing Threat Detection and Response

Blog Published: 03/14/2025

Written by Abel E. Molina, Cybersecurity Architect, Softchoice.   There’s nothing to fear, than fear itself” – T.Roosevelt How Artificial Intelligence is Reshaping Security Measures In an era where cyber threats are becoming increasingly sophisticated, the need for advance...

The Road to FedRAMP: What to Expect on Your Journey to FedRAMP Authorization

Blog Published: 03/17/2025

Originally published by BARR Advisory.   Navigating the road to FedRAMP authorization can feel daunting—but for cloud service providers (CSPs) aiming to deliver solutions to the federal government, it’s an essential step toward unlocking new business opportunities.  From understa...

The Questions Every Company Should Be Asking About AI

Blog Published: 03/05/2025

Originally published by Truyo.   The trajectory of and rapidly advancing regulatory landscape around AI is reminiscent of privacy which, years ago, left companies scrambling to figure out what they needed to do, who is managing compliance, and what regulations they may be subject to, bo...

What Comedy Can Tell Us About AI and Big Data

Blog Published: 03/06/2025

Originally published by CXO REvolutionaries. Written by Jay Patty, CTO in Residence, Zscaler.   Knock, Knock. Who’s there? Data. Data who?  Data gonna help us stop the next cyber-attack, thanks to telemetry and analytics Corny, right? Well, sometimes, the easiest way to...

Your complete SaaS security guide—with best practices for ensuring it

Blog Published: 03/05/2025

Originally published by Vanta.   SaaS security requires constantly monitoring and preparing to mitigate the latest industry threats and vulnerabilities. According to the 2024 State of SaaS Security Report, 58% of organizations experienced a SaaS security incident in the past year ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
193
194
195
197
199
200
201
Last »