Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Your complete SaaS security guide—with best practices for ensuring it

Blog Published: 03/05/2025

Originally published by Vanta.   SaaS security requires constantly monitoring and preparing to mitigate the latest industry threats and vulnerabilities. According to the 2024 State of SaaS Security Report, 58% of organizations experienced a SaaS security incident in the past year ...

Implementing CCM: Cryptography, Encryption, and Key Management

Blog Published: 03/10/2025

The Cloud Controls Matrix (CCM) is a framework of controls (policies, procedures, and technical measures) that are essential for cloud computing security. It is created and updated by CSA and aligned to CSA best practices. You can use CCM to systematically assess and guide the security of an...

Why GRC is key to safely unlocking ROI from design, hosting, and AI

Blog Published: 03/07/2025

Originally published by Scrut Automation.   What’s the one thing businesses want from their software investments? Quick results. According to G2’s State of Software Report 2024, tools in design, hosting, and AI categories are leading the way in delivering faster ROI than any other sof...

Understanding UEBA: Essential Guide to User and Entity Behavior Analytics in Cybersecurity

Blog Published: 03/10/2025

Originally published by InsiderSecurity.   Visibility into user actions is one of the critical challenges in the modern digital landscape. Traditional rule-based security solutions that generate a high number of alerts within modern environments are no longer practical; a new approach ...

From Ransomware to Regulation: Lessons from the Worst Year of Healthcare Cyber Breaches

Blog Published: 03/12/2025

Originally published by Censys.   In 2024, it’s estimated that the two largest healthcare cyber incidents impacted over 100 million people, including patients and vendors across an interconnected digital landscape of insurers and healthcare providers. By October of 2024, 386 cybersecur...

What you need to know about South Korea’s AI Basic Act

Blog Published: 03/12/2025

Originally published by Schellman&Co.   *Disclaimer: This article was written using a translated copy of the South Korea AI Basic Act*  After the European Union paved the way for creating a legal framework for artificial intelligence (AI) in early 2024, many wondered what gove...

The Hidden Costs of Manual GRC in a Cloud-First World

Blog Published: 03/13/2025

Originally published by RegScale.   Before I joined RegScale, I was a big buyer of legacy GRC tools. I won’t name any particular tools, but most of them featured 20-year-old approaches and “automation” in name only. At the end of the day, they left teams heavily reliant on manual proces...

AI Security and Governance

Blog Published: 03/14/2025

Written by Suresh Kumar Akkemgari, Hyland Software.   Artificial Intelligence (AI) has become an integral part of our daily lives and business operations, permeating various industries with its advanced capabilities. However, the rapid adoption of AI technologies also brings signi...

Top Threat #11 - APT Anxiety: Battling the Silent Threats

Blog Published: 03/17/2025

Written by CSA’s Top Threats Working Group.   In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we discuss the 11 top cybersecurity threats, their business impact, and how to tackle th...

One Percent Better Can Change Your World

Blog Published: 03/20/2025

Originally Published by CXO Revolutionaries on January 28, 2025. Written by: Nat Smith, Contributor, Zscaler.   New resolutions already fading? This hack, inspired by British Cycling, can get you back on track. Now that we are at the tail end of the first month of the new year...

What the File Transfer Breach Crisis Means for MFT Security

Blog Published: 03/24/2025

Originally Published by Axway. Written by Emmanuel Vergé.   File transfer solutions have been around for decades, but the conversation around its security is changing. In the words of Axway’s MFT Product Line Senior Director Paul Lavery, “MFT teams are in a once-in-...

Forget the Corporate Ladder and ‘Rock-Climb’ Your Way to Success

Blog Published: 03/25/2025

Originally Published by CXO Revolutionaries. Written by: Ben Corll, Contributor, Zscaler.   It's time to put the 'corporate ladder' away. The modern professional journey is more like climbing an unfamiliar rock face with no obvious path to the top. For years, the corporate world...

Cloud Security Alliance’s Certificate of Cloud Security Knowledge (CCSK) Wins Cybersecurity Excellence Award

Press Release Published: 03/19/2025

CCSK, the benchmark for cloud security expertise, earns Best Cloud Security Certification SEATTLE – March 19, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud comp...

How to Address Cloud Identity Governance Blind Spots

Blog Published: 03/18/2025

Written by Gerry Gebel, VP of Products and Standards, Strata.   Working directly with organizations that are navigating the complexities of multi-cloud environments, one thing has become clear: managing identities across cloud and on-prem systems isn’t getting any easier. Whether i...

3 Time-Consuming Security Functions to Automate in 2025

Blog Published: 03/18/2025

Originally published by Vanta.   Our most recent State of Trust report found that 55 percent of global businesses think security risks for their organization have never been higher. Naturally, to mitigate an increase in risks in today’s complex threat landscape, businesses inv...

Privacy Concerns and Corporate Caution: The Double-Edged Sword of Generative AI

Blog Published: 03/19/2025

Originally published by Truyo.   As generative AI technologies like OpenAI’s GPT-4o continue to evolve, they bring both incredible potential and significant risks. The capabilities of the latest AI models are more advanced and human-like than ever before, offering everything from solv...

From Risk to Revenue with Zero Trust AI

Blog Published: 03/18/2025

Written by Richard Beck, Director of Cyber Security, QA Ltd.   AI security governance is fast becoming the boardroom’s new obsession, and with good reason. From biased models and hallucinated outputs to intellectual property leakage and regulatory scrutiny, the risks of unche...

Cloud Security Alliance’s Certificate of Competence in Zero Trust (CCZT) Recognized for Excellence in the 21st 2025 Globee® Awards for Cybersecurity

Press Release Published: 03/26/2025

CCZT is the industry’s first authoritative Zero Trust training and credential SEATTLE – March 26, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing envir...

Gaining the Edge (Literally!) Through Edge Computing

Blog Published: 03/19/2025

Written by Neelakantan Venkataraman, Vice President & Global Head of Cloud & Edge Business, Tata Communications. Originally published by Frontier Enterprise.   The world is captivated by AI's impressive deployment, but the real profits lie in reassessing operational ...

Assessing the Security of FHE Solutions

Blog Published: 03/19/2025

Written by Joseph Wilson and the CSA FHE Working Group.   Questions of privacy and security are at the forefront of every deployment of Fully Homomorphic Encryption (FHE). In this blog post, we provide insight that will help you to evaluate FHE solutions when answering the following qu...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
194
195
196
198
200
201
202
Last »