Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Join global experts tackling cloud, AI, and zero trust challenges. Explore CSA’s upcoming 2026 events →

All Articles

Home
All Articles
How Generative AI is Reshaping Zero Trust Security

Blog Published: 01/09/2026

  Part 1 of 7 in the CSA Series: AI and the Zero Trust Transformation The security landscape has shifted beneath our feet. Generative AI hasn't just added new tools to the defender's arsenal. It has fundamentally changed what attackers can do and how quickly they can do it. From dee...

AWS Ends SSE-C Encryption, and a Ransomware Vector

Blog Published: 01/05/2026

You probably weren’t using it anyway, so might as well cut the cruft and end a lesser-known attack vector. I’m a bit late to the party, but this morning I learned that AWS is ending support for a feature called “SSE-C” for encrypting data in S3 in April. Normally in security when we hear a ...

What AI Risks Are Hiding in Your Apps?

Blog Published: 01/16/2026

AI is transforming business operations, offering unprecedented productivity, faster decision-making, and new competitive edges. As per Gartner, by 2028, more than 95% of enterprises will be using generative AI APIs or models, and/or will have deployed GenAI-enabled applications in produ...

Cloud 2026: The Shift to AI Driven, Sovereign and Hyperconnected Digital Ecosystems

Blog Published: 01/15/2026

Contributed by Tata Communications. Originally published on Business Today. A decade ago, moving to the cloud was seen as a simple upgrade to help companies work faster, scale easily and reduce costs. But in the last few years, things have changed. Many companies now feel exasperated with ...

The First Question Security Should Ask on AI Projects

Blog Published: 01/09/2026

  Why? What is our desired outcome? Such a simple question. Such a profound question. I’ve been contemplating writing this post for a while now, but struggled with the framing. Throughout 2025 I started moving from “talking about AI security” to helping advise organizations directly...

My Top 10 Predictions for Agentic AI in 2026

Blog Published: 01/16/2026

Welcome to 2026. As we kick off the new year, it is clear that the landscape of Artificial Intelligence has shifted irrevocably. The buzzword of last year is gone; in 2026, we are moving fully into the era of Agentic AI. Based on my research, the evolving threat landscape, and the work we a...

Why SaaS and AI Security Will Look Very Different in 2026

Blog Published: 01/29/2026

  SaaS and AI Security are at a Turning Point AI adoption accelerated rapidly in 2025, but not in the way many security teams expected. Most third-party AI tools entered organizations the same way SaaS always has, through browser-based apps, OAuth integrations, and user-driven adoption...

AI Governance Framework Adoption in Cloud-Native AI Systems: Phased Approach and Considerations

Blog Published: 01/27/2026

AI systems are now embedded into modern, cloud-based systems, where scalability, automation, and rapid iteration are core design principles. As organizations operationalize artificial intelligence (AI) systems to achieve faster deployment cycles, informed decision making, and more intensive ...

Why DNS TXT Records Deserve Governance in Security Programs

Blog Published: 02/02/2026

DNS TXT records play a critical role in modern cloud environments. They underpin email authentication, domain ownership verification, SaaS onboarding, and even security tooling integrations. Despite their importance, TXT records are rarely governed, audited, or lifecycle-managed. This gap ha...

From Security to Proof of AI Trust

Blog Published: 01/22/2026

Autonomous and semi-autonomous AI systems are no longer just predicting words or labeling images. They’re calling APIs, pushing workflows forward, touching financial systems, and moving data between environments at a pace no human team can match. Everyone can see the upside, but an uncomf...

Resolving The Coordination Gap in Modern Cloud Security

Blog Published: 02/03/2026

Cloud infrastructure operates continuously, shifting workloads, rotating identities, and enforcing controls in real time. Security operations, however, still depend heavily on human coordination, periodic check-ins, and manual status sharing. This mismatch creates a visibility and alignment g...

Offboarding Under Pressure: How to Keep SaaS and AI Data Secure During Layoffs

Blog Published: 02/10/2026

Layoffs are stressful for everyone involved. Security teams want to act quickly and compassionately, while also ensuring the organization stays protected. Yet there is a growing problem that most companies are not prepared for. As SaaS and AI adoption has rapidly expanded, identities and dat...

Global Privacy Trends and Best Practices for Compliance in 2026

Blog Published: 02/04/2026

As organizations expand their digital footprints and adopt AI at scale, global privacy expectations are rising worldwide. At the same time, cyber threats are growing more sophisticated, further driving the need for more advanced, resilient privacy programs to meet both regulatory and securit...

AI Governance and ISO 42001 FAQs: What Organizations Need to Know in 2026

Blog Published: 02/17/2026

As interest in ISO 42001 certification has surged over the past year, we've heard a steady stream of questions from organizations seeking to build their AI governance strategy and operationalize their Artificial Intelligence Management Systems (AIMS) responsibly. From understanding pract...

AWS Launches European Sovereign Cloud: What You Need to Know and What You Need to Do

Blog Published: 01/16/2026

  Amazon just launched the European Sovereign Cloud. It’s an important milestone, but enterprises need to know the limits. On January 15, 2026, Amazon Web Services opened up their brand new European Sovereign Cloud. Now since I find consistently spelling ‘sovereign’ nearly as hard as...

Zero Trust in the Cloud: Designing Security Assurance at the Control Plane

Blog Published: 01/30/2026

The way cloud systems are designed has quietly changed. What we used to view as a collection of servers and networks is now shaped by decisions that are made long before any workload runs. Access is defined by policy, infrastructure is deployed through code, and entire environments can be cre...

What if AI Knew When to Say “I Don’t Know”?

Blog Published: 01/21/2026

Not a vocabulary problem. AI models can produce uncertainty language just fine, “I’m not sure,” “This may not be accurate,” “Please verify.” They say these things constantly. Sometimes appropriately. Often not. The problem is knowing when it’s warranted. You can prompt AI to justify its an...

Beyond Badge-Selling: Why Compliance Automation Needs Trust by Design

Blog Published: 01/21/2026

Recent reports about potential compliance certificate fraud have sparked important conversations in our industry. While the specifics of individual cases may still be under investigation, the broader discussion they've ignited is both timely and necessary. Rather than viewing this as merely ...

79% of IT Pros Feel Ill-Equipped to Prevent Attacks Via Non-Human Identities, Cloud Security Alliance and Oasis Security Survey Finds

Press Release Published: 01/27/2026

Exacerbating risk is the proliferation of identities: 78% of organizations lack policies for creating AI identities SEATTLE – Jan. 27, 2026 –The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, toda...

Leveling Up Autonomy in Agentic AI

Blog Published: 01/28/2026

The conversation around artificial intelligence has shifted dramatically over the past two years. We've moved from debating whether AI can write a decent email to grappling with AI systems that can autonomously execute code, manage infrastructure, conduct financial transactions, and orchest...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
214
215
216
218
220
Last »