Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
CSAIChaptersEventsBlog
Agentic AI risks are here new data reveals gaps in control visibility and security failures Register for the free May 19 webinar →

All Articles

Home
All Articles
SC Media Names Cloud Security Alliance’s Trusted AI Safety Expert (TAISE) Certificate a Winner of the 2026 SC Awards

Press Release Published: 03/30/2026

Recognition underscores the growing need for trusted AI security expertise as organizations accelerate adoption and seek to responsibly secure AI at scale SEATTLE — March 30, 2026 — The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and ...

Unstructured Data Surges as Enterprises Struggle to Maintain Visibility and Security, Cloud Security Alliance Study Finds

Press Release Published: 03/31/2026

Despite growing awareness of unstructured data risks, many organizations lag in scalable security as cloud, AI, and automation deployments accelerate SEATTLE – March 31, 2026 – The Rise in Unstructured Data and AI Security Risks, a new survey report from the Cloud Security Alliance (CSA), th...

Rethinking Incident Response as an Engineering System: Addressing 7 Operational Gaps

Blog Published: 04/23/2026

Many organizations still treat incident response as an administrative workflow: log the event, assign responsibility, close the ticket, and generate a report. The system returns to normal operation, but the underlying causes may remain unresolved. As a result, the same incidents eventually ...

CSA STAR v4.1 Explained: Key Updates for Cloud Security and Assurance

Blog Published: 04/10/2026

The Cloud Security Alliance (CSA) created the Security, Trust, Assurance, and Risk (STAR) program in August of 2011 to improve transparency and security within cloud computing. This program was built upon the Cloud Controls Matrix (CCM), a selection of cloud controls designed to secure cloud ...

Cybersecurity Needs a New Data Architecture

Blog Published: 04/09/2026

Enterprise organizations are dealing with an unprecedented volume of increasingly dense and complex data. SecOps teams must determine the best way to collect, organize, and use that data so they can identify, prioritize, and respond to threats efficiently and effectively. The lack of data ma...

Every RSAC Keynote Asked the Same Five Questions. Here's the Framework That Answers Them.

Blog Published: 04/03/2026

Something unusual happened at RSAC 2026. Not unusual in the "new product launch" sense. Unusual in the "everyone independently said the same thing without coordinating" sense. Microsoft's Vasu Jakkal: "Zero Trust must extend to AI." Cisco's Jeetu Patel: "Move from access control to action ...

AI Security in the Cloud: How to Move from Visibility Gaps to Exposure Management

Blog Published: 04/17/2026

  TL; DR Unify AI and cloud exposures into a clear and manageable security view — before your board asks why your organization is moving so fast without AI and cloud security guardrails. Key takeaways Protect business value by prioritizing attack paths over vulnerability lists. Us...

Building EU AI Act Compliance with prEN 18286 and ISO 42001

Blog Published: 04/27/2026

As the EU AI Act moves from legislation to implementation, organizations across Europe and beyond are working to operationalize AI governance in practical, auditable ways. Compliance and governance leaders, AI product teams, and executives are asking the same question: How can we demonstrate ...

The State of Cybersecurity in the Finance Sector: Six Trends to Watch

Blog Published: 04/20/2026

Financial institutions are facing a threat landscape shaped by identity-led intrusion, pre-disclosure exploitation, data-first ransomware, and growing cloud and AI governance blind spots. This blog explores the key threats and trends redefining cyber risk across the finance sector and what de...

From Compliance to Credibility: How to Turn CCM/CAIQ Work Into Content People Actually Cite

Blog Published: 04/14/2026

You can do a lot of honest work in CCM and CAIQ and still end up with one frustrating outcome: nobody outside your audit circle ever sees it. Meanwhile, a competitor with thinner controls looks “more credible” because their proof is easier to find, easier to understand, and easier to referen...

AI Security Risks Start with Poor Data Visibility

Blog Published: 04/06/2026

For a lot of organizations, AI has become the answer to almost every security question. Need faster detection? Add AI. Need better prioritization? Add AI. Need help managing an exploding volume of files, messages, logs, and documents? Definitely add AI. But CSA’s new survey report, commi...

Standardizing the SaaS Ecosystem: The Case for SSCF Adoption

Blog Published: 04/13/2026

The rapid proliferation of SaaS platforms, compounded by the emergence of Agentic AI, has created a critical visibility and control gap within the enterprise for SaaS. While the Cloud Controls Matrix (CCM) effectively addresses vendor-side security, a definitive void remains regarding the cus...

Who’s Behind That Action? The AI Agent Identity Crisis

Blog Published: 04/20/2026

In collaboration with Aembit, CSA has released a new survey report about identity and access for AI agents. The report shows that AI agents are already operating across internal applications, APIs, SaaS platforms, cloud infrastructure, data platforms, and development pipelines. In other words...

Anthropic’s Mythos is Here: Defending from the Vulnpocalypse

Blog Published: 04/08/2026

I don't really know who coined it, but for the past six months or so we've been tossing around the term "Vulnpocalypse." We use it to describe the inflection point where LLMs are able to discover zero day vulnerabilities, and create zero day exploits, faster than we can patch. It's the core a...

A CISO’s Guide to Cloud Security Architecture

Blog Published: 04/16/2026

  The Importance of Securing Cloud Architecture: Safeguarding Data and Ensuring Business Continuity You may think migrating to cloud computing is just a trend, but this isn’t the case. It’s actually a necessity for organizations who want to stay competitive (and who wouldn’t?...

When AI Agents Serve Shared Workspaces, Authorization Must Follow the Audience

Blog Published: 04/15/2026

This is the sixth blog in a seven-part series on identity security as AI security. TL;DR: AI agents retrieve data using the permissions of whoever they authenticate as (checked), but output to shared workspaces where recipients have mixed permissions (not checked). For example, a...

How to Choose the Right AI Standard: A 7-Point Guide

Blog Published: 04/22/2026

AI adoption has accelerated across sectors today as the technology becomes easier to access and deploy. Most organizations embed it in at least one aspect of their daily operations, but doing so has also introduced new risks, such as model bias and outcome drift. There’s a growing gap betwee...

Software Supply Chain Security Needs an Upgrade

Blog Published: 04/21/2026

Software supply chain security has moved from niche concern to board-level issue, and for good reason. Developers rarely build modern software from scratch. Instead, they assemble it from open source components, third-party libraries, APIs, automation platforms, and increasingly, AI-assisted ...

AI Agents Are Talking, Are You Listening?

Blog Published: 04/17/2026

If you ask most security teams who has access to their customer data, they can usually give you a clear answer. They can point to OAuth scopes, user permissions, API keys, and audit logs to back it up. However, if you ask which AI agents are exchanging that same data across tools like Salesfo...

SANS Institute, Cloud Security Alliance, [un]prompted, and OWASP GenAI Security Project Release Emergency Strategy Briefing as AI-Driven Vulnerability Discovery Compresses Exploit Timelines from Weeks to Hours

Press Release Published: 04/14/2026

“The AI Vulnerability Storm: Building a Mythos-Ready Security Program” delivers a risk register, 11 priority actions, and board briefing framework built by 60+ contributors and reviewed by 250+ CISOs in a single weekend April 14, 2026. SANS Institute and the Cloud Security Alliance (CSA), al...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
218
219
220
222
224
Last »