Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
CSAIChaptersEventsBlog
Learn why hybrid environments are now the norm and how to build a security architecture that embraces this. Register for the July 1st webinar →

All Articles

Home
All Articles
CSAI Foundation Announces Key Milestones to Secure the Agentic Control Plane

Press Release Published: 04/29/2026

New catastrophic risk initiative, CNA authorization, and strategic agentic AI acquisitions accelerate enterprise AI governance and assurance SEATTLE – April 29, 2026 — The Cloud Security Alliance (CSA), the world's leading not-for-profit organization committed to AI, cloud, and Zero Trust ...

Securing the Agentic Control Plane: Key Progress at the CSAI Foundation

Blog Published: 04/29/2026

Two exponential curves are converging in 2026: step-level improvements in AI model capabilities and the viral adoption of autonomous agents across every sector of the economy. The question facing every enterprise isn't whether agents will reshape their operations — it's whether they have a s...

AARM: Finding a Path to Secure the Agentic Runtime

Blog Published: 04/30/2026

Over the past year, I have found myself returning to the same observation in many different conversations: we are not simply watching AI improve. We are watching a new operational layer in computing emerge in front of us. Autonomous agents are beginning to write code, manage infrastructure, p...

Identity Spoofing vs. Identity Abuse

Blog Published: 05/15/2026

Identity attacks are not new. What is new is how easily they now blend into normal business activity. A fake login page can look legitimate, even to the digitally-aware. A stolen account can behave just enough like a real user to avoid immediate detection. An AI-generated voice can add just ...

AI Agent Security Starts with Scope Control

Blog Published: 05/12/2026

Enterprise AI has moved past the experimentation phase. AI agents are no longer sitting on the sidelines as novelty tools or isolated pilots. They are increasingly becoming part of the digital workforce. Organizations are embedding them in production workflows across IT, security, engineering...

What an AI Lab’s Test Reveals About the Enterprise AI Challenge

Blog Published: 05/13/2026

Recent test results from an AI labopens in a new tab have renewed attention on a question that is becoming harder for enterprises to ignore: What happens when AI systems are no longer limited to generating output, but are increasingly able to take action? In the tests, AI agents ta...

AI Agent Posture Management: Why Autonomous AI Requires Data-First Security Guardrails

Blog Published: 05/19/2026

AI agents are no longer experimental tools confined to innovation labs. They are already embedded across enterprise environments—reading files, responding to tickets, provisioning access, generating reports, and initiating remediation actions across critical systems. Their...

How a Penetration Test Builds Customer Trust & Strengthens ISO 42001 Certification

Blog Published: 05/21/2026

Not only is artificial intelligence changing how businesses operate; it's also changing how cybercriminals attack. As organizations rush to adopt AI systems, they face new security risks that traditional defenses can't handle. ISO 42001 compliance is instrumental in helping your organization...

SAGE: The Format STIX, OSCAL, and SARIF Don't Cover

Blog Published: 05/04/2026

Security research lives in PDFs. PDFs are good for humans and useless to machines. That mismatch was annoying a few years ago. It's expensive today. Detection engineers are feeding those PDFs into RAG pipelines so their copilots can answer questions about threat actors, control mappings, an...

Deep Dive into the Software-Defined Perimeter (SDP) Guide v3

Blog Published: 05/11/2026

Written by Philip Griffiths, Head of Strategic Sales, NetFoundry. The reason CSA started updating the SDP guidance more than a year ago is now playing out in real time. The internet is moving from human-speed exploitation to AI-speed exploitation, while most enterprise connectivity, p...

Patching Faster is Not the Answer to Mythos. Patching Smarter Is.

Blog Published: 05/14/2026

The security industry has a deeply ingrained reflex: when the threat landscape accelerates, the answer is to move faster. Patch faster. Scan faster. Remediate faster. It is an understandable instinct, and for most of the past decade, it has been a reasonable one. But Mythos changes the equat...

Globee® Awards for Artificial Intelligence (AI) Honors Cloud Security Alliance for AI Leadership with Dual Awards

Press Release Published: 05/14/2026

TAISE and Valid-AI-ted programs earn Silver Awards for innovation in AI credentialing and compliance assurance SEATTLE – June 14, 2026 — The Cloud Security Alliance (CSA), the world's leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, is pleas...

Introducing the AI Security Maturity Model (AISMM)

Blog Published: 05/20/2026

It’s hard to overstate how quickly generative AI is evolving and changing how we do business. Capabilities change weekly, making cloud computing look slow by comparison. In my 25 years in technology I’ve never seen such rapid widespread adoption. In some cases, we even see adoption exceeding ...

What Recent Medical Device Breaches Reveal About Security Gaps in the Cloud

Blog Published: 05/21/2026

Cybersecurity incidents are often framed as enterprise problems: contained within corporate systems, isolated to IT teams, and addressed through technical remediation. In reality, their impact is far broader. When a medical device manufacturer is breached, the consequences extend beyond inte...

Shadow AI Agents: The Insider Threat You're Not Monitoring Yet

Blog Published: 05/26/2026

The shadow AI conversation that started two years ago was about data leakage. An employee pasted a customer list into ChatGPT. A developer dropped proprietary code into a chat window. The risk was real, but the shape of it was familiar. Security teams responded with the controls they already...

MITRE ATT&CK for Cloud: A Practitioner's Guide to Detection Coverage

Blog Published: 05/22/2026

  TL;DR Coverage percentages make for nice slides. They don't stop cloud breaches. Here's how to use MITRE ATT&CK to build detection coverage that actually maps to how attackers operate in AWS, Azure, OCI, and GCP — and where cloud detection and response solutions fit in. ...

The Attribution Gap: Why Every AI Regulation Leads Back to Identity and Authorization

Blog Published: 05/26/2026

  Executive Summary AI agents are approving loans, giving legal advice, triaging patients, and controlling physical systems. When they cause harm, courts ask: can you prove who authorized the agent, what it was permitted to do, and produce the trail? Most enterprises cannot. The ...

AI-Enabled MDR: What Distributed Enterprises Need to Know Before Buying the Hype

Blog Published: 05/28/2026

  A Closer Look for Franchise and Multi-Location Operators Artificial intelligence has quickly become the centerpiece of modern cybersecurity marketing. Many Managed Detection and Response (MDR) vendors now promise "AI SOCs," "autonomous incident response," or fully automated security ...

State of AI Cybersecurity 2026: 92% of Security Professionals Concerned About the Impact of AI Agents

Blog Published: 05/27/2026

The findings in this blog are taken from Darktrace's annual State of AI Cybersecurity Report 2026. AI is already embedded in day-to-day enterprise activity, with 78% of participants in one recent survey reporting that their organizations are using generative AI in at least one business funct...

Understanding the Blast Radius: How Cloud Threat Detection Speeds Up Incident Scoping

Blog Published: 05/29/2026

  TL;DR When a hybrid threat lands, the first question a SOC has to answer isn't “what happened?” It's “how far can this go?” That's the blast radius question — and getting to a fast, accurate answer is the difference between a contained incident and a multi-million-dollar breach. ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
220
221
222
224
226
Last »