Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
How to Integrate CSA STAR Level 2 Into Your Compliance Strategy

Blog Published: 12/14/2023

Originally published by BARR Advisory. Written by Kyle Cohlmia. According to the Cloud Security Alliance (CSA), the Security, Trust, Assurance, and Risk (STAR) program encompasses “key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Mat...

IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations

Blog Published: 12/14/2023

Originally published by CrowdStrike.CrowdStrike Counter Adversary Operations has been investigating a series of cyberattacks and strategic web compromise (SWC) operations targeting organizations in the transportation, logistics and technology sectors that occurred in October 2023. Based on a deta...

Resilient Container Security: Why You Need a Preventive Approach

Blog Published: 12/13/2023

Written by Christina DePinto, Product Marketing Manager, Tenable Cloud Security. As organizations move to the cloud, container adoption is skyrocketing. A recent study conducted by Forrester Consulting on behalf of Tenable surveyed 825 IT and cybersecurity pros worldwide1 and found that 32% of o...

The Perils and Protections of Privileged Accounts

Blog Published: 12/13/2023

Written by Alex Vakulov. Privileged users are the Achilles heel of any company. There are specialized IT systems on the market for managing privileged access - PAM (Privileged Access Management). Nowadays, PAM is no longer just about account management; it is a cybersecurity strategy for regulati...

AI at Work: Three Steps to Prepare and Protect Your Business

Blog Published: 12/12/2023

Originally published by Forbes.Written by Yaki Faitelson, Co-Founder and CEO of Varonis. In terms of hype, nothing is hotter than AI right now; blockchain has some weak links, the metaverse isn't singing in this part of the multiverse, and even big data seems small. As the CEO of a leading cybers...

Why Your Public Partners Care About Your Cybersecurity Approach

Blog Published: 12/12/2023

Originally published by CXO REvolutionaries. Written by Kavitha Mariappan, EVP, Customer Experience and Transformation, Zscaler. While the connection between cybersecurity, environmental, social, and governance (ESG) issues, and private companies may not be immediately obvious, they influence one...

Artificial Intelligence Leaders Partner with Cloud Security Alliance to Launch the AI Safety Initiative

Press Release Published: 12/12/2023

Program for responsible, safe and forward-looking research, best practices, education, professional credentialing and organizational certification for generative AI is underwaySEATTLE – Dec. 12, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining stand...

Embed Security from Code to Cloud with Unified CNAPPs

Blog Published: 12/12/2023

Originally published by CSO Online. Written by Giulio Astori, Principal Program Manager, Microsoft Security. A decade ago, most companies relied on individual point solutions to secure specific aspects of their cloud environment. They might have one solution for vulnerability management, another ...

Natural Disasters: A Perfect Storm for Data Breaches

Blog Published: 12/11/2023

Written by Rocco Alfonzetti, CCSK, CCAK, CDPSE, Security Officer at Paperclip, Inc. and Member of the CSA Data Security Working Group. The recent wildfires on Maui have had a devastating impact on the island, both in terms of human life and property damage. However, the fraud implications of thes...

Why Cloud-Forward Tech Teams Need to Abandon Traditional IAM and PAM

Blog Published: 12/11/2023

Originally published by Britive.Most modern tech teams are aware that the cloud has become the backbone of innovation, scalability, and agility. However, with great power comes great responsibility, particularly when it comes to securing cloud resources and data. This is precisely where Identity ...

Biden’s “Sweeping” AI Executive Order is Here. Is the Cybersecurity Industry Ready?

Blog Published: 12/08/2023

Originally published by Synack on October 31, 2023. Written by Katie Bowen, Vice President, Public Sector, Synack. President Biden made his biggest move yet on artificial intelligence this week, issuing an executive order that trains the full scope of the administration’s authority on emerg...

Compromising Identity Provider Federation

Blog Published: 12/08/2023

Originally published by CrowdStrike. CrowdStrike’s Incident Response team has seen a recent increase in cases involving adversaries that abuse identity provider federation to gain access to protected services by adding and authorizing rogue domains to federation. From these cases, patterns have e...

Are You a Fit for CSA’s Advanced Cloud Security Practitioner (ACSP) Training?

Blog Published: 12/07/2023

Over a decade ago, there was a significant lack of cloud security skills and knowledge within the industry. We developed the CCSK+ training class as a “101” level training to help security professionals move into the world of cloud computing and gain an understanding of cloud fundamentals. The C...

The Road to Autonomous Cloud Security Remediation

Blog Published: 12/07/2023

Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz. Back in the data center days, a typical enterprise had one or two applications and one or two engineering teams to deploy them. When there was a vulnerability, an engineer could simply log into a server and fix it...

A Recap of Recent Cybersecurity Incidents at Universities

Blog Published: 12/07/2023

Originally published by Schellman. When considering cybersecurity, many may first think of cutting-edge tech companies. Healthcare providers may spring to mind for others and government agencies for still others. But strong cybersecurity—if it’s not already—is becoming paramount in every sector, ...

11 Attacks in 13 Months: The New Generation of Supply Chain Attacks

Blog Published: 12/06/2023

Originally published by Astrix. Written by Dana Katz. A new generation of supply chain attacks has been rising in recent years. In such attacks, hackers abuse third-party & internal non-human access as a means of accessing core business systems. While many conversations about supply chain sec...

Why CISOs Are Investing in AI-Native Cybersecurity

Blog Published: 12/06/2023

Originally published by Abnormal Security. Written by Mick Leach. Artificial intelligence is full of promise. By leveraging machine learning to replicate human intelligence, AI has considerable potential to make our lives easier by empowering us to simplify and even automate complex tasks.But as ...

What are the Keys to Success with SOC 2 Reporting?

Blog Published: 12/05/2023

Originally published by MJD.Q: What are the keys to success with SOC 2 Reporting?A: MJD AnswerIt’s natural to feel pressure from your organization's SOC 2 exam. There are people counting on it, the expectations are not always clear, and the idea of potential “failure” will always introduce stre...

The Top 3 SaaS Security Challenges

Blog Published: 12/05/2023

Originally published by Suridata.Written by Haviv Ohayon, Co-Founder & COO, Suridata.Software-as-a-Service (SaaS) applications present a number of potentially serious security challenges. The risks posed by SaaS arise out of a combination of factors. For one thing, SaaS is popular, with most ...

A Seven Step Approach to IoT Security

Blog Published: 12/05/2023

Written by Ravishankar (Ravi) Chamarajnagar, Chief Product Officer, AppViewX. The Internet of Things (IoT) revolution has transformed the world with everything from our smart homes and wearables to industrial automation and the potential of smart cities. According to IoT Analytics, active IoT end...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
23
24
25
27
29
30
31
Last »