Quantum Readiness Importance: A Comprehensive Guide
Blog Published: 07/03/2024
Written by Ascertia.Digital security is evolving at a blistering pace. The advent of quantum computing represents both a formidable challenge and a significant opportunity. Ascertia recognises the need for businesses to prepare for this technological shift to ensure the integrity of digital ident...
Supremacy of AI in Compliance Services: The Dawn of a New Era
Blog Published: 07/02/2024
Written by Ashwin Chaudhary, CEO, Accedere.In the ever-evolving world of finance and business, compliance has always been a critical pillar. However, the traditional methods of ensuring compliance are becoming gradually more inadequate in the face of growing regulatory complexity and data volumes...
Cloud Security Study: Most Surveyed Organizations Suffered a Cloud-Related Breach Over an 18-Month Period
Blog Published: 07/02/2024
Originally published by Tenable. Written by Diane Benjuya. What issues affect cloud security teams today? How are they tackling these challenges? Which tools do they use to measure success? These are just a few of the questions Tenable sought to answer in its recently published "2024 Cloud Securi...
And now for something completely different… a Cloud Security Alliance RFI
Blog Published: 07/01/2024
This blog is markedly different from any other I have posted on our website. While we have responded to a few Requests for Proposal (RFP) or Requests for Information (RFI) over the past 15 years, the Cloud Security Alliance has never issued one ourselves, until now.Technology is moving at a break...
The Rise of QR Code Phishing Attacks: Exploring Quishing Threats
Blog Published: 07/01/2024
Originally published by Abnormal Security.Bad actors have been using phishing emails to steal sensitive data for three decades. Impersonating a trusted individual or brand and manufacturing a sense of urgency, attackers deceive targets into providing private information like login credentials or ...
Navigating IT-OT Convergence: A Strategic Imperative for Enterprise Success
Blog Published: 07/01/2024
Written by S Sreekumar, VP and Global Practice Head, Cybersecurity, HCLTech and José Grandmougin, Senior Director Consulting System Engineering GSI and OT, Fortinet.In the ever-evolving landscape of digital transformation, the convergence of Information Technology (IT) and Operational Technology ...
AI Data Considerations and How ISO 42001—and ISO 9001—Can Help
Blog Published: 06/28/2024
Originally published by Schellman.While the rapid pace at which artificial intelligence (AI) technology has been both developing and impacting several areas of our daily lives continues, so too do the concerns about the tech’s safety, privacy, and bias. As there’s no stopping the ongoing integrat...
Dumping a Database with an AI Chatbot
Blog Published: 06/27/2024
Originally published by Synack.Written by Kuldeep Pandya.We’re seeing AI chatbots a lot these days. They’re everywhere from Notion to AWS Docs. Many companies have started implementing their AI chatbots either using OpenAI API or a custom AI model.While making these AI chatbots is easy, the utmos...
Cloud Security in 2024: Addressing the Shifting Landscape
Blog Published: 06/27/2024
Written by Thales.As cloud infrastructures become integral to business operations, securing them is climbing the priority ladder for businesses in every sector. In fact, cloud security is a top concern for nearly two-thirds (65%) of security and IT management professionals now, and 72% claim it w...
9 Best Practices for Preventing Credential Stuffing Attacks
Blog Published: 06/26/2024
Written by StrongDM.Online accounts are repositories of sensitive personal information, making it crucial to protect this data from cybercriminals. As credential stuffing attacks become more frequent, it's essential to stay one step ahead of attackers to ensure the security of your employees' and...
AI is Now Exploiting Known Vulnerabilities - And What You Can Do About It
Blog Published: 06/26/2024
Originally published by Dazz.In a recent study from the University of Illinois Urbana-Champaign (UIUC), researchers demonstrated the ability for Language Learning Models (LLMs) to exploit vulnerabilities simply by reading threat advisories. While some are arguing that the sample size was rather s...
AI Deepfake Security Concerns
Blog Published: 06/25/2024
In light of the most revolutionary technology ever introduced, CSA’s SECtember.ai conference will feature three days of insightful sessions and active discussions about navigating the future of AI and cloud security. SECtember.ai will take place on September 10-12, 2024 at the Meydenbauer Center ...
Building Security Around Human Vulnerabilities
Blog Published: 06/25/2024
Written by Benjamin Corll, CISO in Residence, Zscaler.Why are organizations spending money on cybersecurity solutions when studies show 88% of data breaches are caused by human mistakes? If you’re a cybersecurity leader you have probably heard some variation of this question from people skeptical...
How a CNAPP Can Take You from Cloud Security Novice to Native in 10 Steps
Blog Published: 06/25/2024
Originally published by Tenable. Written by Shai Morag. Security professionals are used to protecting on-premises resources, but the cloud is more complex than on-prem – especially in multi-cloud environments. Meanwhile, breaches are happening at a furious pace. The new Tenable 2024 Cloud S...
SEC Clarifies Rules on Disclosure of Cybersecurity Incidents: Here’s What You Need to Know
Blog Published: 06/25/2024
Originally published by BARR Advisory.The Securities and Exchange Commission (SEC) recently published updated guidance for public companies on how and when to disclose cybersecurity incidents.Issued as a follow-up to new rules adopted by the commission last year, the updated guidance is intended ...
CSPM vs ASPM – What’s the Difference?
Blog Published: 06/24/2024
Written by Josh Dreyfus, Director of Product Marketing, ArmorCode.The software security space moves fast, and new acronyms pop up like weeds. Many of them sound similar, even if they do very different things. Take CSPM (Cloud Security Posture Management) and ASPM (Application Security Posture Man...
Dmitri Alperovitch’s Vision for Cyber Defense
Blog Published: 06/24/2024
Originally published by Automox.Episode SummaryIn this episode of the CISO IT podcast, host Jason Kikta interviews Dmitri Alperovitch, author of the book 'World on the Brink' and chairman of Automox's board. They discuss the evolution of IT and cybersecurity over the past few decades, the importa...
Do SOC 2 and ISO 27001 the Right Way with CSA STAR
Blog Published: 06/21/2024
At the CSA Cloud Trust Summit 2024, CSA’s CEO Jim Reavis gave the presentation “Do SOC 2 and ISO 27001 the right way with CSA STAR.” In this condensed transcript of the presentation, Jim provides an overview of the SOC 2 and ISO 27001 frameworks and how they relate to the CSA STAR program. You ca...
AI Resilience & Diversity
Blog Published: 06/20/2024
Written by Dr. Chantal Spleiss, Co-Chair of the CSA AI Governance and Compliance Working Group. Resilience is often thrown around as a buzzword, but its true definition can be quite elusive. In this blog, I'll explore the three pillars of AI resilience: robustness, resilience, and plasticity. ...
EU AI Act Introduces Unique Tiered System for Risks
Blog Published: 06/20/2024
Originally published by Truyo.With the full text of the EU AI Act made public, Truyo President Dan Clarke read through the Act in its entirety to identify key elements that will be crucial to compliance for organizations in scope. The Act includes the conventional components of transparency, priv...
