Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
The Common Cloud Misconfigurations That Lead to Cloud Data Breaches

Blog Published: 10/11/2023

Originally published by CrowdStrike. The cloud has become the new battleground for adversary activity: CrowdStrike observed a 95% increase in cloud exploitation from 2021 to 2022 and a 288% jump in cases involving threat actors directly targeting the cloud. Defending your cloud environment requir...

What to Look for (And Avoid) with Zero Trust Solutions

Blog Published: 10/11/2023

Originally published by CXO REvolutionaries. Written by Sanjit Ganguli, VP & CTO in Residence; Nathan HoweVP, Emerging Technology & 5G; and Daniel Ballmer, Senior Transformation Analyst, Zscaler. Zero trust architecture is part of a transformation journey that involves both technology and...

Moving Past MOVEit

Blog Published: 10/10/2023

Originally published by Coalfire. Written by Priti Patel, Security Consultant, FedRAMP/NIST Advisory and Dr. Stephanie Carter, Principal, FedRAMP Advisory Services. The MOVEit hack resembles successful cyberattacks from the past, leading us to ask if federal agencies and contractors are using all...

Top 5 Cybersecurity Trends in the Era of Generative AI

Blog Published: 10/06/2023

The landscape of cybersecurity is undergoing a seismic shift in the era of Generative AI (GenAI), redefining the frameworks and paradigms that have traditionally been in place. With the increasing deployment of GenAI technologies, we're stepping into an age where security measures need to be as d...

Architecting Cloud Instrumentation

Blog Published: 10/05/2023

Originally published by Sysdig.Written by Daniel Simionato. Architecting cloud instrumentation to secure a complex and diverse enterprise infrastructure is no small feat. Picture this: you have hundreds of virtual machines, some with specialized purposes and tailor-made configurations, thousands ...

The 5 SOC 2 Trust Services Criteria Explained

Blog Published: 10/05/2023

Originally published by BARR Advisory. Written by Christine Falk. So what goes into a SOC 2 report, anyway?There are five trust services criteria (TSC) that can be included in a SOC 2 report: security, availability, confidentiality, processing integrity, and privacy. Amanda Parnigoni, senior cons...

Insider Risk Management and IP Security: If It Were Easy, Everyone Would Be Doing It (Well)

Blog Published: 10/04/2023

Originally published by Code42.Written by Eric Ewald, Insider Risk Lead, Cyber Technology Solutions Group, Booz Allen Hamilton. Current challenges & risksAt this point, we can all admit that Insider Risk Management and IP security programs are difficult for many organizations to operationaliz...

From Compliance to Confidence: SEC’s New Cybersecurity Rules

Blog Published: 10/04/2023

Originally published by BigID. Written by Neil Patel, Director of Product Marketing, BigID. SEC’s New Cybersecurity RegulationThe Securities and Exchange Commission (SEC) has adopted new rules that require companies to disclose material cybersecurity incidents and information about their cybersec...

The Impact of Blockchain on Cloud Security

Blog Published: 10/03/2023

Written by Sayali Paseband, Senior Security Consultant, Verisk. We live in an era where cloud computing has become the backbone of all our business operations. Ensuring the security of data and transactions in the cloud has become more important than ever. Cyberattacks and data breaches are perva...

Protect Data Security When Deploying LLMs

Blog Published: 10/03/2023

Originally published by Dig Security. Written by Sharon Farber. Large language models (LLMs) and generative AI are undoubtedly the biggest tech story of 2023. These technologies, which power OpenAI’s headline-dominating ChatGPT, are now broadly available to be used as building blocks for new soft...

The Booming Demand for Cybersecurity & Cloud Professionals

Blog Published: 10/03/2023

Written by Ashwin Chaudhary, CEO, Accedere.IntroductionIn today's increasingly digital world, where almost every organization is transitioning to the cloud, the demand for cybersecurity and cloud security training has never been greater. With the rapid advancement of technology and the ever-prese...

Connected Third-Party Applications Widen Attack Surface Area

Blog Published: 10/02/2023

Originally published by Abnormal Security. Written by Jade Hill. Inbound email attacks are a mainstay for cybercrooks, but criminals are shifting tactics to exploit third-party applications as a new method for gaining entry into an organization’s email environment. This is getting easier due to t...

Empowering Financial Transformation: The Significance of GRC Solutions for BFSI and vCISOs

Blog Published: 10/02/2023

Written by Anand Srinivasan, AuditCue. In an era marked by rapid digital transformation and evolving cybersecurity threats, the financial sector faces unprecedented challenges. Banks, mortgage institutions, and virtual Chief Information Security Officers (vCISOs) play pivotal roles in safeguardin...

What is Zero Trust Security?

Blog Published: 09/29/2023

Written by the CSA Zero Trust Working Group. Zero Trust, as defined by NIST, is a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromise...

The Cloud Flaw Magnification Effect

Blog Published: 09/29/2023

Originally published by Dazz.Written by Barak Bercovitz, Director of Innovation, Dazz. Cloud Development is Becoming More AutomatedCompanies are developing software in the cloud in a big way. Cloud tools and continuous integration processes help developers write, compile, and test their code, and...

A Mindset Shift for Cloud Security Resilience: Assume Breach

Blog Published: 09/29/2023

Originally published by MitigaWritten by Ariel Parnes. Cloud environments offer tremendous advantages in agility, scalability, and cost efficiency. However, their dynamic nature also introduces new security challenges compared to traditional on-premises IT. To build true resilience for the inevit...

Compliance Options for Healthcare Business Associates (and Why You Need Them)

Blog Published: 09/28/2023

Originally published by Schellman. Service providers—e.g., SaaS, IaaS, PaaS—are currently seeing significant growth in the healthcare vertical, where they’re classified as “business associates” to the healthcare providers, insurers, and clearinghouses that are collectively referred to as “covered...

The Consequences of Expired Payment Info

Blog Published: 09/28/2023

Originally published by TokenEx. Written by Valerie Hare. Ecommerce businesses lose $18 billion in sales revenue every year due to cart abandonment. 30 percent of shoppers will abandon their cart if they have to re-enter their credit card details. Since most credit cards expire after three to fi...

Cloud Controls Matrix (CCM) Now Mapped to OpenCRE, Cloud Security Alliance Announces

Press Release Published: 09/28/2023

Mapping serves to strengthen security landscape by cross-linking CCM to multiple other standards in one repositorySEATTLE – Sept. 28, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a sec...

Reducing IT Complexity with Cloud Options

Blog Published: 09/28/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. AbstractToday’s business landscape is constantly changing in response to digital transformation. Against this backdrop, efficient and cost-effective IT infrastructure, namely cloud computing, is critical to gi...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
28
29
30
32
34
35
36
Last »