Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
New Research: Life Sciences Organizations are Ahead of the Curve, but Vulnerabilities Persist

Blog Published: 07/21/2023

Originally published by Code42. Written by Clea Ostendorf. From HIPAA regulations, to lost business opportunities, to stolen IP and trade secrets, organizations in the Life Sciences sector stand to lose a great deal to Insider Risk. Though all sectors are faced with the threat of data loss from i...

Building Business Trust in the Dark Forest of the Internet

Blog Published: 07/21/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. “The universe is a dark forest. Every civilization is an armed hunter stalking through the trees like a ghost, gently pushing aside branches that block the path and trying to tread without sound.” - Cixin L...

Cloud Security Alliance Announces Appointment of Caleb Sima as Chair for AI Safety Initiative

Press Release Published: 07/20/2023

Industry veteran to lead development of CSA’s AI strategy and roadmap SEATTLE – July 20, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announ...

KeePass CVE-2023-32784: Detection of Processes Memory Dump

Blog Published: 07/20/2023

Originally published by Sysdig. Written by Miguel Hernández. During May, a new vulnerability CVE-2023-32784 was discovered that affected KeePass. KeePass is a popular open source password manager which runs on Windows, Mac, or Linux. The vulnerability allows the extraction of the master key in cl...

Preparing for the Quantum-Resistant Cryptography Transition: Identifying Your Organization's Digital Footprint When Crypto is in Everything

Blog Published: 07/20/2023

Originally published by DigiCert on May 11, 2023. Written by Timothy Hollebeek. The impending arrival of post-quantum cryptography (PQC) is exposing what experts in cryptography already knew: crypto is in everything today. Pretty much everything that connects digitally relies on cryptography and ...

Enhancing Cloud Security: Four Vital Practices for Kubernetes Security

Blog Published: 07/19/2023

Originally published by Tenable. Written by Upkar Lidder. In today's rapidly evolving cloud landscape, ensuring robust security measures for Kubernetes environments has become paramount for organizations. While the benefits of cloud-native infrastructure are undeniable, security teams often str...

Top Takeaways from the Gartner® Innovation Insight: Data Security Posture Management

Blog Published: 07/19/2023

Originally published by Laminar. Written by Andy Smith, Chief Marketing Officer, Laminar. According to our recent State of Cloud Data Security Report 2023, 77% of organizations experienced a cloud data breach in 2022. That’s particularly concerning considering that 60% of worldwide corporate data...

Achieving Cloud Data and Compliance: How You Can Make It Work

Blog Published: 07/19/2023

Originally published by Dig Security. Written by Benny Rofman. When it comes to sensitive data, the ‘wild west’ approach that characterized the early 2000s is long gone. Dozens of data protection frameworks have emerged amidst increased regulation and concerns over privacy, security, and identity...

Evaluating Cloud Email Security Solutions

Blog Published: 07/18/2023

Originally published by Abnormal Security. Written by Mick Leach. Email is a significant target for attackers, primarily because it’s used by every member of an organization—from employees and executives to vendors and customers. The information exchanged through email can range from casual conve...

Three Ways Cybercriminals Could Use AI to Harm Your Organization

Blog Published: 07/18/2023

Originally published by ThreatLocker. Introduction The introduction of Generative Artificial Intelligence (AI) tools has elevated the way individuals streamline their day-to-day tasks. AI has proven to be a groundbreaking development in human efficiency and the way people create, structure, and b...

Behind the Breach: Phishing & Token Compromise in SaaS Environments

Blog Published: 07/17/2023

Originally published by Obsidian. Earlier this year, Gartner published a new research report focused on the human component of cybersecurity which explored trends around cybersecurity leadership, challenges with hiring, and attacks targeting individuals. One notable prediction—that by 2025, lack ...

Top 4 Myths About Cybersecurity Compliance Assessors: How to Build a Successful Auditor Partnership That Enables Your Business

Blog Published: 07/17/2023

Originally published by Coalfire. Written by Kylene Bowman, Director, Coalfire.Managing change is a challenge in the marketplace and in the information security industry, so it’s no surprise that enterprises are pressured to adjust and innovate their compliance strategy at the same pace. When aud...

AI is Here: How Should CISOs Respond?

Blog Published: 07/17/2023

AI tools are spreading rapidly and CISOs need to be ready.Originally published by F5. Written by Gail Coury, CISO, F5. IntroductionWith artificial intelligence (AI) use growing in the enterprise, Chief Information Security Officers play a critical role in its implementation and adoption. CISOs ne...

Cloud Security Alliance Cybersecurity Trainings Now Available on the GSA Multiple Award Schedule

Blog Published: 07/14/2023

The Cloud Security Alliance has recently been listed on the GSA Multiple Award Schedule. This achievement required the completion of a formal proposal process and acts as CSA’s calling card as a vetted supplier to do business with the federal government. What is the GSA Multiple Award Schedule...

Implementing Least Privilege in AWS: Strategies for Minimizing Security Risks

Blog Published: 07/14/2023

Written by Abhishek Bansal, Founder, Autharva. Problem StatementIn the dynamic and ever-changing digital landscape, organizations find themselves in a perpetual battle against the looming specter of security breaches and unauthorized access to their most sensitive data. These risks have escalate...

FedRAMP Revision 5 Explained

Blog Published: 07/14/2023

Originally published by Schellman. Given its standardized approach to assessing, authorizing, and continuously monitoring cloud services used by federal agencies, the Federal Risk and Authorization Management Program (FedRAMP) has been a critical component of the U.S. government's cloud security ...

Uniting Enterprises for a Safer Future: The Collective Influence of the Cloud Security Alliance

Blog Published: 07/13/2023

As our reliance on digital ecosystems expands exponentially in this era of accelerated digital transformation, so does the need for comprehensive, robust, and adaptive security measures. To mitigate evolving threats, enterprises must not merely stay abreast of the curve but redefine it, perceivin...

Agents vs Agentless: Choosing the Right Security Approach for Your Specialized Cloud Virtual Machine Workloads

Blog Published: 07/13/2023

Originally published by Tenable. Written by John Tonello and Ryan Bragg. You can scan virtual machines for security vulnerabilities in multiple ways depending on what your instances are running, how long they’re up, and whether or not they can run an agent or be accessed with administrative cre...

The Blind Spot of Data Leakage – And What to Do About It

Blog Published: 07/13/2023

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. The premise of cybersecurity is defending against digital threats – malware, hackers, criminal organizations, and the rest. This makes plenty of intuitive sense. Attackers primarily come from the outside,...

Managing Data Explosion with Software-Defined Storage (SDS)

Blog Published: 07/12/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. A New Era of Massive Data Generation The vast amount of data generated on a daily basis by industries and large organizations worldwide is growing at an outstanding rate. Statista forecasts that the total amo...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
36
37
38
40
42
43
44
Last »