Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
Growing Your Revenue with Card-on-File Tokenization

Blog Published: 06/29/2023

Originally published by TokenEx. Written by Anni Burchfiel. Keeping customer card information on file has a lot of benefits, but many companies are rightfully concerned about the potential security issues storing card information can create. After all, any security breach could reveal cardholder ...

Cloud Security Threats to Watch Out for in 2023: Predictions and Mitigation Strategies

Blog Published: 06/29/2023

Written by Ashwin Chaudhary, CEO, Accedere. As we move forward into the future, cloud computing is expected to become even more universal. With that comes an increased risk of cyber threats that could compromise sensitive data, systems, and networks. Here are some predictions on some of the most ...

Unmasking SaaS Security: Illuminating Insights from the Adaptive Shield-CSA Survey 2023

Blog Published: 06/28/2023

In the increasingly digitalized world, Software as a Service (SaaS) applications play a pivotal role in businesses of all sizes. As these applications become increasingly important so too does the security. This is the basis for Adaptive Shield and CSA's joint annual survey, providing crucial ins...

Movin’ Out: Identifying Data Exfiltration in MOVEit Transfer Investigations

Blog Published: 06/28/2023

Originally published by CrowdStrike. Summary Points Organizations around the globe continue to experience the fallout of the MOVEit Transfer exploit CVE-2023-34362 CrowdStrike incident responders have identified evidence of mass file exfiltration from the MOVEit application, as a result of the we...

CISA’s Cyber Performance Goals for Better Security

Blog Published: 06/28/2023

Originally published by Orca Security. Written by Doug Hudson. Last year, the Cybersecurity and Infrastructure Security Agency (CISA) released its 2022 Cross-Sector Cybersecurity Performance Goals in order to provide guidance for improving cybersecurity across government and private secto...

Launching a Corporate SaaS Security Program

Blog Published: 06/28/2023

Originally published by Obsidian Security. Written by Kelsey Brazill. As organizations increasingly rely on SaaS applications to conduct business, the importance of a thorough SaaS security program cannot be overstated for protecting the business and its sensitive data. Over 30% of busine...

Strong Winds Behind Financial Service Adoption of Cloud (As Long as We Stay Between the Buoys)

Blog Published: 06/27/2023

This month we released the findings from our research into the current use of cloud services by financial service organizations and the data suggests a growing comfort with leveraging the technology to manage critical workloads. In fact, 98% of respondents said their financial company is using cl...

Overcome Cloud Migration Challenges with Professional Cloud Services

Blog Published: 06/27/2023

Originally published by Sangfor Technologies. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. Cloud Migration Challenges are Showstoppers for Cloud Adoption Cloud computing is a major driver of digital transformation. The global cloud computing market is expected to grow from USD$272 bil...

Should You Implement the NIST Cybersecurity Framework?

Blog Published: 06/27/2023

Originally published by Schellman. Anyone who has ever chosen a workout program likely started with the same goal—to improve their physical health or strength. But in exercise, different people will choose to address different things—some may opt for a comprehensive workout like CrossFit, some ma...

Why You Should Use the Principle of Least Privilege to Secure Serverless Applications

Blog Published: 06/27/2023

Originally published by Contino. Written by Mark Faiers, AWS Practice Lead, Contino. Serverless is a really interesting concept—it allows you to build scalable applications while simultaneously reducing your costs and decreasing your management overheads.During my time at Contino, I've helped a r...

Three Cloud Security Use Cases Best Solved With Cloud Governance

Blog Published: 06/26/2023

Originally published by Secberus. Written by Fausto Lendeborg. Maybe you’re migrating to the cloud and about to hire a System Integrator, maybe you’ve recently merged with another business or company and have no idea what’s actually in your cloud, or maybe you are drowning in false positives with...

Situational Awareness for Detection and Analysis: Go with the Flow

Blog Published: 06/26/2023

Originally published by Netography. Written by Martin Roesch, CEO, Netography. When we look at the threat continuum, the preparation of the assets and infrastructure in a modern network to resist an attack, including discovering, configuring, and hardening, requires major investment in tools and ...

HITRUST CSF Assessments: e1, i1, r2—What’s the Difference?

Blog Published: 06/26/2023

Originally published by BARR Advisory. Written by Kyle Cohlmia. HITRUST CSF is the most widely-adopted cybersecurity framework for healthcare organizations in the U.S. HITRUST CSF provides broad assurance for different risk levels and compliance requirements with greater reliability than other as...

Navigating the Top 10 Challenges in Cloud Identity and Access Management

Blog Published: 06/23/2023

Written by Alon Nachmany, CISM and Shruti Kulkarni, CISA, CRISC, CISSP, CCSK of the CSA IAM Working Group. Introduction Identity and Access Management (IAM) is a critical component of cloud security and one that organizations are finding challenging to implement effectively. The rise of cloud com...

A Catastrophic Cyber Event in the Next Two Years. Are You Ready?

Blog Published: 06/23/2023

Originally published by Avanade. Written by Rajiv Sagar. Over the last few years, cybersecurity has become a board-level imperative. Geopolitical instability, ongoing military conflicts, and a wide-spread economic downturn, have all increased cybersecurity threats, which need to be tackled rapidl...

How to Travel (Cyber) Securely This Summer

Blog Published: 06/23/2023

Originally published by DigiCert. Written by Dean Coclin. As the COVID-19 pandemic subsides and travel restrictions globally have been lifted, global tourism is estimated to rise by 30% in 2023. Seeking business and pleasure abroad, the increase of travelers is likely to also draw an increase of ...

Perspectives on AI: A Conversation with Torq's CTO

Blog Published: 06/22/2023

This interview with Leonid Belkind, Co-Founder & CTO, Torq, is the first in a series of many conversations with experts operating at the nexus of artificial intelligence and cybersecurity. AI seems to be the top boardroom topic today according to my network. Heavily hyped topics often confuse...

Passkeys & Zero Trust

Blog Published: 06/22/2023

Written by Dario Salice of the CSA Zero Trust Identity Pillar Working Group. In this article we’re going to discuss how passkeys, based on the FIDO2 standard in combination with WebAuthn (W3C), will allow for passwordless authentication, what benefits they offer, and their current limitations. Pa...

Six Steps to Prepare Your Application Security Team for a Penetration Test

Blog Published: 06/22/2023

Originally published by Coalfire. Written by Dave Randleman, Field CISO, Penetration Testing, Coalfire. This blog post will show step-by-step how an application security team should prepare for a penetration test. Key takeaways: A common misstep in deploying a penetration test is a lack of prepar...

DSPM: The Missing Piece of the Cloud Data Security Puzzle

Blog Published: 06/22/2023

Originally published by Dig Security. Written by Sharon Farber. As organizations increasingly move their data to public cloud environments, the need for robust data security posture management (DSPM) solutions becomes more apparent. With the rapid growth of the number and size of data assets in t...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
38
39
40
42
44
45
46
Last »