Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

All Articles
Unleashing Intelligence: Transforming NetFlow and Flow Log Data into Actionable Intelligence

Blog Published: 08/29/2023

Originally published by Netography. Written by Tom Dixon, Senior Field Engineer, Netography. In our modern digital landscape, organizations are drowning in an ocean of data. This is because raw data in isolation lacks meaning and utility, and actually acts to add more hay to the proverbial haysta...

Common Mistakes Businesses Make When it Comes to PCI Compliance and Guidance on How to Avoid Them

Blog Published: 08/28/2023

Originally published by CyberGuard Compliance. Written by Eric Hilden. Payment Card Industry Data Security Standard (PCI DSS) compliance is essential for businesses that handle credit card information. Compliance with PCI DSS ensures that businesses maintain a secure environment for cardholder da...

Learn Zero Trust Principles and Strategy: CSA’s Zero Trust Training Program

Blog Published: 08/28/2023

We first heard the rumblings of Zero Trust (ZT) in the early 2000s, but only in the last few years has it truly taken off and entered the cybersecurity zeitgeist. CSA’s Zero Trust training series will give you the knowledge and skills necessary to actually implement a ZT strategy and reduce syste...

Into the Abyss: How a Dark Web LLM Could Enhance Our Cybersecurity

Blog Published: 08/28/2023

Originally published by CXO REvolutionaries. Written by Kyle Fiehler, Senior Transformation Analyst, Zscaler. Amid nuanced debate about whether AI will save the world or rise to kill us all, why train a large language model (LLM) on roughly 6.1 million pages of dark web content?Research, says one...

Cloud Controls Matrix: How to Secure Your Journey to the Cloud

Blog Published: 08/25/2023

Originally published by Contino. Written by Kevin Davies. If you’re in a highly regulated industry, it can be hard to embrace all the possibilities that cloud computing can offer while still maintaining control of your data assets in the public cloud. That’s why it’s vital to have security corner...

Financial Services Knows It Needs to Do More to Protect Data in the Cloud

Blog Published: 08/25/2023

Originally published by Skyhigh Security. Written by Rodman Ramezanian, Global Cloud Threat Lead, Skyhigh Security. With hybrid work here to stay, the financial services industry is adapting to the increased risks associated with the enablement of a remote workforce. Much progress has been made, ...

Zero Trust and AI: Better Together

Blog Published: 08/24/2023

Written by Chris Hogan, Vice President, Enterprise Security Architecture and Innovation, Mastercard. For the better part of 2023, the spotlight has been captured by the strides of Artificial Intelligence (AI) and the increased availability of Generative AI (GenAI). Several organizations that were...

Cloud Native Application Protection Platforms: Key Findings & Challenges from the CSA Survey

Blog Published: 08/24/2023

With organization cloud environment complexity increasing year-to-year, monitoring, detecting, and preventing threats and vulnerabilities in the cloud has also become an even greater challenge. Coupled with the proliferation and fragmentation of security tools, security teams are facing an increa...

Cloud Security Alliance Survey Finds Complexity of Multi-cloud Environments Driving Use of Cloud Native Application Protection Platforms

Press Release Published: 08/24/2023

Platforms have emerged as critical security tool due to their ability to consolidate the capabilities of many security tools currently deployed by organizationsSEATTLE – Aug. 24, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certificat...

What is Edge Computing and Why is it Important?

Blog Published: 08/24/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. We are in the midst of a digital transformation era, and more than ever before, enterprises of all sizes are investing heavily in data-driven artificial intelligence/machine learning (AI/ML) processes. These h...

Learn All About CSA STAR at CSA’s Annual Cybersecurity Conference

Blog Published: 08/23/2023

The Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) program is the most complete and largest cloud assurance program in the world that constitutes an ecosystem of the best practices, standards, technology, and auditing and consulting partners. The foundation of CSA STAR,...

Fighting Fire with Fire: Ethical Hacking & Penetration Testing

Blog Published: 08/23/2023

Originally published by ThreatLocker.Introduction Building a successful defense begins with understanding your enemy. For businesses operating in today’s digital world, hackers are the enemy. These adversaries are often faceless, elusive, well-funded, creative, persistent, and smart. They attac...

The Power of Audit Logs: Critical Lessons from the Recent Storm-0558 Threat

Blog Published: 08/23/2023

Originally published by Obsidian Security on July 25, 2023. Earlier this month, Microsoft and CISA reported the discovery of a recent advanced persistent threat (APT), Storm-0558, which gained access to Exchange and harvested corporate emails. The threat actor group responsible managed to gain ac...

New Research Suggests Unseen Benefits of DevSecOps

Blog Published: 08/22/2023

Written by Tim Chase, Global Field CISO, Lacework. DevSecOps continues its ascent in cybersecurity. The “better together” story of integrating security as early as possible in the development process continues to prove true — and people continue to buy in. Even those that haven’t yet adopted thes...

Cloud Defense in Depth: Lessons from the Kinsing Malware

Blog Published: 08/22/2023

Originally published by Sysdig. Written by Nigel Douglas. In the face of persistent data breaches and escalating cyber threats, organizations are compelled to prioritize cloud defense in depth. These measures are indispensable for protecting critical assets and upholding the integrity of cloud-ba...

Zero Trust is a Never-Ending Journey, Not a Ready-Made Solution

Blog Published: 08/22/2023

Written by Aaron Cockerill, Chief Security Officer, Lookout. Nearly all organizations are struggling with how to stay in control as their data migrates to the cloud and users connect from anywhere. The answer, they’ve been told, is zero trust. Zero trust starts from the premise that an organizati...

Five Core Principles for Hybrid Cloud Security: How To Build an Effective, Scalable and Affordable Strategy

Blog Published: 08/21/2023

Originally published by Tenable. Written by Tom Croll, Advisor at Lionfish Tech Advisors. As organizations shift on-premises workloads to public cloud platforms, their perimeter defense boundaries dissolve, creating cloud sprawl and thorny security challenges. To protect these new borderless, hyb...

Insider Threat: An Enemy in the Ranks

Blog Published: 08/21/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director and Jared Snyder, Security Consultant, NCC Group. Recently, an attempt by a Russian crime syndicate to subvert a Tesla employee to plant ransomware in the company’s systems made the news. Thankfully, the employee was ...

Cyberspace: From Asymmetric Warfare Arena to Tool of State

Blog Published: 08/21/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. "In the midst of chaos, there is also opportunity." -Sun TzuWe are living in a world where cyber capabilities are a de facto strategic asset for nations, an integral part of their policy, and a critical too...

Navigating IAM Challenges for Data Protection and Access Control

Blog Published: 08/19/2023

Written by the Identity and Access Management Working Group. In today's fast-paced technological landscape, where businesses rely heavily on the cloud, Identity and Access Management (IAM) emerges as a linchpin in securing data and resources. As organizations transition their operations to the cl...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.