Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
Why Lateral Movement Protection is Critical for Best Cybersecurity Practices

Blog Published: 05/22/2023

Originally published by TrueFort. A fortress of protection A castle has many layers of protection. A moat, a vallum, drawbridges, portcullises, gatehouses, barbicans, gates, towers, baileys, and layers of inner and outer walls. All designed to impede the progress of invaders and to prevent them f...

CSA’s Enterprise Architecture: Information Technology Operation & Support

Blog Published: 05/19/2023

Written by CSA’s Enterprise Architecture Working Group. The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects, and risk management professionals to leverage a common set of solutions and controls. It can be used to assess oppor...

Cyber Tetris: Making Security Fall Into Place

Blog Published: 05/18/2023

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. Security is often a thankless job. The only time it makes headlines is when it fails, or things go wrong. No one opens a web browser and pulls up a news feed about companies that have not been breached fo...

5 Benefits of Adding a DSPM Solution to Your Security Stack

Blog Published: 05/18/2023

Originally published by Laminar. Written by Michael Holburn, Solutions Engineer, Laminar. Last year, data security posture management appeared in the Gartner Hype Cycle for the first time. And the hype has only grown bigger since then. But why is DSPM at the forefront of today’s security conversa...

Why Hybrid Cloud Computing Makes Sense for the Healthcare Industry

Blog Published: 05/18/2023

Originally published by Sangfor Technologies. Written by Nicholas Tay Chee Seng, Cloud Chief Technology Officer, Sangfor Technologies. Healthcare is one of the biggest beneficiaries of cloud adoption as it relies on technical innovation by design, and cloud computing has made each aspect of innov...

Understanding the Two Maturity Models of Zero Trust

Blog Published: 05/17/2023

Written by John Kindervag, Senior Vice President, Cybersecurity Strategy, ON2IT Cybersecurity. The top mistake in the Zero Trust world is monolithic thinking. There has become the belief that eating the entire elephant in one bite is possible. Organizations' top mistake is trying to deploy all of...

Chaos in the Cloud: Rampant Cloud Activity Requires Modern Protection

Blog Published: 05/17/2023

Originally published by CrowdStrike. Digital transformation isn’t only for the good guys. Adversaries are undergoing their own digital transformation to exploit modern IT infrastructures — a trend we’re seeing play out in real time as they increasingly adapt their knowledge and tradecraft to expl...

Community Alert: Organized Credential Stuffing Attack Observed on Azure Cloud Environments

Blog Published: 05/17/2023

Originally published by Gem Security on May 5, 2023. Written by Alice Klimovitsky. Over the past few days, researchers at Gem Security have been tracking what appears to be an organized credential stuffing attack playing out on Azure cloud environments. This post serves as a community warning abo...

Millions Wasted on Kubernetes Resources

Blog Published: 05/16/2023

Originally published by Sysdig. Written by Javier Martínez. The Sysdig 2023 Cloud-Native Security and Container Usage Report has shed some light on how organizations are managing their cloud environments. Based on real-world customers, the report is a snapshot of the state of cloud-native in 2023...

Identity in the Cloud is at its Breaking Point

Blog Published: 05/16/2023

Originally published by Strata. The hardest part of identity and access management (IAM) technology is making it work with multi-vendor infrastructure and the growing number of applications that enterprises rely on to get business done. Primarily because the last-mile integration of applications ...

The Internet-Based Threats Putting Your Organization at Risk

Blog Published: 05/15/2023

Originally published by Lookout. Written by Stephen Banda, Senior Manager, Security Solutions, Lookout. The way we connect in the workplace has changed. For one, “the workplace” isn’t just limited to the office anymore, and that means instead of relying on a corporate network, employees are u...

Keeping VIP Emails Safe: Why Your Executives Are Your Largest Security Concern

Blog Published: 05/15/2023

Originally published by Abnormal Security. Written by Mike Britton. Account takeovers are, unfortunately, relatively easy to execute and incredibly difficult for legacy email security solutions to detect. Additionally, once an account has been compromised, it can lead to more costly attacks such ...

The Art of Prioritizing Vulnerabilities: Maximizing Your Defense

Blog Published: 05/12/2023

Written by Alex Vakulov According to FIRST, organizations can eliminate from 5% to 20% of vulnerabilities per month. The average time to fix vulnerabilities is growing. At the same time, according to Skybox Security, there was a 3x increase in the number of vulnerabilities over the past decade. ...

Responding to Insider Risk is Hard. Here Are 4 Things You Need to Do.

Blog Published: 05/11/2023

Originally published by Code42. Written by Meredith Atkinson. Data doesn’t move outside your organization by itself. It’s your employees who move it. Data loss from insiders is a growing concern for organizations. In fact, there was a 32% year-over-year average increase in the number of insider e...

Exploring Challenges and Solutions for API Security

Blog Published: 05/11/2023

Originally published by CXO REvolutionaries. Written by Sanjay Kalra, VP, Product Management, Zscaler. It’s an unfortunate reality that APIs are easy to expose but difficult to defend. By acting as translators between applications, they have become the favored tools for ensuring apps of varied or...

8 Things Healthcare Organizations Can Do to Ensure HIPAA Compliance in the Cloud

Blog Published: 05/11/2023

Originally published by Schellman. “Clouds come floating into my life, no longer to carry rain or usher storm, but to add color to my sunset sky,” said Bengali polymath Rabindranath Tagore. It’s a nice, optimistic sentiment, but if you’re a healthcare provider using the cloud, you’re likely think...

QakBot eCrime Campaign Leverages Microsoft OneNote Attachments

Blog Published: 05/10/2023

Originally published by CrowdStrike. In November 2021[1] and February 2022[2], Microsoft announced that by default it would block Excel 4 and VBA macros in files that were downloaded from the internet. Following these changes, CrowdStrike Intelligence observed eCrime adversaries that had previous...

Four Considerations for Building a Secure and Efficient Hybrid Cloud Enterprise

Blog Published: 05/10/2023

Originally published by Signal Hill. Written by Steve Jones, President and Founder, Signal Hill. Most organizations today are operating within a hybrid cloud environment, where the IT enterprise is made up of both on-prem hardware and public cloud-hosted services. While the public cloud offers s...

Maintaining PCI Compliance when Using Multiple Processors

Blog Published: 05/09/2023

Originally published by TokenEx. Written by Anni Burchfiel. Compliance with PCI DSS 4.0 (the Payment Card Industry Data Security Standard) is a necessary, but complicated, part of accepting payments for your business. Any system that processes or stores cardholder data, including third-party paym...

Data Flow Security: Mitigating the Risks of Continuous Data Movement in the Cloud

Blog Published: 05/09/2023

Originally published by Dig Security. Written by Yotam Ben-Ezra. Executive Summary Data movement is ubiquitous in cloud environments due to diffuse architectural patterns and broad organizational access to data.Uncontrolled data flows can create compliance issues and lead to poor visibility over ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
42
43
44
46
48
49
50
Last »