Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
FedRAMP Revision 5 Explained

Blog Published: 07/14/2023

Originally published by Schellman. Given its standardized approach to assessing, authorizing, and continuously monitoring cloud services used by federal agencies, the Federal Risk and Authorization Management Program (FedRAMP) has been a critical component of the U.S. government's cloud security ...

Uniting Enterprises for a Safer Future: The Collective Influence of the Cloud Security Alliance

Blog Published: 07/13/2023

As our reliance on digital ecosystems expands exponentially in this era of accelerated digital transformation, so does the need for comprehensive, robust, and adaptive security measures. To mitigate evolving threats, enterprises must not merely stay abreast of the curve but redefine it, perceivin...

Agents vs Agentless: Choosing the Right Security Approach for Your Specialized Cloud Virtual Machine Workloads

Blog Published: 07/13/2023

Originally published by Tenable. Written by John Tonello and Ryan Bragg. You can scan virtual machines for security vulnerabilities in multiple ways depending on what your instances are running, how long they’re up, and whether or not they can run an agent or be accessed with administrative cre...

The Blind Spot of Data Leakage – And What to Do About It

Blog Published: 07/13/2023

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. The premise of cybersecurity is defending against digital threats – malware, hackers, criminal organizations, and the rest. This makes plenty of intuitive sense. Attackers primarily come from the outside,...

Managing Data Explosion with Software-Defined Storage (SDS)

Blog Published: 07/12/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. A New Era of Massive Data Generation The vast amount of data generated on a daily basis by industries and large organizations worldwide is growing at an outstanding rate. Statista forecasts that the total amo...

Day in the Life: Network Operations Manager

Blog Published: 07/12/2023

Originally published by Netography. Written by Mal Fitzgerald, Sales Engineer, Netography. It’s early. I’m crushing only my second large coffee of the day and the four words I never want to hear are being uttered by folks sitting in front of my office: “The network is slow.”History tells me that ...

Why Businesses Struggle to Meet Compliance Requirements

Blog Published: 07/12/2023

Originally published by BARR Advisory. Written by Christine Falk. We recently sat down with Steve Ryan, manager of Attest Services, to discuss his thoughts on why businesses struggle to meet compliance requirements. Here’s what he had to say:Steve, why do you think it’s difficult for businesses t...

Positioning Your Cybersecurity Program for Success

Blog Published: 07/11/2023

Originally published by CAS Assurance. Increasing pressure for success It is not a secret that many organizations are increasing spending on cybersecurity. A research by Enterprise Strategic Group shows that 65% of organizations planned to increase cybersecurity spending in 2023. The research fu...

TechStrong PulseMeter Report: 47% of Organizations Have Limited Awareness of Their Sensitive Data in the Cloud

Blog Published: 07/11/2023

Originally published by Orca Security. Written by Jason Silberman. Organizations are continuing full speed ahead in moving much of their sensitive data to the cloud. Cybersecurity Ventures predicted in 2020 that the total amount of data stored in the cloud will reach 100 zettabytes by 2025, o...

Balancing Trust and Security for Business Resilience

Blog Published: 07/11/2023

How global organizations can mitigate insider threats in a hybrid work environment Written by Syam Thommandru, Vice President and Global Head – Strategic Alliances, Product Management, Business Partnerships, Cybersecurity & GRC Services, HCLTech and Anirudh Rautela, Director, Head of Cyber Se...

What Automation Means For Cybersecurity—And Your Business

Blog Published: 07/10/2023

Originally published by Varonis. Written by Yaki Faitelson. In the movie Apollo 13, three astronauts returning to Earth are unaware of their perilous reentry. Back in Houston at Mission Control, chief flight director Gene Kranz (played by Ed Harris) comments on the unfortunate events, saying: "Is...

Can You Have Too Much Security? How to Be in the "Goldilocks" Zone

Blog Published: 07/10/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director, NCC Group. As cyber security consultants, we typically help clients determine where their cyber security gaps lie and how to bridge them. This can include detecting issues with respect to best practices and recommend...

White House Cyber Strategy: Leadership is Now Accountable

Blog Published: 07/10/2023

Originally published by Coalfire. Written by Jose Vasquez, Security Solutions Architect, Coalfire. The National Cybersecurity Strategy represents one of the most significant market-driving forces in the history of IT. It ushers in a new era of standards, requirements, and best practices that will...

Security Guidance from the Front Lines of Cloud Incident Response

Blog Published: 07/07/2023

Originally published by CrowdStrike on June 15, 2023. In our first-ever Cloud Threat Summit, CrowdStrike’s Senior Vice President of Intelligence and Senior Director of Consulting Services discussed the most common ways adversaries breach the cloud and the steps organizations can take to stay safe...

The LastPass Breach is a Wake Up Call for Cloud Data Security

Blog Published: 07/07/2023

Originally published by Dig Security. Written by Ofir Shaty and Ofir Balassiano. For many LastPass employees – from software engineers to C-level executives – the last few months have been hell. Since December, the company has been embroiled in what’s shaping up to be a major data security scanda...

White House National Cybersecurity Strategy – Key Takeaways

Blog Published: 07/07/2023

Originally published by DigiCert. Written by Mike Nelson. Earlier this month, the White House released their National Cybersecurity Strategy, demonstrating a heightened focus in the highest levels of government on securing our digital interactions, which, as we’ve seen with recent attacks on crit...

I’ve Just Bought Zero Trust, Now What?

Blog Published: 07/06/2023

Originally published by CXO REvolutionaries. Written by Brett James, Director, Transformation Strategy, Zscaler. What does “buying zero trust” even mean? You’ve bought into the modern security concepts that governments and industry bodies have been promoting? You’ve received funding and resources...

Proxyjacking Has Entered the Chat

Blog Published: 07/06/2023

Originally published by Sysdig. Written by Crystal Morin. Did you know that you can effortlessly make a small passive income by simply letting an application run on your home computers and mobile phones? It lets others (who pay a fee to a proxy service provider) borrow your Internet Protocol (IP)...

What Does it Mean to Be a Modern App?

Blog Published: 07/06/2023

Originally published by Strata.Written by Ben Robertson, Principal Solutions Architect, Strata Identity.There’s a common thought that if an application speaks industry-leading identity standards, it automatically makes it modern. However, the requirements of apps today go beyond that. How the pro...

Cloud Security: What It Is and How to Implement It to Secure Data, Applications, and Infrastructure

Blog Published: 07/05/2023

Written by Genesio Di Sabatino, Head of Cloud Security, Swascan. The increasing migration of data, applications and infrastructure to new technological environments poses cybersecurity challenges in completely unexplored contexts where cloud security plays a leading role. Here's everything you ne...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
43
44
45
47
49
50
51
Last »