Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
The Cloud Monitoring Journey

Blog Published: 04/18/2023

Originally published by Sysdig. Written by Emanuela Zaccone. Monitoring is not a goal, but a path. Depending on the maturity of your project, it can be labeled in one of these six steps of the cloud monitoring journey. You will find best practices for all of them and examine what companies get fr...

A Case for Cyber Resilience

Blog Published: 04/18/2023

Originally published by Rubrik on March 28, 2023. Written by Bipul Sinha. Last month, The White House introduced a new National Cybersecurity Strategy for the first time since 2018. The landscape has changed rapidly over the past five years – a lifetime in cyber. Yet one thing remains constant, t...

ISF to Map its “Standard of Good Practice” with Cloud Security Alliance Controls Matrix

Press Release Published: 04/18/2023

Responding rapidly to mounting risks with ready-made frameworks of security controls designed to mitigate known and unknown threats and challengesLONDON – April 18, 2023: The Information Security Forum (ISF), an independent, not‑for‑profit cybersecurity association with 500+ corporate members, to...

The Best Way to Improve Your Cyber Security? Outline Where You Are Now and Roadmap to Your Target State.

Blog Published: 04/18/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director, NCC Group. As anyone working in cyber security knows, 100% threat prevention/mitigation is a myth. One question we hear time and time again is, “how much security is enough?” There are so many different ways to answe...

Tackling the Four Horsemen with Modern Data Security

Blog Published: 04/17/2023

Originally published by Symmetry Systems. Written by Claude Mandy. Chief Information Security Officers are tasked with preparing their organizations and themselves for any number of impending apocalypse scenarios. Whether it’s ransomware, a phish, or an insecure API resulting in a career-ending d...

How to Mitigate Risks When Your Data is Scattered Across Clouds

Blog Published: 04/17/2023

Originally published by Lookout. Written by Sundaram Lakshmanan, CTO of SASE Products, Lookout. Cloud applications have opened up limitless opportunities for most organizations. They make it easier for people to collaborate and stay productive, and require a lot less maintenance to deploy, wh...

A Fool With a Tool is Still a Fool: A Cyber Take

Blog Published: 04/17/2023

Originally published by CXO REvolutionaries and Dark Reading. Written by Tony Fergusson, CISO - EMEA, Zscaler. New tech often requires new thinking — but that's harder to install Here's a provocative question: Is it possible, given the vast array of security threats today, to have too many securi...

The Importance of Zero Trust for Financial Services

Blog Published: 04/14/2023

With the 2023 RSA conference just around the corner, I am reminded that many of my first learnings about emerging security concepts came from the time at this event. In fact, it was at RSAC that I first began to explore how to secure data within cloud computing and the concept of ‘zero trust’.Si...

What is the New National Cybersecurity Strategy?

Blog Published: 04/14/2023

Originally published by Schellman. Throughout history, warfare has evolved. The Romans did it one way, the Vikings did it another—Sun Tzu, Richard the Lionheart, and the Allied forces all had different tactics that forced opponents to adjust their defenses and strategies.Now in the modern technol...

When Instant Messaging Goes Rogue: Safeguarding Your Corporate Communication Channels

Blog Published: 04/14/2023

By Alex Vakulov Six million dollars for two errors in the code. This is the amount that the Israeli company Aurora Labs paid to white hackers - cyber security specialists who test the reliability of IT systems. Thanks to the white hats, the company discovered critical bugs in the infrastructure t...

Top Cloud Security Challenges in 2023

Blog Published: 04/14/2023

Originally published by InsiderSecurity. Cloud adoption is speeding up in 2023, with Gartner estimating the worldwide spending on public cloud services to grow by 20% from 2022. This has beaten the initial forecasts of 18% for cloud growth, showing the high demand for public cloud services despit...

Containing Compromised EC2 Credentials Without (Hopefully) Breaking Things

Blog Published: 04/13/2023

Originally published by FireMon. Written by Rich Mogull, SVP of Cloud Security, FireMon. TL;DR: There are multiple techniques for containing compromised instance credentials. The easy ones are the most likely to break things, but there are creative options to lock out attackers without breaking a...

Cloud Security and Encrypted OT Traffic: Safeguarding Critical Infrastructure

Blog Published: 04/13/2023

Written by Keith Thomas, Principal Architect, AT&T Cybersecurity Consulting. As Operational Technology (OT) systems increasingly connect and use cloud-based services for daily operations, securing the encrypted traffic between OT systems and the cloud is crucial. This article provides an unde...

Three Ways to Help Your Organization Adopt a Secure by Default Mindset

Blog Published: 04/13/2023

Originally published by Contino. Written by Jim Curtis, Principal Consultant, Contino. The Secure by Default approach is designed to make security a core feature of software development, rather than an afterthought. But security takes more than software, so how can you factor security awareness i...

Examining Zero Trust From a Policy Perspective: Four Themes for CXOs

Blog Published: 04/12/2023

Originally published by CXO REvolutionaries. Written by Brett James, Director, Transformation Strategy, Zscaler. In many ways, an enterprise zero trust transformation is more about policy change than technology, an idea that may seem foreign to insiders contemplating change in the IT industry.It’...

Securing PostgreSQL from Cryptojacking Campaigns in Kubernetes

Blog Published: 04/12/2023

Originally published by CrowdStrike. PostgreSQL misconfiguration allows running shell commands on the underlying OS with the “COPY” SQL command and “pg_execute_server_program” role Kubernetes ingress can allow access to the PostgreSQL service, which can be targeted by the attackers to comprom...

Cloud Security Alliance Summit at RSA 2023 to Delve Into Lessons Learned as Cloud Becomes Leading Platform for Mission-Critical Business Systems

Press Release Published: 04/12/2023

Register today for RSA Conference’s premier thought-leadership eventSEATTLE – April 12, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announc...

Shadow Data is Inevitable, but Security Risks Aren’t

Blog Published: 04/12/2023

Originally published by Dig Security. Written by Benny Rofman. Shadow data is unavoidable. It’s always been around, but the move to the cloud and the push towards data democratization have made it far more common. It’s never been easier to create shadow data assets, and employees have an incentiv...

Trust, but Verify (Your Third-Party Vendors)

Blog Published: 04/11/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director, NCC Group. As far back as 2010, Google estimated that more information was being created every two days than had existed in the entire world from the dawn of time to 2003. Granted, a lot of this information included ...

Four Ways You Can Lose Your Data

Blog Published: 04/11/2023

Written by Ravi Ithal, Cofounder and Chief Technology Officer, Normalyze. Originally published by Forbes. Losing your data does not mean accidentally dropping it on the ground. Everyone knows data is vital to the organization, and entities spend big on protecting the “oil” of modern business. My ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
45
46
47
49
51
52
53
Last »