Cloud 101CircleEventsBlog
The CCSK v5 and Security Guidance v5 are now available!

All Articles

All Articles
The Path to SOC 2 Compliance for Startups

Blog Published: 05/30/2024

I've worked for some notable early-stage startup companies that sought to do business with Fortune 500 companies. I clearly remember the challenges of demonstrating how you can protect their customer data. SOC 2 compliance for startups can be a massive undertaking.When you have a compelling solut...

Level Up Your Security Strategy with Cyber Resilience

Blog Published: 05/30/2024

Originally published by BARR Advisory.Even with strong cybersecurity programs in place, companies can still become victims of a security breach. While it may seem unfair or frustrating, especially if you’ve spent time, money, and energy working to reduce your risk, unfortunately it’s impossible t...

Mastering Least Privilege: Cutting Unused Access

Blog Published: 05/30/2024

Written by StrongDM.It’s an irrefutable fact: You can't defend your total attack surface without visibility into privileged access. The Principle of Least Privilege emphasizes that individuals within your environment should only have the necessary access and permissions essential for their roles....

The Shift to SDP: A Business Imperative for Enhanced Cybersecurity

Blog Published: 05/29/2024

Written by Cetark.A revolution is underway in cybersecurity. As businesses grapple with an escalating wave of cyber threats and the realities of a mobile workforce, the traditional cybersecurity infrastructure, epitomized by Virtual Private Networks (VPNs), is scrutinized. The emerging paradigm? ...

How Cybersecurity and AI Will Influence Global Elections in 2024

Blog Published: 05/29/2024

Originally published by CXO REvolutionaries.Written by Rob Sloan, VP, Cybersecurity Advocacy, Zscaler.2024 is a big year for elections. Dozens of parliamentary and presidential elections take place, including in the United States, the United Kingdom, India, Brazil, Indonesia, and Mexico, and the ...

Cloud Security Assessment Fundamentals in 2024

Blog Published: 05/29/2024

Written by David Balaban.The indisputable benefits of cloud computing for organizations are the tip of the iceberg. Beneath it lies an oft-overlooked multitude of unique threats and vulnerabilities that might erode the environment unless kept in check. The challenges run the gamut from cloud spra...

Unlocking Trust in the Digital Age: The Power of Blockchain Technologies

Blog Published: 05/28/2024

Written by Gökhan Polat, Member of the CSA Blockchain Working Group.Trust serves as the cornerstone of strong human relationships, fostering security, effective communication, cooperation, and emotional intimacy. In today's business landscape, trust is paramount, especially in the digital realm w...

Goodbye PCI DSS 3.2.1. Hello PCI DSS 4.0: 12 Key Changes!

Blog Published: 05/28/2024

Originally published by RegScale.Written by Dan Biewener.As of March 31, 2024, PCI DSS 3.2.1 has been retired—and businesses who process credit card transactions will have until March 31, 2025 to achieve full PCI DSS compliance with the new version 4.0. This update introduces around 60 new requir...

What is ASPM?

Blog Published: 05/28/2024

Written by LingRaj Patil, VP of Marketing, ArmorCode.Application Security Posture Management (ASPM) is a long name for an approach centered around unlocking AppSec visibility across the Continuous Development and Continuous Deployment pipeline. If you are with a software development organization ...

Mastering Secure DevOps with Six Key Strategies

Blog Published: 05/24/2024

Written by the CSA DevSecOps Working Group.Cloud computing has heightened security challenges, with frequent breaches stemming from insecure applications and poor infrastructure. Similarly, as software development speeds up, the complexity and number of attacks and data breaches also rise.Secure ...

Why Do Most Cybersecurity Attacks Occur in Q4?

Blog Published: 05/24/2024

Written by Ashwin Chaudhary, CEO, Accedere.Cybersecurity attacks exhibit intriguing patterns throughout the year. While it’s not universally true that most attacks occur in the last quarter, there are several reasons and notable trends, why cybersecurity attacks tend to increase in the fourth qua...

The Transformative Power of Continuous Threat Exposure Management (Myth or Reality?)

Blog Published: 05/24/2024

Written by Alex Vakulov.The growing dynamics of cyber risks are forcing companies to shift their approach to information security from reactive to proactive. Gartner has introduced a new concept called Continuous Threat Exposure Management (CTEM) to address this. In 2022, Gartner first introduce...

Securing AI-Native Application Workloads with Zero Trust: Preventing LLM Attacks and Poisoning

Blog Published: 05/23/2024

Written by Vaibhav Malik, Global Partner Solutions Architect, Cloudflare. AI-native application workloads are rapidly emerging as the next frontier in artificial intelligence. These workloads leverage advanced AI technologies, such as large language models (LLMs), to enable intelligent and intera...

2024 Report Reveals Hundreds of Security Events Per Week, Highlighting the Criticality of Continuous Validation

Blog Published: 05/23/2024

Originally published by Pentera.Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their dig...

Five Considerations to Keep Your Cloud Secure

Blog Published: 05/22/2024

Originally published by Bell.Written by Jack Mann, Senior Technical Product Manager, Cyber Security, Bell.When you make the shift to the cloud, it’s easy to assume that your cloud service provider – whether that’s AWS®, Microsoft Azure®, Google® Cloud or any another vendor – will keep your data a...

Why the EU AI Act Poses Greater Challenges Than Privacy Laws

Blog Published: 05/22/2024

Originally published by Truyo.In an age bursting with technological advances, the European Union has taken a pioneering step toward shaping the future of Artificial Intelligence (AI) governance. Enter the landmark Artificial Intelligence Act—a comprehensive regulatory framework penned to strike a...

Is Climate Change an Issue for Your ISO Certification?

Blog Published: 05/22/2024

Originally published by Schellman.On February 23, 2024, ISO (along with the International Accreditation Federation (IAF)) published short amendments to all standards aligned with its Harmonized Structure. In the form of new requirement language and one additional note, ISO has now adapted climate...

Priorities Beyond Email: How SOC Analysts Spend Their Time

Blog Published: 05/21/2024

Originally published by Abnormal Security.Written by Mick Leach.In the cybersecurity world, Security Operations Center (SOC) analysts serve as watchful defenders, tasked with the critical mission of fortifying systems against malicious intrusions and swiftly responding to emerging threats. Centra...

Ignoring the Change Healthcare Attack Invites a Cycle of Disaster

Blog Published: 05/21/2024

Originally published by CXO REvolutionaries.Written by Tamer Baker, CTO in Residence, Zscaler.You may recall, in February, Change Healthcare announced that threat actors affiliated with BlackCat/ALPHV had breached their organization. The adversaries executed a ransomware attack affecting critical...

It’s Time to Throw Away the Manual with Evidence Collection

Blog Published: 05/20/2024

Originally published by RegScale.Written by Larry Whiteside Jr.In today’s complex and ever-changing regulatory environment, it is more important than ever for organizations to have a strong compliance program in place. However, manually gathering compliance data can be a time-consuming and ineffi...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.