Cloud 101CircleEventsBlog
Missed CSA's Cyber Monday sale? You can still get 50% off the CCSK + CCZT Exam & Training Bundle and Token Bundle with raincheck code 'rcdoubledip24'

All Articles

All Articles
Shadow AI Prevention: Safeguarding Your Organization’s AI Landscape

Blog Published: 10/24/2024

Written by CSA's AI Organizational Responsibility Working Group.In today’s rapidly evolving technological landscape, the rise of Shadow AI poses a significant challenge to organizations. Shadow AI refers to unauthorized or undocumented AI systems within an organization, which can compromise secur...

How to Simulate Session Hijacking in Your SaaS Applications

Blog Published: 10/24/2024

Originally published by AppOmni.Written by Justin Blackburn, Sr. Cloud Threat Detection Engineer, AppOmni.In our recent post on session hijacking, we examined how sessions work and discussed how sessions can be compromised. We also outlined mitigations that practitioners implement to thwart sessi...

The Cybersecurity Landscape in the Benelux Region and Beyond

Blog Published: 10/23/2024

Written by Matthew Robertson, Benelux Cyber Summit Program Manager.In today’s rapidly evolving digital landscape, staying informed is critical. In order to help you stay ahead of the growing cyber threat landscape, we are excited to introduce the Benelux Cyber Summit 2024 Annual Report—an in-dept...

Six Key Use Cases for Continuous Controls Monitoring

Blog Published: 10/23/2024

Originally published by RegScale.Written by Esty Peskowitz.Maintaining a strong security posture and ensuring compliance are critical challenges for organizations. Are you looking for ways to address these challenges more effectively? Continuous Controls Monitoring (CCM) offers an effective solut...

7 Ways Data Access Governance Increases Data ROI

Blog Published: 10/23/2024

Originally published by Normalyze.Written by Vamsi Koduru.Data is the backbone of your organization’s success—fueling informed decision-making, streamlining operations, enhancing customer experiences, and driving innovation. But without proper governance, you may not achieve these benefits. That’...

The Current Landscape of Global AI Regulations

Blog Published: 10/22/2024

Originally published by Truyo.As artificial intelligence (AI) continues to permeate various aspects of our lives, understanding the regulatory frameworks governing its development and application is becoming increasingly important. From the United States to China, different countries are adopting...

Cloud Security Alliance Releases Second Paper Delineating Organizational Responsibilities for Successfully and Ethically Implementing Artificial Intelligence

Press Release Published: 10/22/2024

Paper provides comprehensive, industry-neutral guidelines and best practices for various stakeholders, from CISOs and AI developers to business leaders and policymakersSEATTLE – Oct. 22, 2024 – Driven by the need to address the evolving landscape of Artificial Intelligence (AI) and its associated...

Optimizing Secrets Management to Enhance Security and Reduce Costs

Blog Published: 10/22/2024

Written by Itzik Alvas, Entro Security.Cyber threats are evolving rapidly. Organizations must navigate the delicate balance between robust security measures and cost-efficiency. One critical aspect of this balancing act is Non-Human identities & secrets management; secrets management is how o...

Top Threat #4 - Cloudy with a Chance of Breach: The Cloud Security Strategy Storm

Blog Published: 10/21/2024

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA's Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we'll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whethe...

5 Behaviors for Transforming Your Cybersecurity Leadership

Blog Published: 10/21/2024

Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.As an enterprise cybersecurity leader, your role is pivotal in safeguarding your organization's assets, data, people, and reputation. You likely have a very capable team to help with each of these tasks, ...

File-Sharing Fraud: Data Reveals 350% Increase in Hard-to-Detect Phishing Trend

Blog Published: 10/21/2024

Originally published by Abnormal Security.Phishing has long remained a favorite strategy among cybercriminals, and as security awareness has evolved, so have their tactics. According to our H2 2024 Email Threat Report, which was released today, phishing makes up nearly 72% of all advanced attacks...

Learn How to Conduct a Cybersecurity Audit for the Cloud with These CSA Training Options

Blog Published: 10/18/2024

As cloud adoption continues to reshape the IT landscape, ensuring cloud environments are secure and compliant is critical. However, a cybersecurity audit specific to cloud computing introduces unique challenges, given the complexities of shared security responsibilities between cloud providers an...

Emulating Cryptomining Attacks: A Deep Dive into Resource Draining with GPU Programming

Blog Published: 10/18/2024

Originally published by Pentera.Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ever to acquire, attackers are looking for ways to profit, which has led to a rise in malicious cryptomining, or cr...

A Look At Strong Password Practices: A Shield For Your Digital Life

Blog Published: 10/18/2024

Written by Abel E. Molina, Softchoice."An ounce of prevention is worth a pound of cure." - Benjamin FranklinIn the digital age, our lives are intricately tied to the online world, from managing finances to sharing moments with loved ones. Yet, with the convenience of the internet comes a signific...

Navigating Cloud Security: A Shared Responsibility

Blog Published: 10/17/2024

Originally published by CyberArk.Written by Alyssa Miles.Each July, my family and I take a road trip from Kentucky back to my hometown in northwestern Pennsylvania to spend time on Lake Erie. As tradition dictates, we stop along I-71 for coffee at a branch of a certain coffee shop, which also hap...

The EU AI Act: A Roadmap for Trustworthy AI

Blog Published: 10/17/2024

Originally published by Vanta.Written by Herman Errico.As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union's Artifici...

An Overview of Microsoft DPR, Its New AI Requirements, and ISO 42001’s (Potential) Role

Blog Published: 10/16/2024

Originally published by Schellman. Within a few months of their latest update to their Data Protection Requirements (DPR) to address a coding incident (version 9.1), Microsoft released a draft or “pre-read” for their version 10 requirements that will be utilized for its Supplier Security and Pri...

Rowing the Same Direction: 6 Tips for Stronger IT and Security Collaboration

Blog Published: 10/16/2024

Originally published by Dazz.The Olympians make it look easy, but make no mistake: rowing is a more difficult sport than meets the eye. Changing conditions in the water and weather, exhaustion, and even a head tilt in the wrong direction can send the boat off course or cause the team to lose time...

How to Leverage Automation Tools to Streamline Your Next Compliance Audit: 3 Tips for Security Teams

Blog Published: 10/16/2024

Originally published by BARR Advisory.Compliance automation tools are designed to assist organizations in streamlining the rigorous demands of cybersecurity frameworks such as SOC 2, ISO 27001, and HITRUST. These platforms can help address the heavy lifting involved in preparing, undergoing, and ...

The Need for Continuous Assurance and Compliance Automation

Blog Published: 10/15/2024

A lot is said about “trust” in our industry, but trust is really a means to an end. For an organization, that “end” is the accomplishment of its mission. To achieve its mission, an organization must have healthy interactions with internal and external actors. Therefore, in this context, trust mea...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.