Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

All Articles
Everything You Need to Know About the Proposed SEC Cybersecurity Reporting Requirements

Blog Published: 06/09/2023

Originally published by BARR Advisory. Written by Claire McKenna. Last year, the Securities and Exchange Commission (SEC) proposed new rules to enhance and standardize cybersecurity risk management, strategy, governance, and incident reporting disclosure practices by public companies and other ma...

Top 10 Challenges of Building an In-House Application Security Program

Blog Published: 06/09/2023

Originally published by Coalfire. Written by Dave Randleman, Field CISO, Penetration Testing, Coalfire. Developing an in-house application security programMany businesses traditionally choose to build in-house application security (AppSec) programs to ensure they have complete control over their ...

Using ChatGPT for Cloud Security Audits

Blog Published: 06/08/2023

Written by Ashwin Chaudhary, CEO, Accedere. ChatGPT is an artificial intelligence chatbot developed by Open AI and released in November 2022. The GPT (Generative Pre-trained Transformer) series of language models, including GPT-3, is a stateof-the-art technology developed by Open AI for natural l...

Leveraging Sustainable Technology for ESG Compliance

Blog Published: 06/08/2023

Originally published by Sangfor Technologies. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. The ESG framework will encourage more organizations to adopt sustainable and renewable practices necessary to address global climate change. However, achieving the COP21 Paris Agreement's net-zero...

Why are Organizations Struggling with IAM Projects?

Blog Published: 06/08/2023

Originally published by Avanade. Written by Martijn Zantinge. According to research, the number of identity & access management (IAM) projects that don't achieve their initial goals is alarmingly high. I know very few other solution areas within IT that have such a poor track record when it c...

CSA STAR Certification – Q&A Session

Blog Published: 06/07/2023

Originally published by MSECB. 1. What is the CSA STAR Certification?The CSA STAR (Security, Trust, and Assurance Registry) Certification is a program launched by the Cloud Security Alliance (CSA) in 2011 that provides independent third-party assessment and certification of the security measure...

AWS Strengthens Security with Default Encryption on S3, Is Your Data Fully Protected?

Blog Published: 06/07/2023

Originally published by Dig Security. Written by Sharon Farber. Executive summary As with any change to security policy, it’s important to consider it in the context of the shared security model. The ultimate responsibility for protecting sensitive data rests on the customer, rather than the clou...

Is Your Data Leaking via ChatGPT?

Blog Published: 06/07/2023

Originally written and published by Code42. In November 2022, OpenAI released ChatGPT, a generative artificial intelligence (GAI) tool, which has since taken the world by storm. Only two months after its launch, it had over 100 million users, making it “the fastest-growing consumer application in...

AI Governance: Balancing Innovation and Ethical Accountability

Blog Published: 06/06/2023

Originally published by BigID. Written by Peggy Tsai. AI Governance has long been important for organizations, providing a framework to prioritize investments in artificial intelligence. It ensures transparency, auditability, security, and compliance in data management. But now, with the rise of ...

Top Ways to Find and Protect Sensitive Data in the Cloud

Blog Published: 06/06/2023

Originally published by Laminar. Written by Michael Holburn, Solutions Engineer, Laminar. Cloud data risk is more prevalent than ever. Laminar Labs scanned publicly facing cloud storage buckets and found personally identifiable information (PII) in 21% of these buckets – or one in five. Despite a...

New Cloud Security Alliance Report Finds Cloud Services Are Well-rooted in All Aspects of Financial Services

Press Release Published: 06/06/2023

Trust and Regulation were the greatest influencing factors, report foundSEATTLE – June 6, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today issued...

3 Challenges That Prevent Faster Mean Time to Remediation

Blog Published: 06/06/2023

Originally published by Dazz. Written by Amit Ripshtos, Tech Lead, Dazz. According to Gartner, 99% of cloud security breaches in the next three years will be caused by preventable misconfigurations and coding mistakes. That’s why your company probably has, over the past few years, been installing...

How Much Can You Trust ChatGPT? – Establishing Identity and Security While Using AI

Blog Published: 06/05/2023

Originally published by DigiCert. Written by Timothy Hollebeek. Over the last few months, we’ve seen an increase in the use of AI and machine learning with the widespread adoption of ChatGPT and other AI tools. The concept of these tools is exciting and can help save time, simplify research and o...

New Cloud Security Alliance Survey Finds SaaS Security Has Become a Top Priority for 80% of Organizations

Press Release Published: 06/05/2023

More than half of security executives experienced a SaaS security incident in the past two yearsGartner Security and Risk Management Summit, National Harbor, Maryland – June 5, 2023 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certificati...

Application Developers and Network Security Engineers: Better Together

Blog Published: 06/05/2023

Originally published by TrueFort.How can network security engineers and application developers work towards best practices? As two crucial roles in any organization, network security and application development teams must rely on each other to ensure the safe and efficient operation of a company’...

How Zero Trust Can Help Address Healthcare’s IoT Dilemma

Blog Published: 06/05/2023

Originally published by CXO REvolutionaries. Written by Tamer Baker, Field CTO - Healthcare, Government, & Education, Zscaler. Healthcare organizations need rigorous security – but don’t always get it In healthcare, medical devices required for patient care, like dialysis machines, intravenou...

Anatomy of a Modern Attack Surface

Blog Published: 06/02/2023

Originally published by Microsoft Security. Six areas for organizations to manage As the world becomes more connected and digital, cybersecurity is becoming more complex. Organizations are moving more infrastructure, data, and apps to the cloud, supporting remote work, and engaging with third-par...

Which Security Framework is Right for You?

Blog Published: 06/02/2023

Originally published by NCC Group. Written by Sourya Biswas, Technical Director, NCC Group. One of the problems that cyber security stakeholders face is the overabundance of tools and processes. Just Google “firewall providers” and you are deluged with information; replace firewall with any other...

Behind the Curtain: Hunting Leads Explained

Blog Published: 06/02/2023

Originally published by CrowdStrike. Most hunting enthusiasts agree that the thrill of hunting lies in the chase. Equipped with experience and tools of their trade, hunters skillfully search for signs of prey — a broken twig, a track in the mud. Threat hunters are no different. They search for si...

Solving the Identity Puzzle: How Interoperability Unlocks Cloud Security Potential

Blog Published: 06/01/2023

Originally published by Strata.Written by Steve Lay.With increased cloud migration and the adoption of cloud-based apps, Cloud Security Architects and IT Decision-Makers are in a race to achieve interoperability between diverse identity systems. This creates a monumental challenge, where the solu...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.