Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Help shape the future of cloud security! Take our quick survey on SaaS Security and AI.

All Articles

Home
All Articles
How to Implement CIEM – A Checklist

Blog Published: 02/22/2023

Originally published by Ermetic. CIEM solutions provide visibility into cloud identities to secure access management. With cloud adoption growing and entitlements taking center stage as the security boundary in the cloud, more organizations are looking for the right security solution for their id...

5 Data Security Trends You Might Be Missing

Blog Published: 02/21/2023

Originally published by Rubrik. Written by Atul Ashok, Rubrik. Malware is becoming more sophisticated, and it would be impossible to prevent and defend from every single cyber threat out there. As the digital dependence of enterprises grows in tandem with the enterprise’s growth, we are seeing so...

A Closer Look at BlackMagic Ransomware

Blog Published: 02/21/2023

Originally published by Cyble on December 7, 2022. New Ransomware disrupting Transportation and Logistics Industry in Israel During a routine threat-hunting exercise, Cyble Research and Intelligence Labs (CRIL) came across a new ransomware group named “BlackMagic” ransomware. This ransomware gro...

Is Breach Fatigue the New Norm?

Blog Published: 02/21/2023

Originally published by CXO REvolutionaries. Written by Erik Hart, Global CISO, Cushman & Wakefield. How numb is the public to security failures? One of the trickiest security topics involves the shifting relationship between security and privacy. Twenty years ago, people saw these areas as f...

10 SaaS Governance Best Practices to Protect Your Data

Blog Published: 02/17/2023

Written by the SaaS Governance Working Group. In the context of cloud security, the focus is almost always on securing Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments. This is despite the reality that while organizations tend to consume 2-3 IaaS providers, they ar...

How to Combat Corporate Fraud and Corruption: A Hands-On Approach

Blog Published: 02/17/2023

Written by Alex Vakulov. Businesses are facing significant challenges from fraud and corruption. These issues result in financial losses and harm the company's reputation. Furthermore, it creates a hostile environment within the organization. Let's see how to prevent fraud and corruption in your ...

CSA ZTAC: Addressing the Challenges of Implementing Zero Trust

Blog Published: 02/16/2023

Catching up with industry friends and other professional contacts about the developments of our Zero Trust Advancement Center (ZTAC) and the various activities underpinning it during industry events has proven pretty enlightening. Establishment or even implementation of zero trust (ZT) strategies...

Five Easy Cybersecurity Predictions for 2023

Blog Published: 02/16/2023

Originally published by TrueFort. Written by Nik Hewitt, TrueFort. It’s that time of year again when cybersecurity professionals consult our tea leaves and are obliged to play augury for the year to come. This year, however, it feels like the writing is already on the wall, and several glaring ar...

How Global Conflicts Influenced Cyber Attack Behaviors

Blog Published: 02/16/2023

Originally published by Sysdig. Written by Michael Clark, Sysdig. The conflict between Russia and Ukraine includes a cyberwarfare component with government-supported threat actors and civilian hacktivists taking sides.The goals of disrupting IT infrastructure and utilities have led to a 4-fold in...

5 Reasons Your NDR Project Missed The Mark

Blog Published: 02/16/2023

Originally published by Netography. Written by Mal Fitzgerald, Sales Engineer, Netography. I’ve seen it time and again. You read about the SOC Visibility Triad, with its corner for Network Detection and Response (NDR) and thought, “That makes complete sense” and, truth be told, I completely agree...

What You Need to Know About the Daixin Team Ransomware Group

Blog Published: 02/15/2023

Originally published by Titaniam. Ransomware attacks are common and becoming more creative. However, as attackers evolve, so do their decisions of targets and methodology. As of October 2022, the FBI’s Internet Crime Complaint Center (IC3) holds victim reports across all 16 critical infrastructu...

Four Questions to Ask About Your Cloud Security Posture

Blog Published: 02/15/2023

Originally published by Lookout. Written by David Richardson, Vice President, Product, Lookout. For most organizations, the decision to adopt cloud technologies is a simple one. Cloud apps streamline operations and costs while enabling users to access resources from anywhere and on any device...

What is the Timeline for the FedRAMP Process?

Blog Published: 02/15/2023

Originally published by Schellman. Written by Andy Rogers, Schellman. Ever watched Jeopardy? Even if you haven’t, you’re likely familiar with the iconic theme music that plays every time contestants deliberate over their answers—it’s such an iconic tune that it’s become synonymous with waiting fo...

Empowering Individuals and Organizations to ‘Respect Privacy’

Blog Published: 02/14/2023

Originally published by BARR Advisory on January 23, 2023. Written by Kyle Cohlmia, BARR Advisory. This week is Data Privacy Week, an annual campaign hosted by the National Cybersecurity Alliance. The theme of this year’s Data Privacy Week is “respect privacy,” with the goal to help individuals a...

Why You Need Active Cloud-Native Application Security

Blog Published: 02/14/2023

Originally published by Tigera. Written by Ratan Tipirneni, Tigera. First-generation security solutions for cloud-native applications have been failing because they apply a legacy mindset where the focus is on vulnerability scanning instead of a holistic approach to threat detection, threat preve...

Paying Ransom: Why Manufacturers Shell Out to Cybercriminals

Blog Published: 02/13/2023

Originally published by Dark Reading and CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. Everyone in information security knows ransomware actors target different industries for different reasons. Some are seen as flush with cash. Some have obvious reasons for needing to resu...

Cloud First to Cloud Smart: A Strategic Shift

Blog Published: 02/13/2023

Originally published by Tata Communications. Written by Rajesh Awasthi, Vice President & Global Head of Managed Hosting and Cloud Services, Tata Communications. The term ‘digital transformation’ has evolved for businesses, particularly in the last decade. What once meant a simple shift to vir...

Access Control Review: Addressing Challenges and Ensuring Compliance in Cloud Service Consumers

Blog Published: 02/10/2023

Written by members of the CSA IAM Working Group and the Zero Trust Working Group's Identity Subgroup. An access control review is a process of evaluating and analyzing an organization's access control system to ensure that it is functioning properly and effectively. Access control systems are des...

What’s the Difference Between ISO 27001:2013 and ISO 27001:2022?

Blog Published: 02/10/2023

Originally published by A-LIGN. Written by Adam Lubbert, A-LIGN. At the end of October 2022, the International Organization for Standardization (ISO) published a new version of ISO/IEC 27001:2022. ISO 27001 is the world’s leading information security standard, providing control requirements to cr...

Using Automated Just-in-Time (JIT) to Reach Least Privilege – A Guide

Blog Published: 02/09/2023

Originally published by Ermetic. Privileged access and elevated permissions expose organizations to vulnerabilities that could be exploited. On-premises, security teams often use PAM tools for managing these types of risks. But for cloud operations, PAM tools are insufficient as they are built ar...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
51
52
53
55
57
58
59
Last »