Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Zero Trust is Key to Supply Chain Security

Blog Published: 12/07/2022

Originally published by CXO REvolutionaries. Written by Jeff Lund, Global CISO - Global Information Security, Marsh McLennan. When former director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Chris Krebs spoke at Black Hat 2022, he highlighted two factors that regularly und...

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection and Remediation

Blog Published: 12/07/2022

Originally published by Adaptive Shield. Written by Zehava Musahanov, Adaptive Shield. When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, w...

5 Tips for CISOs and Boards Navigating the Evolving Regulatory Landscape

Blog Published: 12/06/2022

Originally published by ShardSecure. Written by Marc Blackmer, VP of Marketing, ShardSecure. Corporate boards are facing mounting pressure to “get smart” about data protection as they navigate an evolving regulatory landscape. It starts with a deeper understanding of cybersecurity, but under...

Advancing Trust in a Digital World

Blog Published: 12/06/2022

Originally published by Thales. Written by Welland Chu, Business Development Director, Asia Pac, Thales. The pandemic has accelerated digital transformation beyond anyone’s imagination. Considering the increased cybersecurity risks introduced by digital technologies, what should society do to pre...

“Ahhh, So That’s Why Everyone’s Talking About DSPM”

Blog Published: 12/06/2022

Originally published by Sentra. Written by Galia Nedvedovich, VP Marketing, Sentra. The most satisfying part of working at a startup in the hottest space in cybersecurity - cloud data security - is when I get to witness cloud security pros realize how Data Security Posture Management solves o...

’Tis the Season for eCrime

Blog Published: 12/05/2022

Originally published by CrowdStrike. Written by Bart Lenaerts-Bergmans, CrowdStrike. Financially motivated criminal activities, aka “eCrime,” happen in waves. They come and go as adversaries develop new tools and target vulnerable victims. Similar to how investors track stock market activity usin...

How To Understand Impact Through Asset Management and Threat Intelligence, Part 1

Blog Published: 12/05/2022

Originally published by Axonius. Written by Katie Teitler, Axonius. Cyber attack surface sprawl has become a top concern — and risk factor — for enterprise organizations. Even before the early 2020 mass exodus out of corporate offices, the proliferation of devices and device types touching corpor...

Social Engineering and VPN Access: The Making of a Modern Breach

Blog Published: 12/05/2022

Originally published by Lookout. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. In what seems to be a constant drip of headlines about large enterprises experiencing security incidents, the world most recently learned of a successful data infiltration of rideshare and de...

Top Threat #10 to Cloud Computing: Organized Crime, Hackers, and APT

Blog Published: 12/04/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

CISOs of the World, Unite!

Blog Published: 12/03/2022

This article represents personal commentary from CSA’s Chief Executive Officer Jim Reavis. I have been in the industry long enough to have observed the creation of the Chief Information Security Officer role and the journey to making this person a crucial part of our ecosystem. For almost all ...

Uber’s Internal Network Breach and Business-Critical SaaS Data Compromise

Blog Published: 12/02/2022

Originally published by DoControl on September 16, 2022. Written by Corey O'Connor, DoControl. Multiple sources have reported that Uber has become the next victim to a man-in-the-middle attack with social engineering and Multi-factor Authentication (MFA) compromise at its core. In this example, t...

Detecting and Mitigating CVE-2022-42889 a.k.a. Text4shell

Blog Published: 12/02/2022

Originally published by Sysdig. Written by Miguel Hernández, Sysdig. A new critical vulnerability CVE-2022-42889 a.k.a. Text4shell, similar to the old Spring4Shell and Log4Shell, was originally reported by Alvaro Muñoz on the very popular Apache Commons Text library. The vulnerability is rated a...

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals

Blog Published: 12/02/2022

Originally published by Ermetic. Security professionals are constantly inundated with warnings about the potentially colossal impact of security threats and risks to their organization. But what is colossal in real currency? By understanding how much the cost of a data breach can impact one's org...

Altruism in Information Security, Part 2: Identifying Hurdles Along the Path

Blog Published: 12/01/2022

Originally published by Tentacle. Written by Matt Combs, Tentacle. Welcome back! If you’re joining me for the second part of this series, I’m assuming I didn’t turn you off with my optimistic and ‘rosy’ view of the Altruism-Information Security relationship. That, or you didn’t read Part 1 and ha...

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets

Blog Published: 12/01/2022

Originally published by Mitiga. Written by Mitiga's Research Team. Mitiga spotted a sophisticated, advanced business email compromise campaign, targeting Microsoft 365 organizations, leveraging inherent weaknesses in Microsoft 365 MFA, Microsoft Authenticator, and Microsoft 365 Identity Protectio...

Definitive Guide to Hybrid Clouds, Chapter 2: Exploring the Roles of NetOps, CloudOps, and SecOps

Blog Published: 12/01/2022

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. This post explores Chapter 2 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1 and check back for future posts covering Chapters 3–7. As more organizations move forward with t...

‘Cyber Isolationism’ is Making CXOs’ Jobs More Complicated – And More Critical

Blog Published: 11/30/2022

Originally published by CXO REvolutionaries. Written by Simon Hodgkinson, former CISO, BP. Is globalization in decline? Put this question to a group of economists, diplomats, social scientists, or other specialists, and you’d likely kick off a long and spirited debate with representatives on both...

The Hidden Costs of Appliance-Based Models

Blog Published: 11/30/2022

Originally published by Netography. Written by Martin Roesch, Netography. In the network security game, deep packet inspection (DPI) technologies are primarily delivered on appliance-based architectures, an approach suffering from major evolutionary pressure due to pervasive network encryption an...

AXLocker, Octocrypt, And Alice: Leading A New Wave Of Ransomware Campaigns

Blog Published: 11/30/2022

Originally published by Cyble. AXLocker Ransomware Stealing Victim’s Discord Tokens Ransomware is one of the most critical cybersecurity problems on the internet and possibly the most powerful form of cybercrime plaguing organizations today. It has rapidly become one of the most important and pro...

Managing Operational Complexity in Multicloud Environments

Blog Published: 11/29/2022

Written by Sandeep Shilawat, Cloud and IT Modernization Strategist, ManTech. Originally published on Forbes. With the benefits of cloud computing now clear, enterprises are racing to adopt cloud-based infrastructures.According to Synergy Research Group, spending on cloud computing exceeded spendi...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
58
59
60
62
64
65
66
Last »