Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
CCSK Success Story: From a Cybersecurity and Privacy Officer

Blog Published: 01/06/2023

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Threat Detection for Your Multi-Cloud Environment

Blog Published: 01/06/2023

Originally published by Netography. Written by Dan Ramaswami, VP Field Engineering, Netography. We’re at a tipping point with respect to how we think about the cloud and security. Now, 89% of organizations report having a multi-cloud strategy, and 80% are using both public and private clouds. Wha...

Fake MSI Afterburner Sites Delivering Coin-Miner

Blog Published: 01/06/2023

Originally published by Cyble on November 23, 2022. Stealthy Miner Bypasses Detection Using Shellcode And Process Injection Gamers and other high-performance computing users use various utility software tools such as MSI Afterburner, which monitors system performance and allows users to modify th...

Could Double Extortion Prompt a Public Health Crisis?

Blog Published: 01/05/2023

Originally published by CXO REvolutionaries on November 15, 2022. Written by Kyle Fiehler, Senior Transformation Analyst, Zscaler. Ransomware actors targeting Australia’s most prominent healthcare insurer have taken the gloves off. After Medibank refused to pay a ransom for the return of data bel...

Definitive Guide to Hybrid Clouds, Chapter 3: Understanding Network Visibility in the Hybrid Cloud

Blog Published: 01/05/2023

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. Editor’s note: This post explores Chapter 3 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1 and Chapter 2, and check back for future posts covering Chapters 4–7.Migrating to...

From Access-Centric Security to Data-Centric Security

Blog Published: 01/05/2023

Originally published by Lookout. Written by Maria Teigeiro, Lookout. In the early days of internet security, an access-centric security model made sense. Access lists on routers were complemented by firewalls and, later, intrusion detection systems. Given the processing capacity available at ...

CSA STAR Certification – Supporting Cloud Trust

Blog Published: 01/04/2023

Originally published by MSECB. Written by Mark Lundin, MSECB. Value of CSA STAR Certification for CSPs Cloud Security Alliance (CSA) STAR Certification is a strong tool to help cloud service providers evaluate and improve their cybersecurity controls while certifying against a well-respecte...

Combat Attacks Where They Most Often Start: Applications

Blog Published: 01/04/2023

Originally published by TrueFort. Written by Mike Powers, TrueFort. The application environment is one of the most targeted among cyber criminals and has reached a point where organizations can no longer pose the question of “if” there will be an attack on, but “when” there is an attack. The atta...

How to Control (Maneuver) the Post-IdP Wasteland

Blog Published: 01/04/2023

Originally published by DoControl. Written by Tony Klor, DoControl. In a world where digital transformation is the new normal and employees are more mobile than ever, organizations are inundated with managing often highly sensitive Software as a Service (SaaS) application data. To meet these dema...

How To Understand Impact Through Asset Management and Threat Intelligence, Part 3

Blog Published: 01/03/2023

Originally published by Axonius. Written by Katie Teitler, Axonius. In part one and part two of this series, we defined what cyber asset intelligence is, how — combined with threat intelligence — it informs cyber asset management as a way to decrease risk, and how organizations can start to build...

How to Improve Your Kubernetes Security Posture

Blog Published: 01/03/2023

Originally published by Sysdig. Written by Alba Ferri, Sysdig. KSPM or Kubernetes Security Posture Management refers to the security state and capabilities in place to manage the defense of the Kubernetes clusters and the workloads running on top of it. It also includes how well it can predict, p...

5 Tips for Successfully Navigating C-Suite and Board Communication as a CISO

Blog Published: 12/29/2022

Originally published by Blue Lava. Written by the Beacon Digital Team. Even the most experienced CISOs can struggle to communicate effectively with their Board of Directors and Executive team. This is not a surprise given the challenges CISOs are commonly up against, which include:Having very lim...

How to Prevent Account Takeover Fraud

Blog Published: 12/29/2022

Originally published by TokenEx. Written by Anni Burchfiel, TokenEx. Quick Hits:Account takeover fraud is the most popular kind of cyberattack for hackers looking to make a large sum of money quickly.Businesses affected by account takeover attacks (ATOs) often lose large numbers of customers due ...

5 Key Takeaways from the 2022 Compliance Benchmark Report

Blog Published: 12/28/2022

Originally published by A-LIGN. Written by Patrick Sullivan, A-LIGN. Our 2022 Compliance Benchmark Report detailed how organizations are navigating the current compliance landscape, as well as how they are preparing for the future. By surveying more than 200 cybersecurity, IT, quality assurance, ...

Sealing Off Your Cloud’s Blast Radius

Blog Published: 12/28/2022

Originally published by Ermetic. Migrating to the cloud? Cloud security requires a shift in mindset from traditional on-premises security. Implementing relevant principles and practices, like for permissions management, can mitigate vulnerabilities and significantly reduce the blast radius of an ...

Minimizing your Data Attack Surface in the Cloud

Blog Published: 12/27/2022

Originally published by Sentra. Written by Ron Reiter, CTO, Sentra. The cloud is one of the most important developments in the history of information technology. It drives innovation and speed for companies, giving engineers instant access to virtually any type of workload with unlimited scale....

News of Note: Accounting for Those Good Days

Blog Published: 12/23/2022

Recently, on one of my social media feeds, someone posted a supposed quote by Charles Darwin that left me gobsmacked, yet also piqued my curiosity because of its self-deprecating, negative, and also quite relatable nature. I was compelled to do some digging to see if it was really true – that suc...

PCI DSS 4.0: How to Become PCI Compliant

Blog Published: 12/23/2022

Originally published by TokenEx. So the results from your latest audit are in, and it turns out your organization no longer meets the full requirements of the Payment Card Industry Data Security Standard—or even worse, you’ve just learned your previously out-of-scope network now is subject to mor...

5 Critical Cybersecurity Updates Forecasted for 2023

Blog Published: 12/23/2022

Originally published by A-LIGN. Written by Tony Bai, Federal Practice Lead, A-LIGN. As cyberattacks become increasingly common in today’s global environment, government agencies are looking at applying minimum cybersecurity guidelines across several new sectors as the year comes to a close. The f...

Be Prepared to Neutralize Cyberattacks When – Not If – They Happen

Blog Published: 12/22/2022

Originally published by Titaniam. Businesses today are under the constant threat of cyberattacks from ransomware and extortion. 68% of business leaders feel their risk of a cyberattack is increasing, according to Accenture.For years, enterprise-level organizations have relied on data protection p...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
61
62
63
65
67
68
69
Last »