Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Information Security Management and the Connectivity Gap: Solving for the Missing Links in Enterprise Information Security

Blog Published: 11/01/2022

Originally published by Tentacle. Written by Danielle Morgan, Tentacle. Let’s start with the basics: a foundational definition of Information Security management is the process of developing, maintaining, and continuously improving processes aligned with the main goal of ensuring sensitive data i...

How John Kindervag’s Zero-Trust Model Applies to Cloud Security

Blog Published: 10/31/2022

Originally published by Britive.At its core, the Zero-Trust Model is wonderfully simple: when you remove trust, you reduce security risk. The concept was developed by John Kindervag, who now serves as a Senior Vice President for ON2IT Cybersecurity. Kindervag realized enterprises could gain bette...

Seamlessly Secure Your Cloud Workloads

Blog Published: 10/31/2022

Originally published by The New Stack. Also published by Torq.You’ve secured your cloud identities. You’ve hardened your cloud security posture. You’ve configured strong cloud access controls. But there’s still one more thing you need in order to secure your cloud environment: a cloud workload pr...

Prioritizing and Handling Security Issues as Part of Your Continuous Management Plan

Blog Published: 10/31/2022

Originally published by BARR Advisory.Prioritizing and handling security issues are part of a continuous management plan within your organization’s security program. Like a yearly doctor’s exam or routine oil change for your car, continuous management is preventive care for your information syste...

Top Threat #6 to Cloud Computing: Unsecure Third-Party Resources

Blog Published: 10/30/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

All Eyes on Cloud | Why the Cloud Surface Attracts Attacks

Blog Published: 10/28/2022

Originally published by SentinelOne here. Cloud environments have seen a meteoric rise in the past decade. What began as means of data storage has now become a full-scale computing platform, enabling a global shift in how businesses share, store, optimize, and manage information. However, threat ...

FedRAMP vs. ISO 27001

Blog Published: 10/28/2022

Originally published by Schellman here. Ever seen those jugglers that manage to balance multiple spinning plates at the same time? As impressive as it is, you figure you’d be happy to spin just the one plate successfully. For cloud service providers (CSPs), you have lots of different proverbial ...

Cloud IAM Done Right: How LPA Helps Significantly Reduce Cloud Risk

Blog Published: 10/28/2022

Originally published by Rapid7 here. Written by Sanjeev Williams, Senior Director, Cloud Security Products, Rapid7.Today almost all cloud users, roles, and identities are overly permissive. This leads to repeated headlines and forensic reports of attackers leveraging weak identity postures to gai...

Cloud Security Alliance and the Israel National Cyber Directorate Sign Memorandum of Understanding

Press Release Published: 10/27/2022

Parties will work together to strengthen cloud security awareness and preparedness across Israel and cloud security sectorSEATTLE – Oct. 27, 2022 – The Cloud Security Alliance (CSA), a global not-for-profit dedicated to defining standards, certifications, and best practices to help ensure a secur...

What is SOC 2? Complete Guide to SOC 2 Reports and Compliance

Blog Published: 10/27/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. In today’s security landscape, it’s crucial you assure your customer and partners that you are protecting their valuable data. SOC compliance is the most popular form of a cybersecurit...

The Need for SAP Security in the Utilities Sector

Blog Published: 10/27/2022

Originally published by Onapsis here. It’s no secret cyberattacks have become more advanced over the last few years. Industries that are critical to everyday life have seen, firsthand, the debilitating impact cyberattacks can have. Critical infrastructure, such as the informational technology (IT...

Cloud Security Alliance Announces Trusted Cloud Consultant Program

Press Release Published: 10/27/2022

New program connects enterprise companies with trusted, qualified consultantsSEATTLE – Oct. 27, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today ...

3 Reasons to Add Cloud Data Security to 2023 Cybersecurity Budgets

Blog Published: 10/27/2022

Originally published by Laminar here. Written by Andy Smith, Laminar. Why Cloud Data Is So ImportantCloud data is growing at an exponential rate, and attackers have taken notice. Data breaches in 2021 increased by 68% over the year prior. As cloud data continues to grow, so too will the risk of a...

A SECtember Refrain: CxOs Need Help Educating Their Boards

Blog Published: 10/26/2022

The concerns and challenges discussed during this September’s SECtember Conference and adjoining CxO Trust Summit ran the gamut. However, one refrain focused on chief information security officers’ need for more help and guidance on messaging cybersecurity problems, required security controls, an...

SaaS Security Use Case Series: Device-to-SaaS User Risk

Blog Published: 10/26/2022

Originally published by Adaptive Shield here. Written by Eliana Vuijsje, Marketing Director, Adaptive Shield. Typically, when threat actors look to infiltrate an organization’s SaaS apps, they look to SaaS app misconfigurations as a means for entry. However, employees now use their personal devic...

Data Security Posture Management vs Cloud Security Posture Management

Blog Published: 10/26/2022

Originally published by Sentra here. It was only a few years ago that we thought ‘Cloud Security Posture Management’ was going to bring the ultimate level of security to the cloud. But we’re already discovering that while CSPM is doing a good job of finding infrastructure vulnerabilities, data ...

3 Frictionless Strategies to Boost Your GCP IAM

Blog Published: 10/26/2022

Originally published by Britive here. Written by Sage Avarda, Britive. Building on Google Cloud Platform (GCP) allows DevOps teams to collaborate and create with little restriction, which results in quick turnaround time and an overall increase in market velocity. GCP provides a decent identity a...

How Cybersecurity Insurance Can Work To Help An Organization

Blog Published: 10/25/2022

Originally published by Thales here. Written by Anthony Dagostino, CEO and Co-Founder, Converge. For many years, organizations had limited options for addressing data protection risks. A company could never eliminate risk, but they could try to reduce or mitigate it. In the last 20+ years, cybers...

What is a Cryptogram on a Credit Card?

Blog Published: 10/25/2022

Originally published by TokenEx here. Written by Anni Burchfiel, TokenEx. Quick Hits: EMV chip cards use cryptograms to secure cardholder data every time a transaction is made.Cryptograms validate transactions by verifying the identity of both the card and the approval from the issuer.Cryptograms...

Cybersecurity Awareness Month Doesn’t Have to Be Scary

Blog Published: 10/24/2022

Originally published by Blue Lava here. Written by Veronica Wolf, Director of Product & Content Marketing, Blue Lava. In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors surrounding cybersecurity. We’ve also gathered up a few reso...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
62
63
64
66
68
69
70
Last »