Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Cloud Security Alliance and International Systems Security Association Form New Partnership to Advance the Cybersecurity Profession

Press Release Published: 06/30/2020

Associations unite to build, support, and strengthen cybersecurity communitySEATTLE – June 30, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, and ...

Cloud Risk Management

Blog Published: 07/02/2020

By Ashwin Chaudhary with AccedereCloud Risk Management is an important aspect in today’s world where majority of the organizations have adopted the cloud in some form or the other. Cloud risks continue to remain high for a CISO or a CIO and is gaining more importance in today’s world where mor...

Data Discovery to Rescue Historical Data from Compliance Violations

Blog Published: 07/01/2020

By Ishani Sircar, Product Marketing Manager at CipherCloudAs technology evolved and the world migrated to the cloud, the amount of data in the cloud increased at a rapid pace and most organizations in trying to keep pace overlooked security best practices. Organizations are sitting on tons of...

FTC Guidance - Six Steps Toward More Secure Cloud Computing

Blog Published: 07/06/2020

By Francoise Gilbert – DataMinding, Inc.The June 15, 2020 FTC Blogpost, titled Six Steps Towards More Secure Cloud Computing provides a concise, valuable checklist for businesses that use or intend to use cloud services, so that they make their use of cloud services safer. The document is a re...

United States–Mexico–Canada Agreement: Digital Trade Provisions: NAFTA 2.0 meets the Internet

Blog Published: 06/30/2020

By Francoise Gilbert, DataMinding, Inc.The United States–Mexico–Canada Agreement (USMCA) enters into effect on July 1, 2020. Nicknamed “NAFTA 2.0” because it replaces the North America Free Trade Agreement (NAFTA), the USMCA addresses a number issues that had not been tackled by its predecesso...

Cloud Security Alliance Publishes New Paper, The Six Pillars of DevSecOps: Automation

Press Release Published: 07/07/2020

Document provides practical advice for integrating automated security into software development lifecycleSEATTLE– July 7, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud ...

​Securing the multi-cloud environment through CSPM and SSPM

Blog Published: 07/13/2020

By the CipherCloud TeamMisconfigurations are the biggest cause of data breaches in the cloud, exposing more than 33 billion records and costing companies close to $5 trillion in 2018 and 2019. - DivvyCloudIt took decades to convince IT leaders to move to the cloud. In the initial years, cloud ...

Cryptocurrencies, Digital assets, Tokens and Blockchain maturity is coming soon

Blog Published: 07/10/2020

By Kurt Seifried, Chief Blockchain Officer, CSTautology - a statement that is true by necessity or by virtue of its logical form.Blockchains are going to rapidly gain maturity because people are using blockchains, because they are rapidly gaining maturity. Essentially we’re at the inflection p...

Using CSA STAR to Improve Cloud Governance and Compliance

Blog Published: 12/19/2020

By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceThe more complex systems become, the less secure they are, even though security technologies improve. There are many reasons for this, but it can all be traced back to the problem of complexity. Why? Because we give a lot ...

What Does Proactive Vendor Security Mean?

Blog Published: 07/10/2020

By the Whistic TeamAs an InfoSec professional, you have probably heard the term “proactive vendor security” tossed around. But what exactly does proactive vendor security mean?Looking for a deeper meaningOn the surface, proactive is the opposite of reactive. Instead of waiting around for issue...

Night of the Living Cloud (aka CSA Federal Summit) Part 1 of 2

Blog Published: 07/09/2020

By Jim Reavis, Co-founder and Chief Executive Officer, CSAIf you want to get a feel for what the zombie apocalypse might be like, I highly recommend taking a business trip right now. It provides a surreal experience without the hassle of someone trying to eat your brains. It was thus for me as...

​Understanding Common Risks in Hybrid Clouds

Blog Published: 07/14/2020

Written by:ZOU Feng, Co-Chair, Hybrid Cloud Security WG & Director of Cloud Security Planning and Compliance, HuaweiNarudom ROONGSIRIWONG, Co-Chair, Hybrid Cloud Security WG & SVP and Head of IT Security, Kiatnakin BankGENG Tao, Senior Engineer of Cloud Security Planning and Compliance...

Abusing Privilege Escalation in Salesforce Using APEX

Blog Published: 07/16/2020

By Nitay Bachrach, Senior Security Researcher, PolyrizeThis article describes in detail a Salesforce privilege escalation scenario whereby a malicious insider exploits Author Apex permission to take over an organization’s Salesforce account and all data within it. The user abuses the fact that...

EU Court of Justice Decision - Privacy Shield Invalidated; Standard Clauses Challenged​​

Blog Published: 07/16/2020

European Court of Justice Schrems 2 Decision Creates Havoc in Global Digital Exchanges: Significant Challenges to Privacy Shield and Standard Contractual Clauses UsersBy Francoise Gilbert, CEO, DataMinding, Inc.For months, the global digital trade community has been awaiting the decision of th...

​The Mobile App Testing Landscape

Blog Published: 07/20/2020

Written by: Henry Hu, Co-Chair, MAST Working Group & CTO, Auriga Security, Inc. and Michael Roza, Member, MAST Working GroupCloud computing accelerates the development and real-time use of applications, which drives personal productivity and business agility. However, with the proliferatio...

How Hackers Changed Strategy with Cloud

Blog Published: 07/21/2020

By Drew Wright, Co-Founder of FugueOriginally published June 30, 2020 on https://www.fugue.co/blogIf you’re running a workload in the cloud, take a moment to look at the activity logs for your public-facing resources. There’s bad guys there, and they’re probing your cloud infrastructure lookin...

Healthcare Big Data in the Cloud Summary

Blog Published: 07/23/2020

By Dr. Jim Angle, Trinity Health, and Alex Kaluza, Cloud Security AllianceIn the modern age of technology and all the ways that it impacts our lives, healthcare is no exception. The use of cloud computing, big data analytics, and the move to consumer-focused health care is changing the way hea...

Implementing a Vendor Assessment Platform? Tips for Long-Term Success

Blog Published: 07/27/2020

By the Whistic TeamProactive vendor security is no longer just a buzzword tossed about in InfoSec conversations—it’s a must-have for cloud-based organizations to differentiate themselves from peers and vendors in a competitive landscape. As data security is working its way up the list of corpo...

​Schrems 2 – 12 FAQs Published by the EDPB but Little Practical Guidance

Blog Published: 07/24/2020

By Francoise Gilbert, CEO, DataMinding, Inc.Since the publication of the European Court of Justice (EUCJ) decision in the Schrems 2 case, businesses located on both sides of the Atlantic, and around the world, have been attempting to determine how they should interpret and act upon the decisio...

CSA’s SECtember Experience to Provide a Month of Vital Expert Briefings

Press Release Published: 07/28/2020

CloudBytes webinar series to guide participants’ race to the cloud, offers CPE creditsSEATTLE – July 28, 2020 – The Cloud Security Alliance (CSA), the global leader of the secure cloud ecosystem, today announced the SECtember Experience (Sept. 8-25), a webinar series that will provide a previ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
64
65
66
68
70
71
72
Last »