Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost

Blog Published: 11/07/2022

Originally published by Thales. Written by Marcelo Delima, Senior Manager, Global Solutions Marketing, Thales. The days of dreadful long lines at crowded and inefficient government agencies may be coming to an end. Digitalization of services and adoption of new platforms are reinventing governmen...

Don’t Leave it to Your Apps: Why Security Needs to be a Shared Responsibility

Blog Published: 11/07/2022

Originally published by Lookout. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. Here’s a scenario that was unlikely just two years ago: permanently telecommuting from Honolulu to your financial job on Wall Street. Fast forward to today, the world has accepted that productiv...

Top Threat #7 to Cloud Computing: System Vulnerabilities

Blog Published: 11/06/2022

Written by the CSA Top Threats Working Group. The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of worklo...

SecurityScorecard Partners with Cloud Security Alliance - Why Continuous Cyber Risk Monitoring Across Industries is Crucial

Blog Published: 11/04/2022

Originally published by SecurityScorecard. Effectively evaluating risk goes a long way toward improving an organization’s cybersecurity posture. The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a sec...

2022 Threat Report: Cloud-Native Threats are Increasing and Maturing

Blog Published: 11/04/2022

Originally published by Sysdig. Written by Michael Clark. Sysdig. The first annual cloud-native threat report from Sysdig explores some of the year’s most important security topics in the cloud. As the use of containers and cloud services keeps growing, threat actors are increasingly turning thei...

Definitive Guide to Hybrid Clouds, Chapter 1: Navigating the Hybrid Cloud Journey

Blog Published: 11/04/2022

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. This post explores Chapter 1 of the Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud. Many organizations are deploying assets to the cloud, which is often the start of their cloud migration journey. ...

A Practical Guide to Container Networking

Blog Published: 11/03/2022

Originally published by Tigera. Written by Reza Ramezanpour, Tigera. An important part of any Kubernetes cluster is the underlying containers. Containers are the workloads that your business relies on, what your customers engage with, and what shapes your networking infrastructure. Long story s...

SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company

Blog Published: 11/03/2022

Originally published by Varonis. Written by Rachel Hunt, Varonis. Some people love taking risks — swimming with great white sharks, climbing El Capitan without a rope, camping in grizzly bear territory with an open jar of peanut butter, and scariest of all, assuming your SaaS data is secure a...

How to Combat Insider Threats to Critical Data

Blog Published: 11/03/2022

Originally published by TrueFort. Written by Matt Hathaway, TrueFort. Malicious cyber attackers have had unprecedented success in the past few years, but their attacks often rely on tricking or exploiting people inside an organization. Employees, software developers, partners, and even executives...

OpenSSL Critical Vulnerability - What is Affected?

Blog Published: 11/02/2022

Originally published by Dazz on October 31, 2022. Written by Alon Kollmann, Director of Product Strategy, Dazz. Everything we know about the vulnerability so far and some insights to help you prioritize your remediation efforts‍If you are reading these lines, you are probably already well aware o...

How to Contain Breaches in the Cloud

Blog Published: 11/02/2022

Written by PJ Kirner, CTO and Co-Founder, Illumio. Hyperconnectivity, hybrid work and an increasingly distributed enterprise have all caused the modern attack surface to explode. In the past 2 years alone, 76 percent of organizations have been attacked by ransomware and 66 percent have experien...

What Lawyers Need to Do to Defend Their Clients and Themselves from Cyber Risk

Blog Published: 11/02/2022

Originally published by Ericom. Written by Nick Kael, CTO, Ericom. Absolute trust is the essential basis of the relationship between law firms and their clients. Lawyers steer clients through complex and often sensitive personal and business situations, helping them navigate difficult issues to g...

Supply Chain Attack via a Trojanized Comm100 Chat Installer

Blog Published: 11/02/2022

Originally published by CrowdStrike. Leveraging a combination of advanced machine learning and artificial intelligence, a new supply chain attack was identified during the installation of a chat-based customer engagement platform. The supply chain attack involved a trojanized installer for the Co...

IAM and Security Automation: How Companies Can Stay Safer in the Cloud

Blog Published: 11/01/2022

Originally published by ShardSecure. Written by Anthony Whitehead, Lead Developer, ShardSecure. Automation of security measures is a long-running topic of discussion. But despite the many benefits, including increased productivity, effectiveness, efficiency, and accuracy, many organizations hav...

Planning for Attacks: How to Hunt for Threats in BigQuery

Blog Published: 11/01/2022

Originally published by Mitiga. Written by Lionel Saposnik and Dan Abramov, Mitiga. BigQuery (also referred as BQ) is a managed service of Google Cloud Platform (GCP), which provides data warehouse capabilities, such as storing large amounts of logs, machine learning (ML), analytics, and other ty...

Information Security Management and the Connectivity Gap: Solving for the Missing Links in Enterprise Information Security

Blog Published: 11/01/2022

Originally published by Tentacle. Written by Danielle Morgan, Tentacle. Let’s start with the basics: a foundational definition of Information Security management is the process of developing, maintaining, and continuously improving processes aligned with the main goal of ensuring sensitive data i...

How John Kindervag’s Zero-Trust Model Applies to Cloud Security

Blog Published: 10/31/2022

Originally published by Britive.At its core, the Zero-Trust Model is wonderfully simple: when you remove trust, you reduce security risk. The concept was developed by John Kindervag, who now serves as a Senior Vice President for ON2IT Cybersecurity. Kindervag realized enterprises could gain bette...

Seamlessly Secure Your Cloud Workloads

Blog Published: 10/31/2022

Originally published by The New Stack. Also published by Torq.You’ve secured your cloud identities. You’ve hardened your cloud security posture. You’ve configured strong cloud access controls. But there’s still one more thing you need in order to secure your cloud environment: a cloud workload pr...

Prioritizing and Handling Security Issues as Part of Your Continuous Management Plan

Blog Published: 10/31/2022

Originally published by BARR Advisory.Prioritizing and handling security issues are part of a continuous management plan within your organization’s security program. Like a yearly doctor’s exam or routine oil change for your car, continuous management is preventive care for your information syste...

Top Threat #6 to Cloud Computing: Unsecure Third-Party Resources

Blog Published: 10/30/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
67
68
69
71
73
74
75
Last »