Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
How to Leverage the NIST Framework for a More Effective SAP Security Strategy

Blog Published: 09/13/2022

Originally published by Onapsis here.Business applications like SAP are responsible for running the enterprise, powering operations and fueling the global economy. Considering 77% of the world’s transactional revenue touches an SAP system and 92% of the Forbes Global 2000 uses SAP, a successful a...

Challenges of Cloud Security (5 Traps to Avoid)

Blog Published: 09/12/2022

Originally published by Vulcan Cyber here. Written by Gal Gonen, Vulcan Cyber. It’s no surprise that one of the biggest concerns for companies using the cloud - whether they were born in the cloud or migrated to one - is the attached challenges of cloud security, specifically when “operating in t...

How Identifying UserData Script Manipulation Accelerates Investigation

Blog Published: 09/12/2022

Originally published by Mitiga here. Written by Doron Karmi, Mitiga. UserData script manipulation by threat actors is a technique that has been known in the wild for several years and has been observed being exploited by many attack groups. Abuse of the AWS EC2 instance UserData attribute could l...

How to Protect Your Data When Ransomware Strikes

Blog Published: 09/12/2022

Originally published by Lookout here. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim h...

Crypto Done Right

Blog Published: 09/09/2022

Written by Debra Baker Ever wonder what cryptographic algorithms to use? What is better for symmetric encryption, AES-CTR or AES-CBC? For that matter what is symmetric encryption. Is ECDSA or RSA better for encryption? It can quickly get confusing. In fact, there was a study done on the Usabili...

The Credential Theft Food Chain - How Does a Bad Actor Move Laterally Once In?

Blog Published: 09/09/2022

Written by Anastasios Arampatzis, Tech Writer, Bora Any time a breach occurs, senior management and any subsequent media coverage often focus on how the criminal got into the network. Most company leadership would like to imagine that the breach resulted from a sophisticated, lengthy campaign to ...

In Zero We Trust: Cultivating a Zero Trust Strategy

Blog Published: 09/08/2022

Written by Prakhar Singh, Business Development Manager, Cybersecurity & GRC Services, HCL Technologies and Sahil Pathak, Technology Evangelist. Introduction When one thinks about IT network and security, the first thing that comes to mind is the traditional de-militarized zones or the hub and...

Why Securing Internet-Facing Applications is Challenging in a Kubernetes Environment

Blog Published: 09/08/2022

Originally published by Tigera here. Written by Ratan Tipirneni, Tigera. Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditi...

GitOps and Shift Left Security: The Changing Landscape of DevSecOps

Blog Published: 09/07/2022

Originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development team...

Are Conventional Cybersecurity Tactics Leading You to Defeat?

Blog Published: 09/07/2022

Originally published by CXO REvolutionaries here. Written by Daniel Ballmer, Senior Transformation Analyst, Zscaler. Today’s organizations are fighting cyberattacks using strategies that have historically failed in a combat environment. While there are many differences between conventional warfar...

The Standout Cybersecurity Stats You Need to Know

Blog Published: 09/07/2022

Find Part 1 of this blog, "Trends in Cybersecurity Breaches," here. The complete blog was originally posted by Alert Logic on July 7, 2022. Written by Antonio Sanchez. How rampant is cybercrime today? The prevalence of cybercrime is enormous. More than one-third of organizations have experien...

Evolving Security to Meet the Challenges of the Cloud, Part 1

Blog Published: 09/06/2022

Written by Raul Neagoe, Senior Cyber Security Product Manager, NTT DATA. The widespread move to the cloud has forced organizations to restructure themselves to be more flexible, scalable, and adaptable in a variety of ways. However, these advancements have posed new challenges to cyber security e...

3 Access Security Lessons Learned from the Marriott Data Breach

Blog Published: 09/06/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. For the third time in less than five years, international hotel corporation Marriott is back in the news with yet another data breach.According to reports out of Databreaches.net who broke the story, Marriott was the vic...

Cold Storage Migration to the Cloud Is Heating Up for CISOs

Blog Published: 09/06/2022

Originally published by ShardSecure here. Written by Bob Lam, CEO and Co-Founder, ShardSecure. A lot of enterprise data storage today is on-premises—whether it’s hot data that is actively being used and needs to be accessed immediately or cold data that you don’t touch for weeks, months or even y...

How to Achieve CSA STAR Compliance

Blog Published: 09/02/2022

Written by Ashwin Chaudhary, CEO, Accedere. We know that a lot of organizations want to achieve the Cloud Security Alliance’s STAR Level 1 Self-Assessment or Level 2 Certification. However, some organizations face challenges in understanding the process, documentation, and approach to achieve ...

A Roadmap to Zero Trust Architecture

Blog Published: 09/01/2022

Originally published by DoControl here. Written by Corey O'Connor, DoControl. Zero Trust was first introduced in 2010, which was also the same year Apple introduced the iPad! This new concept was a bit slow to catch on before really gaining any sort of traction. Fast forward to today, Zero Trust ...

Treading Sensibly - Not Blindly - Into the Metaverse

Blog Published: 09/01/2022

Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. The metaverse is here. Organizations have the opportunity to leverage the metaverse to engage with customers and to experiment sooner, rather than later, to create a competitiv...

CSA STAR Certification vs. CSA STAR Attestation

Blog Published: 09/01/2022

Originally published by Schellman & Co here.Written by Ryan Mackie, Principal at Schellman & Company.In the popular modern musical Hamilton, the titular character is given an opportunity by George Washington. Hamilton can stay on the front lines of the American Revolution, or he can becom...

FIDO - Leading the Zero Trust Passwordless Authentication Evolution

Blog Published: 08/31/2022

Originally published by Thales here. Written by Gregory Vigroux, PKI Product Line Manager, Thales. It’s no secret that passwords have become one of the weakest links in enterprise security. Credential compromise is the leading cause of cybercriminals’ ability to gain access to enterprise resource...

The Evolving Role of the SOC Analyst

Blog Published: 08/30/2022

Originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says org...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
68
69
70
72
74
75
76
Last »