Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Can You “Fail” a SOC 2 Examination?

Blog Published: 10/13/2022

Originally published by A-LIGN here. Written by Alex Welsh, Manager, ISO Practice, A-LIGN. Although you can’t “fail” your SOC 2 report, it can result in report opinions to be noted as “modified” or “qualified”. Learn what this means for your organization.Is your organization planning for a SOC 2 ...

Auto-Remediation in SaaS Security: Why SSPM Clients Frequently Prefer Guided Remediation

Blog Published: 10/13/2022

Written by James Alston, Senior Solutions Engineer, AppOmni. In the ongoing struggle to relieve Security teams of tedious manual work while still providing exceptional protection, auto-remediation has emerged as a frequently-discussed topic related to SSPM solutions. And its potential is cert...

Types of Sensitive Data: What Cloud Security Teams Should Know

Blog Published: 10/13/2022

Originally published by Sentra here. Not all data is created equal. If there’s a breach of your public cloud, but all the hackers access is company photos from your last happy hour… well, no one really cares. It’s not making headlines. On the other hand if they leak a file which contains the paym...

What is SAP Security (and Why Does It Matter?)

Blog Published: 10/12/2022

Originally published by Onapsis here. An Overview of SAP Applications Business-critical applications such as ERP, SCM, CRM, SRM, PLM, HCM, BI and others support essential business functions and processes of the world’s largest commercial and governmental organizations, including supply chain, man...

Cybersecurity Skills Shortage Provides Rare Cross-Training Opportunities

Blog Published: 10/12/2022

Originally published by CXO REvolutionaries here. Written by Kavitha Mariappan, EVP, Customer Experience and Transformation, Zscaler. Are you familiar with the saying, “you are the average of the five people you spend the most time with?” It speaks to how our social environment and relationships ...

It’s Not ‘See You Later.’ It’s ‘Goodbye’: Moving on from Tokenization in the Age of Ransomware

Blog Published: 10/12/2022

Written by Arti Raman, CEO, Titaniam. Invented in 2001, tokenization addresses the risk of losing cardholder data from eCommerce platforms and remains the golden standard for protecting sensitive information.The concept was simple: Swap payment card numbers for substitute numbers, i.e., tokens, w...

What Is a Feistel Cipher?

Blog Published: 10/11/2022

Originally published by TokenEx here. Written by Valerie Hare, Content Marketing Specialist, TokenEx. Quick Hits: Feistel cipher is a design model designed to create different block ciphers, such as DES. The model uses substitution and permutation alternately. This cipher structure is based on th...

26 AWS Security Best Practices to Adopt in Production

Blog Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to so...

Preventing Security Risks by Controlling SaaS Sprawl

Blog Published: 10/11/2022

Originally published by Axonius here. Written by Kathleen Ohlson, Axonius. The rapid growth of SaaS adoption continues. The necessity of SaaS applications for productivity and collaboration moved organizations to onboard them as fast as they could. But now these organizations have this sprawl of ...

Grand Theft Hacker: A Look at The Rockstar Games and Uber Hack

Blog Published: 10/10/2022

Originally published by Skyhigh Security here. Written by Arnie Lopez, WW Systems Engineering, Skyhigh Security. What does one of the most successful ride-sharing platforms and one of the world’s most popular video games share in common?If you said, “Cars,” you would be right.If you said, “Both w...

What Is Lockdown Mode for iOS and iPadOS and Why Should I Care?

Blog Published: 10/10/2022

Originally published by Lookout here.Written by Christoph Hebeisen, Director, Security Intelligence Research, Lookout.Apple recently announced a new feature in its upcoming iOS and iPadOS called Lockdown Mode. The aim is to protect users such as corporate executives, government officials, journal...

CSA’s New Zero Trust Training and Why It's Needed

Blog Published: 10/10/2022

Zero Trust has possibly been the most mentioned concept in the cybersecurity arena over the last 12 months. For some, it is a revolutionary approach. For others, it is an evolution of a series of trends already ongoing for over a decade. Finally, there are people who consider it just a buzzword a...

How to Detect Ransomware

Blog Published: 10/08/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliOnce you know what ransomware is and how to protect your organization against it, it’s important to learn how to respond if a ransomware attack occurs. The first step: detecting the ransomware attack! The Detect Function of the National I...

Protecting Against Ransomware

Blog Published: 10/07/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliRansomware is a form of malware used by an attacker to encrypt a victim’s data and demand a ransom for the encryption key, which allows the victim access to their data. Part 1 of this blog series further explains what ransomware is and th...

Think Zero Trust Applies Only to Federal Agencies? Think Again!

Blog Published: 10/07/2022

Originally published by Thales here. In my last blog post, I explained how Federal Civilian Executive Branch (FCEB) agencies can comply with The White House Executive Order (E.O.) around implementing zero trust. These solutions do this by offering various capabilities like Bring-Your-Own-Encrypti...

Cybercrime Across the U.S.

Blog Published: 10/07/2022

Originally published by ThirdPartyTrust here. Written by Chris Gerben, VP of Marketing, ThirdPartyTrust. Many of us are spending more time on the internet, and technology has taken over how we work, interact with our friends, and even how we pay for goods and services.But spending more time onlin...

Keeping Your Digital Destiny Firmly in Your Hands

Blog Published: 10/06/2022

Written by Welland Chu, Ph.D, CISA, CISM. What Are the Top Priorities for Governments and Regulated Industries? Great minds think alike. When it comes to cloud adoption, what are the 3 aspects that the governments and regulators of Japan, Australia, Europe, Hong Kong, India, and Singapore ha...

The Top 10 SaaS Data Access Risks

Blog Published: 10/06/2022

Originally published by DoControl here. Written by Corey O'Connor, DoControl. Modern businesses increasingly rely on SaaS applications like Google Drive, Box, Dropbox, and Slack to facilitate daily exchanges of sensitive data and files. Although these tools allow for real-time collaboration that ...

Facing the Shift-Left Security Conundrum. A True Story

Blog Published: 10/06/2022

Originally published by Ermetic here. Written by Diane Benjuya, Ermetic. There was a time when developers and security teams did not, er, get along. Friction reigned as each struggled to meet their own needs. Security teams forewarned of data breaches, DevOps forewarned of development slowdowns a...

What are Microservices?

Blog Published: 10/05/2022

Microservices have been increasingly implemented in organizations. This increase in popularity can be attributed to the ease with which they move through a lifecycle allowing for efficient restart, scale-up, or scale-out of applications across clouds. However, these unique characteristics also me...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
70
71
72
74
76
77
78
Last »