Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Pivoting from Infrastructure Resilience to True Data Resilience

Blog Published: 10/05/2022

Originally published by ShardSecure here. Written by Julian Weinberger, ShardSecure Sales Engineering & Partner Lead. Traditionally, we achieved resilience by making systems redundant with a primary data center and a backup data center that consisted of all the same infrastructure, devices,...

Reversing the Digital Trust Deficit

Blog Published: 10/05/2022

Originally published by KPMG here. Written by Akhilesh Tuteja, Global Cyber Security Practice Leader, KPMG in India. Our seemingly endless reliance on the power of digital technology continues to transform everything from commerce, work and lifestyle to transportation, education, healthcare and b...

Why XDR Should Be on Your Roadmap for SOC Success

Blog Published: 10/05/2022

Originally published by CrowdStrike here. Written by Scott Simkin, CrowdStrike. Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security professionals have of...

Shining a Light on Visibility for Enhanced Security Posture

Blog Published: 10/04/2022

Originally published by Alert Logic here. Written by Tom Gorup, Vice President of Security and Support Operations, Alert Logic by HelpSystems. Security posture is a largely obscure phrase. It’s used in the industry but if you ask 10 different people what security posture means, you’ll get 10 diff...

Data Breaches Are A “When,” Not An “If.” Here’s How You Can Prepare.

Blog Published: 10/04/2022

Originally published by PKWARE here. Cyber attackers have spent considerable time and resource to develop cyberattack methods that evade detection. Which means a focus on complete attack prevention may be unattainable—or if attainable, not sustainable for very long. Cyber criminals are becoming i...

You Could Do Zero Trust the Old-Fashioned Way, but Why?

Blog Published: 10/04/2022

Originally published by CXO REvolutionaries here. Written by Kevin Schwarz, Transformation Strategist, ZScaler. Many organizations are trapped in an outdated way of operating and simply do not realize it. People, businesses, and agencies regularly use antiquated processes or technology, never ant...

Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection

Blog Published: 10/03/2022

Originally published by SentinelOne here. Written by By Aleksandar Milenkoski and Jim Walter, SentinelOne. We observe a new trend on the ransomware scene – intermittent encryption, or partial encryption of victims’ files. This encryption method helps ransomware operators to evade detection system...

SaaS Breaches: How to Think About Security in Cloud Apps and Services

Blog Published: 10/03/2022

Originally published by Mitiga here.Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga.The increasing sophistication of attack groups The Okta breach is yet another indication of what we have been seeing for the past few years in the cybersecurity industry, particularly in the ...

Determining Your Level of CMMC Compliance: The Importance of CUI

Blog Published: 10/03/2022

Originally published by Schellman here. Written by Todd Connor, Schellman. Did you know? The Council of Economic Advisors estimates that malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016. And unfortunately, in the years since, cybercrime has only become w...

How Much is Your Sensitive Data Costing You? Here’s What CFOs Need to Know.

Blog Published: 09/30/2022

Originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.For many, sensitive data management seems like an inconsequential topic when compared to other business considerations. How can businesses prioritize sensitive data security when a factor like “r...

Data Context is the Missing Ingredient for Security Teams

Blog Published: 09/30/2022

Originally published by Sentra here.Why are we still struggling with remediation and alert fatigue? In every cybersecurity domain, as we get better at identifying vulnerabilities, and add new automation tools, security teams still face the same challenge - what do we remediate first? What poses t...

2022 State of Public Cloud Security Report Reveals Critical Cloud Security Gaps

Blog Published: 09/30/2022

Originally published by Orca Security here. Written by Bar Kaduri and Deborah Galea, Orca Security. Orca Security has released the 2022 State of the Public Cloud Security report, which provides important insights into the current state of public cloud security and where the most critical security...

Study: The Truth About SaaS Security and Why No One Cares…Yet

Blog Published: 09/29/2022

Originally published by Axonius here. Written by Tracey Workman, Axonius. A few months ago, we decided to conduct a study of IT and security professionals in the U.S. and Europe to better understand how they’re handling the rapid adoption of SaaS applications across their organizations. We alread...

One Pane (of Glass) Makes Many Clouds Work

Blog Published: 09/29/2022

Originally published by Entrust here. Written by Tushar Tambay of Entrust and Mark LaRoche of VMware. Cloud computing is a well established part of almost every organization’s IT infrastructure, but the proliferation of these cloud platforms, as well as increased focus on cloud platforms by hacke...

Cloud Security Alliance Announces Recipients of 2022 Service Awards

Press Release Published: 09/29/2022

Awards celebrate CSA volunteers’ outstanding efforts to advance cloud security, cybersecurity worldwideSEATTLE – Sept. 29, 2022 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computin...

How SOC 2 Audits Add Value to an Organization

Blog Published: 09/29/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. From ISO 27001 to PCI DSS to SOC 1 and SOC 2, there is no shortage of security assessments for organizations to pursue. While some audits can be more time intensive than others, the va...

The Anatomy of Wiper Malware, Part 2: Third-Party Drivers

Blog Published: 09/28/2022

Originally published by CrowdStrike here. Written by Ioan Iacob and Iulian Madalin Ionita, CrowdStrike. In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers...

Cloud DNS Security – How to Protect DNS in the Cloud

Blog Published: 09/28/2022

Originally published by Sysdig here. Written by Brett Wolmarans, Sysdig. When using DNS in the Cloud, security cannot be overlooked. This article is for cloud architects and security practitioners who would like to learn more about deployment options for DNS security and some security best practi...

The Security Risks of Taking a Stand

Blog Published: 09/27/2022

Originally published by CXO REvolutionaries here. Written by Heng Mok, CISO APJ, Zscaler. Organizations face increasing internal and external pressures to take public stands on issues unrelated to their core business. Examples include a broad range of social, political, and global events, which a...

The Ripple Effect of a Data Breach

Blog Published: 09/27/2022

Originally published by PKWARE here. The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up impact...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
71
72
73
75
77
78
79
Last »