Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog

All Articles

Home
All Articles
3 Access Security Lessons Learned from the Marriott Data Breach

Blog Published: 09/06/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. For the third time in less than five years, international hotel corporation Marriott is back in the news with yet another data breach.According to reports out of Databreaches.net who broke the story, Marriott was the vic...

Cold Storage Migration to the Cloud Is Heating Up for CISOs

Blog Published: 09/06/2022

Originally published by ShardSecure here. Written by Bob Lam, CEO and Co-Founder, ShardSecure. A lot of enterprise data storage today is on-premises—whether it’s hot data that is actively being used and needs to be accessed immediately or cold data that you don’t touch for weeks, months or even y...

How to Achieve CSA STAR Compliance

Blog Published: 09/02/2022

Written by Ashwin Chaudhary, CEO, Accedere. We know that a lot of organizations want to achieve the Cloud Security Alliance’s STAR Level 1 Self-Assessment or Level 2 Certification. However, some organizations face challenges in understanding the process, documentation, and approach to achieve ...

A Roadmap to Zero Trust Architecture

Blog Published: 09/01/2022

Originally published by DoControl here. Written by Corey O'Connor, DoControl. Zero Trust was first introduced in 2010, which was also the same year Apple introduced the iPad! This new concept was a bit slow to catch on before really gaining any sort of traction. Fast forward to today, Zero Trust ...

Treading Sensibly - Not Blindly - Into the Metaverse

Blog Published: 09/01/2022

Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. The metaverse is here. Organizations have the opportunity to leverage the metaverse to engage with customers and to experiment sooner, rather than later, to create a competitiv...

CSA STAR Certification vs. CSA STAR Attestation

Blog Published: 09/01/2022

Originally published by Schellman & Co here.Written by Ryan Mackie, Principal at Schellman & Company.In the popular modern musical Hamilton, the titular character is given an opportunity by George Washington. Hamilton can stay on the front lines of the American Revolution, or he can becom...

FIDO - Leading the Zero Trust Passwordless Authentication Evolution

Blog Published: 08/31/2022

Originally published by Thales here. Written by Gregory Vigroux, PKI Product Line Manager, Thales. It’s no secret that passwords have become one of the weakest links in enterprise security. Credential compromise is the leading cause of cybercriminals’ ability to gain access to enterprise resource...

The Evolving Role of the SOC Analyst

Blog Published: 08/30/2022

Originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says org...

Revisiting the Idea of the "False Positive"

Blog Published: 08/30/2022

Originally published by Gigamon here. Written by Joe Slowik, Principal Security Engineer, Applied Threat Research, Gigamon. Background One common refrain in security circles is the chore related to “false positive” alerts and detection results. The “false positive” alert correlates with security ...

Database Security Exposed: The Truth Behind the Record High Number of Data Breaches

Blog Published: 08/29/2022

Written by Cyral. “Every company is a data company.”From building better products and providing better customer experiences to improving efficiencies, data is driving the business.With data taking the spotlight, there are important implications for security, privacy, and compliance teams. It’s no...

Building a Shadow IT Policy: What CEOs, CTOs, and CISOs Need to Know

Blog Published: 08/29/2022

Originally published by ThirdPartyTrust here. Written by Sabrina Pagnotta, ThirdPartyTrust. When a US contact-tracing company exposed the details of 70,000 individuals, the term Shadow IT resonated: employees had used Google accounts for sharing data as part of an “unauthorized collaboration chan...

Data Security Compliance in the Age of “Work from Anywhere, on Any Device”

Blog Published: 08/29/2022

Originally published by Ericom here. Written by Peter Fell, Ericom. Customer protection and data security regulations vary significantly across industries and compliance requirements vary with them. Rigorously controlling sensitive data and safeguarding it against misuse, exposure and exfiltratio...

CCSK Success Stories: From a Project Manager of Certificate Policy

Blog Published: 08/27/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

SOC 1, SOC 2, and SOC 3 Reports: Type 1, Type 2, or Readiness Assessment?

Blog Published: 08/26/2022

Originally published by A-LIGN here. Written by Alex Welsh, Manager, ISO Practice, A-LIGN. SOC reports are gaining in popularity across industries and across the globe. More and more customers are asking for demonstrated SOC compliance, and independent cybersecurity control validation and attesta...

How Can Transit Gateway VPC Flow Logs Help My Incident & Response Readiness?

Blog Published: 08/26/2022

Originally published by Mitiga here. Written by Or Aspir, Mitiga. On July 14th 2022, AWS announced a new capability: flow logs for Transit Gateway. Transit Gateway VPC flow logs allows users to gain more visibility and insights into network traffic on the Transit Gateway.AWS highlights these ke...

Defending Your Enterprise Against a Sea of Increasingly Stringent Data Privacy Laws

Blog Published: 08/25/2022

Originally published by Thales here.Written by Krishna Ksheerabdhi, VP, Product Marketing, Thales.While international privacy regulations are front and center in much of the press I’d like to turn your attention to a developing patchwork of US Federal and State privacy regulations in this post.Th...

Defending Against Email Attacks Means Optimizing Your Team (Not Just Your Tech)

Blog Published: 08/25/2022

Originally published by CXO REvolutionaries here. Written by Heng Mok, CISO APJ, Zscaler. Social Engineering is Still Very Much in Style Among Attackers Though cybersecurity is a swiftly evolving field, one principle remains constant: it’s often easier to fool people than to circumvent security t...

Trends in Cybersecurity Breaches

Blog Published: 08/25/2022

The complete blog was originally posted by Alert Logic on July 7, 2022. Written by Antonio Sanchez. You may be used to hearing that cyberattacks are becoming more widespread and destructive every year. Recent world events are underscoring the point. COVID-19 left a lasting mark on our working l...

Rise of Cloud Computing Adoption and Cybercrimes

Blog Published: 08/24/2022

Originally published by HCL Technologies here.Written by Sam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies. The COVID-19 pandemic has caused a major disruption in the business leaders’ perspectives of their company’s’ requirements. A s...

Securing Australia's Critical Infrastructure

Blog Published: 08/24/2022

Originally published by Onapsis here. For more than a decade, cyberattacks on critical infrastructure have been growing as core systems, like power generation and distribution, have become more complex and reliant on networks of connected devices. In fact, over the past 18 months, we’ve seen a ra...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
73
74
75
77
79
80
81
Last »