Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
What is CEO Fraud Phishing?

Blog Published: 06/14/2022

This blog was originally published by TokenEx here.Written by Anni Burchfiel, Content Marketing Specialist, TokenEx.As companies bolster their security infrastructure and increase budgets to deflect growing cyber-attacks, hackers are attacking the weakest link: human error. Social engineering cyb...

Predictive Analytics and Machine Learning in Cybersecurity: an Untapped Opportunity for ‘Negative’ Response Time

Blog Published: 06/13/2022

This blog was originally published by CXO REvolutionaries here. Written by Brad Moldenhauer, CISO - Americas, Zscaler. The chief information security officer (CISO) is measured by his or her ability to reduce risk, control cost, and minimize friction among employees, data, and the business at lar...

Far, Wide, and Worrisome: Third-Party Blind Spots Bring Risk

Blog Published: 06/13/2022

This blog was originally published by OneTrust here. Whether it’s legal, procurement, human resources, security — every business unit within an organization is optimizing a network of vendors, also known as third parties. Those vendors, while specializing in specific functions that boost speed an...

Vulnerable AWS Lambda Function – Initial Access in Cloud Attacks

Blog Published: 06/10/2022

This blog was originally published by Sysdig here. Written by Stefano Chierici, Sysdig. Our security research team prepared to explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your...

Why You Need Application Security Testing for Business-Critical Applications: Part 2

Blog Published: 06/10/2022

This blog was originally published by Onapsis here.In this blog series, we discuss the importance of building secure business-critical applications with application security testing. In part one, we shared that while speed is the driving force behind application development, on-time application d...

CCSK Success Stories: From the Director of Cyber Security Services

Blog Published: 06/10/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Implementing Outsourced Cloud Monitoring

Blog Published: 06/09/2022

This blog was originally published by Weaver here. Written by David Friedenberg, Senior Manager, IT Advisory Services, Weaver. If your organization has decided to hire an outsourced cloud monitoring service, it is important to consider how you will ensure that the services are delivered in the ri...

Cloud Security Alliance Offers Governance Best Practices for Protecting Data Throughout Software-as-a-Service (SaaS) Lifecycle

Press Release Published: 06/09/2022

Paper shares fundamental governance practices for SaaS environments that enumerate and consider risks during evaluation, adoption, usage, terminationSEATTLE and RSA Conference (San Francisco) – June 9, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to definin...

Why Every Cybersecurity Leader Should 'Assume Breach'

Blog Published: 06/09/2022

This blog was also published by Varonis here.Written by Yaki Faitelson, Co-Founder and CEO, Varonis.In February, information about the highly successful Conti ransomware group leaked after it declared its full support of the Russian government—vowing to respond to any attack, cyber or otherwise, ...

SEC Cybersecurity Rule Changes: The Straight Path to Now

Blog Published: 06/08/2022

This blog was originally published by Agio on April 4, 2022 here. Written by Kirk Samuels, Executive Director, Cybersecurity, Agio. On February 9th, 2022 the United States Securities and Exchange Commission (SEC) proposed new rules related to cybersecurity risk management and disclosures for regi...

What is the Principle of Least Privilege And Why Do You Need it?

Blog Published: 06/08/2022

Written by Authomize. The Principle of Least Privilege is just as it sounds. It is the principle of having users across an organization being given the lowest level of access that they need in order to perform their required tasks across a cloud environment.Least Privilege: Why It’s Important Imp...

Shining a Light on Shadow Data: What It Is and How to Minimize It

Blog Published: 06/07/2022

This blog was originally published by Polar Security here. Written by Roey Yaacovi, Polar Security. Shadow data can be defined as any data that is not available or subject to an organization’s centralized data management framework. Examples of shadow data include: Customer data that was copied fr...

Cloud Security Alliance’s Top‌ ‌Threats‌ ‌to‌ ‌Cloud‌ ‌Computing:‌ Pandemic 11 Report Finds Traditional Cloud Security Issues Becoming Less Concerning

Press Release Published: 06/07/2022

Study reveals shift in cloud security focus from information security to configuration and authenticationSEATTLE and RSA Conference (San Francisco) – June 7, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practic...

Cloud Data Security - The Cost of Doing Nothing

Blog Published: 06/07/2022

This blog was originally published by Laminar here. Written by Andy Smith, Laminar. The world has changed dramatically over the past couple of years—especially in the areas of business and technology. The COVID pandemic accelerated digital transformation and forced a shift to a remote or hybrid b...

Critical AppSec Capabilities That Accelerate Cloud Transformation

Blog Published: 06/06/2022

Written by Sujatha Yakasiri, CSA Bangalore Chapter and Stan Wisseman, CyberRes Cloud Technology is one of the fastest-growing technologies across the globe these days. Cloud adoption by organizations has increased exponentially especially during the covid-19 outbreak due to remote working culture...

Moving Beyond Best-of-Breed Into a Cloud-First World

Blog Published: 06/06/2022

This blog was originally published by CXO REvolutionaries here. Written by Brett James, Director, Transformation Strategy, Zscaler. Typical IT infrastructure in days gone by consisted of racks upon racks of best-of-breed equipment filling niche applications. Shiny boxes from a variety of vendors ...

Eighty Percent of IT and Security Professionals List Zero Trust as a Priority, According to New Cloud Security Alliance Survey

Press Release Published: 06/06/2022

Exploratory report looks to define guidance in access management, policy enforcement, scaling, and other challenges related to Zero TrustSEATTLE and RSA Conference (San Francisco) – June 6, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards,...

Every App Will Be Vulnerable. Security Needs to Be Automated Inside and Outside the App.

Blog Published: 06/06/2022

This blog was originally published by Valtix here.Written by Vishal Jain, Co-Founder and CTO of Valtix.Recent vulnerabilities and customer conversations have made a few things crystal clear in the last few months:There is no such thing as an invulnerable app, so inline defenses protecting the app...

Cloud Security Terms You Need to Know

Blog Published: 06/04/2022

As more companies are migrating to the cloud, security must remain at the forefront of everyone’s minds. Regardless of your job title, industry, or technical knowledge, the topic of cloud security is necessary. Explore the following terms to stay up-to-date with and gain a baseline knowledge of t...

Attack Vector vs. Attack Surface: What is the Difference?

Blog Published: 06/03/2022

This blog was originally published by BitSight here. Written by Rachel Holmes, BitSight. The terms attack vector and attack surface are often used interchangeably. But there are very clear differences between both terms. Understanding those differences can help your organization maintain ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
77
78
79
81
83
84
85
Last »