Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
SaaS Insecurity: How to Regain Control

Blog Published: 10/20/2021

By Andrew Sweet, AppOmni. Is your SaaS environment running? Then you better go catch it! Or, better yet, secure it. Jokes aside, it’s common knowledge these days that SaaS environments are popular for their agility and scalability, helping businesses streamline operations, improve custo...

Cloud Compliance Frameworks: What You Need to Know

Blog Published: 10/21/2021

This blog was originally published by Hyperproof here. Cloud storage and SaaS solutions bring unprecedented speed, agility, and flexibility to a business. However, trusting third-party vendors with sensitive data comes with numerous inherent risks, such as: Insecure access points can increase ...

Learn How Ransomware Attacks Have Changed - And How Response Needs To, Too

Blog Published: 10/22/2021

This blog was originally published by Mitiga here. Written by Ariel Parnes, Mitiga. Ransomware keeps hitting the news these days, filling headlines with stories about organizations struggling with disabled IT systems, inaccessible patient data, unavailable Wi-Fi, and general confusion. Ransomw...

Consistently Managing Entitlements for All Identities

Blog Published: 10/22/2021

Written by Sam Flaster, CyberArk. Today, we see identity at the heart of every trend in tech. What’s growing more complicated is the sheer size and scope of identities each organization must manage to prevent attackers from manipulating misconfigured or misaligned permissions. It’s criti...

Cloud Security Alliance Releases the Continuous Audit Metrics Catalog

Press Release Published: 10/20/2021

Paper is first to establish a foundation for continuous auditing of cloud services by defining a catalog of relevant security metrics and measurement processes that can be largely automatedSEATTLE – Oct. 20, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated t...

Are You Still Having Problems Building Secure Remote Access?

Blog Published: 10/25/2021

Written by Alex Vakulov In this article, I want to talk about the practical issues of implementing secure remote access as well as what is happening in the market, how regulators affect teleworking, and whether it is necessary to monitor employees who work from home. In the spring of last yea...

What is a Cloud-Native Application Protection Platform (CNAPP)?

Blog Published: 10/25/2021

This blog was originally published by Wiz here. Written by Josh Dreyfuss, Wiz. The security space is rife with acronyms and it can be difficult to keep track of everything. There is a new acronym emerging, however, that is worth diving into: CNAPP. CNAPP, or Cloud-Native Application Protection...

Latest Document From Cloud Security Alliance Outlines Tasks Every Organization Should Be Performing Now to Prepare for Post-Quantum World

Press Release Published: 10/19/2021

Paper reviews cybersecurity challenges and recommended steps to reduce risks likely to result from quantum information sciencesSEATTLE – Oct. 19, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to he...

How Do You Securely Use the Office 365 Suite?

Blog Published: 10/26/2021

This blog was originally published by Fortica here. Written by Romain Coussement – Cloud Security Expert at Fortica. The Office 365 suite is already in place in many companies. Does everyone use it completely securely? Not necessarily. But be aware that Microsoft’s range of tools offers a ho...

How US Federal Government Proposals Promote Zero Trust Network Access

Blog Published: 10/26/2021

This blog was originally published by Bitglass here. Written by Jonathan Andresen, Bitglass. As part of the mandates from President Joe Biden’s May 12th Executive Order on Improving the Nation’s Cybersecurity the Office of Management and Budget (OMB) is giving agencies until the end of October...

Inside the Mind of a Cybercriminal: Common Hacking Methods, Explained

Blog Published: 10/27/2021

This blog was originally published by Black Kite here. Cyber attacks are flooding today’s headlines. Not only are they growing in frequency, but the cost of a data breach in 2021 is more than $4 million per incident— a 10% increase over last year alone. Now all organizations are being called u...

5 Common Security Mistakes When Moving to Azure

Blog Published: 10/28/2021

This blog was originally published by Cloudtango here. Written by Jordi Vilanova, Cloudtango. Microsoft Azure is a powerful and wide ecosystem; covering all security aspects of a cloud environment is a complex undertaking. Although Azure is comprehensively secured by Microsoft, it does work ba...

Why Cloud Security is Critical for Retailers

Blog Published: 10/29/2021

By Kristen Bickerstaff, CyberArk. The past few years have seen accelerated digital transformations for the retail industry as online shopping and the demand for digital-first businesses have grown tremendously. Retailers are rapidly turning to the cloud and Infrastructure-as-a-Service (IaaS)...

3 Trends Shaping Identity as the Center of Modern Security

Blog Published: 10/27/2021

This blog was originally published by Microsoft here. Written by Joy Chik, Corporate Vice President, Microsoft Identity. Delivering identity solutions that secure access to everything for everyone has never been more important, given that identity has become the focal point of our digital ...

A Guided Approach to Support Your Zero Trust Strategy

Blog Published: 10/28/2021

As the world’s workforce sought to overcome the COVID-induced pandemic, a remote workforce suddenly became the new normal. At break-neck speed, information technology (IT) organizations were working to improve the security of millions of new endpoints that were accessing a network not optimize...

CCSK Success Stories: From the Vice President for Information Security

Blog Published: 11/01/2021

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverag...

Measuring up to CMMC Compliance with AppSec

Blog Published: 11/01/2021

This blog was originally published by Checkmarx here. Written by Rebecca Spiegel, Checkmarx. Any organization with aspirations to do business with the U.S. Department of Defense will rapidly familiarize itself with the recently introduced Cybersecurity Maturity Model Certification (CMM...

4 Misconceptions About DDoS Mitigation

Blog Published: 11/02/2021

This blog was originally published by MazeBolt here. Written by Yotam Alon, MazeBolt. After several years in cybersecurity and specifically in the DDoS mitigation space, I often come across certain common and widespread misconceptions. Here are my top four: Misconception #1: "DDoS attacks a...

Why the Facebook Outage and Twitch Breach Matter to Business Leaders

Blog Published: 11/02/2021

By Josh Stella, Fugue Co-Founder and CEO Originally Published at Fugue on October 14, 2021 This month, Facebook and Twitch both suffered serious damage at their own hands, and every executive needs to understand what happened and how these types of incidents are preventable. At ...

How Can You Protect Yourself from Data Leaks?

Blog Published: 11/03/2021

Written by Romain Coussement, Cloud security expert at Fortica Leaks of sensitive data were prominent in the news in the summer of 2019 and the months that followed. One after the other, large companies saw their customers’ sensitive data exposed on the Internet. How can you mitigate the thr...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
81
82
83
85
87
88
89
Last »