Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Behind The Buzzword: Four Ways To Assess Your Zero Trust Security Posture

Blog Published: 02/15/2022

This blog was originally published by Lookout here. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. With just about everything delivered from the cloud these days, employees can now collaborate and access what they need from anywhere and on any device. While this newfound fl...

ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention

Blog Published: 02/14/2022

This blog was originally published by Onapsis on February 8, 2022. Written by JP Perez-Etchegoyen and the Onapsis Research Labs. Detailed research from the Onapsis Research Labs throughout 2021 around HTTP Response Smuggling led to the recent discovery of a set of extremely critical vulner...

Are You Ready for the Great Cybersecurity RESET?

Blog Published: 02/14/2022

This blog was originally published by CXO REvolutionaries here. Written by Phil Armstrong, EVP & Global CIO (former). Have you heard about the “great cybersecurity RESET” yet? The reset is a new wave of activity and an emerging global trend centered around cybersecurity planning. Businesses a...

What is Cloud Penetration Testing?

Blog Published: 02/12/2022

Written by the CSA Top Threats Working Group. Also known as ethical hacking, cloud penetration testing evaluates security and discovers vulnerabilities by utilizing hacker tools and techniques. Security testing in general is crucial to the security assurance of cloud environments, systems and dev...

The Cyber Defense Matrix

Blog Published: 02/11/2022

This blog was originally published by JupiterOne here. Written by Sounil Yu, CISO & Head of Research, JupiterOne. In a world where cybersecurity threats evolve and proliferate at dizzying speed, a confusing and disordered cybersecurity landscape makes it all too difficult to ensure that our a...

Why It’s Time to Approach Data Classification Differently

Blog Published: 02/11/2022

This blog was originally published by BigID here. Written by Sarah Hospelhorn, BigID. Classification’s never been an easy thing: even Aristotle struggled with it. When he tried to divide organisms into two groups (plants and animals) and then each of those into three (the former got shrubs, hedg...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 1

Blog Published: 02/10/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IR Introduction As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and its APIs and ample preparation. In cases when ...

Sealing Security Supply Chain Gaps

Blog Published: 02/09/2022

This blog was originally published by KPMG here. Written by Jonathan Dambrot, KPMG. With the current unrelenting pace of cyber-attacks, business leaders surveyed in KPMG’s 2021 CEO Outlook now recognize that cyber security is no longer a short sprint, but rather a long-distance marathon to keep u...

USAA Chief Security Officer Jason Witty to Address Attendees at Cloud Security Alliance’s SECtember

Press Release Published: 02/09/2022

Registration opens today for industry’s premier cloud event, where attendees can obtain the tools they need to manage cyber risk in the modern enterpriseSEATTLE – Feb. 9, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and...

The End of Agent Technology in the Cloud

Blog Published: 02/09/2022

Written by Morey J. Haber, Chief Security Officer at BeyondTrust One of the oppositions to new technology placed on an endpoint is the need for an agent. In fact, for years, one of the biggest objections by companies has been the need for agent technology at all. Time and time again, end users...

What You Need to Know About Keeping Your Uber Business Account Safe

Blog Published: 02/08/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. As a leading rideshare app, Uber is recognized worldwide. Today, this rideshare platform has 93 million riders and 3.5 million drivers. If your business uses Uber for work-related trips, food deliveries, or bicy...

New Guidelines from Cloud Security Alliance and SAFECode Help DevSecOps Teams Translate Security and Compliance Requirements into the Development Cycle

Press Release Published: 02/08/2022

Document provides framework to ensure gap between compliance and development is addressedSEATTLE – Feb. 8, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environ...

NOBELIUM’s Unprecedented Nation-State Attack

Blog Published: 02/08/2022

This blog was originally published by Microsoft on December 15, 2021. Written by Rob Lefferts, Corporate Vice President, Microsoft 365 Security. This is the final post in a four-part series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the wo...

The Secret Behind a Successful Zero Trust Project Is No Secret at All; It’s the Human Element

Blog Published: 02/07/2022

This blog was originally published by CXO REvolutionaries here. Written by Greg Simpson, Chief Technology Officer (Retired). Inventions can lead a hard life. Even those that end up revolutionary. Steve Ballmer, who was CEO at Microsoft when the iPhone was introduced famously said, “There’s no cha...

CCSK Success Stories: From a Cybersecurity Assistant Director

Blog Published: 02/04/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Key Questions for Cloud DLP Transformation

Blog Published: 02/04/2022

Written by Amit Kandpal, Director - Customer Success at NetskopeBased on prior, documented deployments of many DLP transformation programs (as companies adjust to the new cloud-first security stack), there are some critical and fundamental aspects that are often not fully understood:How is DLP di...

New Cloud Security Alliance Survey Finds Uneven Adoption of Emerging Technologies

Press Release Published: 02/03/2022

Organizational plans for Zero Trust, AI/ML, Quantum-Safe Security, 5G, and Blockchain are among the technology preferences revealed in this insightful studySEATTLE – Feb. 3, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications,...

Evolution of Cloud Security and Privacy Technologies

Blog Published: 02/03/2022

Written by Satyavathi Divadari of Micro Focus CyberRes Organizations accelerated digitization and cloud transformation rapidly in the last two years to offer customer digital services from anywhere while balancing Cyber Resilience requirements. Technologies for Security and Privacy evolved to a ...

App Patching is a No-Win Situation. First Principles Reveals a Better Approach.

Blog Published: 02/03/2022

Written by Satya Gupta, Co-Founder and CTO, Virsec When organizations need to get applications up and running quickly, they turn to cloud infrastructure. The last two years accelerated this strategy as nearly everything went digital. But now cloud users are facing an existential threat. I...

What Monsters are Lurking Around the Corner? 2022 Cybersecurity Watch List

Blog Published: 02/02/2022

This blog was originally published on Anjuna.io, the Confidential Cloud company. One thing we’ve learned from the last few years is that the potential perils from cyber attacks are coming more frequently and in new and different guises. We’ve already experienced the SolarWinds supply chain breach...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
88
89
90
92
94
95
96
Last »