Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
The Right Way To Address Multicloud Cybersecurity

Blog Published: 11/30/2021

This blog was originally published by Booz Allen here. Written by Brad Beaulieu, Booz Allen. Tailoring security for multicloud’s unique challengesAs the industry’s cloud service vendors race to differentiate themselves with exclusive new features and innovations, federal agencies are riding the i...

Why Now is the Time for Chaos (Engineering)

Blog Published: 11/30/2021

Written by Morey J. Haber, BeyondTrust. If you are old enough to remember the television show Get Smart, you may be familiar with the concept of applying chaos to provide order. While this spy show spoof mocked political stereotypes of the time for control versus chaos, the slapstick humor was de...

How Cloud Vendors Confront Cloud Migration Challenges

Blog Published: 11/29/2021

This blog was originally published by Vulcan Cyber here. Written by Yaniv Bar-Dayan, Vulcan Cyber co-founder and CEO. The major cloud service providers (CSPs) and other tech giants are stepping up their security game – introducing native offerings to aid their customers in the face of cloud migra...

CISOs Need a Break. Your Security Tech Stack Should Provide It.

Blog Published: 11/29/2021

By Fausto Lendeborg, Secberus. Chief information security officers of enterprise organizations face increasingly complex environments. Whether it’s: The constant presence of change, ITPro. says, “Security is one of the most complex parts of any organisation, and its parameters can chang...

What is Ransomware?

Blog Published: 11/28/2021

Contributions by Michael Roza and Vince Campitelli Ransomware is a rapidly growing problem that has increased 715% year-over-year, according to the latest Threat Landscape Report 2020 by Bitdefender (Bitfinder, 2020). Ransomware is highly profitable, which has made it the fastest growing malware ...

Spies Hack Cloud Supply Chains Because That's Where the Data Is

Blog Published: 11/26/2021

This blog was originally published by Authomize on October 28, 2021. Written by Gabriel Avner, Authomize. Microsoft announced this week that the Russian hacking crew APT 29 (aka Nobelium) was detected targeting cloud service providers in an attempt to reach those organizations’ customers as part...

Improving Customer Account Management with Security Transparency

Blog Published: 11/26/2021

This blog was originally published by SafeBase here. Written by Kevin Qiu, SafeBase. According to the Identity Theft Research Center, data breaches increased year-over-year once again in 2021, with the number exceeding 2020's breaches by October. Supply chain security in particular is now top-of-...

Better Together: CMDB + CSPM = Cloud Native Cyber Asset Management

Blog Published: 11/24/2021

This blog was originally published by JupiterOne here. Written by Tyler Shields, JupiterOne. There is a lot of confusion out there when it comes to cloud native IT and cloud security tools. Things have gotten rather complicated over the last few years as we migrate our security and technology sta...

The Fourth Dimension of Security Risk Management

Blog Published: 11/24/2021

This blog was originally published by Orca Security here. Written by Andy Ellis, Advisory CISO for Orca Security. When security professionals talk about risk, especially with business executives, we often use metaphors rooted in the physical world. We might talk about coverage, and compare it to ...

Security Spotlight: Large Data Leaks, New COVID-19 Scams, and Fast Ransomware Attacks

Blog Published: 11/23/2021

This blog was originally published on October 12, 2021 by Bitglass. Written by Jeff Birnbaum, Bitglass. Here are the top security stories from recent weeks: Twitch Leak Exposes Personal DataCox Media Group Confirms Ransomware AttackXgroup Attackers Offer to Hack EU Hospitals in COVID-19 Vaccine S...

Identity-First Security is the New Perimeter

Blog Published: 11/23/2021

This blog was originally published by Authomize here. Written by Gabriel Avner, Authomize. In May, the Biden Administration issued a new Executive Order calling to modernize the nation’s defenses against the steady escalation of cyber attacks that have hit the United States over the past year. In...

CSA Security Trust Assurance and Risk (STAR) Registry Reaches Notable Landmark with 1,500 Entries

Press Release Published: 11/22/2021

Significant milestone further validates value and relevance of programSEATTLE – Nov. 22, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announ...

Modernizing Security Operations with XDR

Blog Published: 11/22/2021

This blog was originally published by Cisco here. Written by Aaron Sherrill, Senior Research Analyst at 451 Research. Set the Stage: A World Without XDRSecurity operations teams at most organizations are overwhelmed by the sheer number of security products they’re required to manage.Over the cour...

Defining an Effective Multi-Cloud Strategy: Identifying Vulnerabilities Before They Wreak Havoc

Blog Published: 11/22/2021

This blog was originally published by Alert Logic here. It’s not news that organizations are facing a growing number and frequency of cyber threats, nor that new, sophisticated attacks are evading traditional security tools. But the growing threat that companies face is the complexity of the...

DevSecOps and Misconfigurations: Key Facts to Know

Blog Published: 11/21/2021

Secure DevOps, DevSecOps, and “shifting left” have become increasingly popular terms in cybersecurity. With the rapid increase both in volume and speed to delivery of applications, attacks on applications have also increased in both volume and complexity. Combine this with the shortage of cyberse...

STAR Testimonial: Implementation and Beyond

Blog Published: 11/20/2021

CSA’s STAR Attestation is the first cloud-specific attestation program designed to quickly assess and understand the types and rigor of security controls applied by cloud service providers. The CSA Security Update podcast is hosted by John DiMaria, CSA Assurance Investigatory Fellow, and explores...

Building a Security Training Testbed for Azure

Blog Published: 11/19/2021

This blog was originally published by Adobe here. Written by Akriti Srivastava, Security Analyst, Adobe OpSec Team. With any cloud platform, a lack of understanding of required security controls and unintentional misconfigurations can bring additional risk to the DevSecOps process. A test envi...

Achieving Zero Trust Remote Access with Privileged Access Management

Blog Published: 11/19/2021

Written by Matt Miller, BeyondTrust. The radical shift to embrace largescale remote work—and even a work-from-anywhere mindset, the accelerated pace of digital transformation, the proliferation of ransomware, and massive breaches (i.e. SolarWinds Orion, Colonial Pipeline, etc.) together have kick...

A Practical Guide to the Different Compliance Kubernetes Security Frameworks and How They Fit Together

Blog Published: 11/18/2021

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, ARMO. TL;DR - Comparing popular Kubernetes security and compliance frameworks, how they differ, when to use, common goals, and suggested toolsThe challenge of administering security and maintaining compliance in a Kuber...

Cloud Security Alliance’s Flagship Cloud Security Assessment and Guidance Documents Are Now Available in Five Additional Languages

Press Release Published: 11/18/2021

Cloud Controls Matrix (CCMv4), Consensus Assessments Initiative Questionnaire (CAIQ) are now available to a wider global audienceSEATTLE – Nov. 18, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to hel...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
93
94
95
97
99
100
101
Last »