Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Why It’s Time to Approach Data Classification Differently

Blog Published: 02/11/2022

This blog was originally published by BigID here. Written by Sarah Hospelhorn, BigID. Classification’s never been an easy thing: even Aristotle struggled with it. When he tried to divide organisms into two groups (plants and animals) and then each of those into three (the former got shrubs, hedg...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 1

Blog Published: 02/10/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IR Introduction As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and its APIs and ample preparation. In cases when ...

Sealing Security Supply Chain Gaps

Blog Published: 02/09/2022

This blog was originally published by KPMG here. Written by Jonathan Dambrot, KPMG. With the current unrelenting pace of cyber-attacks, business leaders surveyed in KPMG’s 2021 CEO Outlook now recognize that cyber security is no longer a short sprint, but rather a long-distance marathon to keep u...

USAA Chief Security Officer Jason Witty to Address Attendees at Cloud Security Alliance’s SECtember

Press Release Published: 02/09/2022

Registration opens today for industry’s premier cloud event, where attendees can obtain the tools they need to manage cyber risk in the modern enterpriseSEATTLE – Feb. 9, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and...

The End of Agent Technology in the Cloud

Blog Published: 02/09/2022

Written by Morey J. Haber, Chief Security Officer at BeyondTrust One of the oppositions to new technology placed on an endpoint is the need for an agent. In fact, for years, one of the biggest objections by companies has been the need for agent technology at all. Time and time again, end users...

What You Need to Know About Keeping Your Uber Business Account Safe

Blog Published: 02/08/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. As a leading rideshare app, Uber is recognized worldwide. Today, this rideshare platform has 93 million riders and 3.5 million drivers. If your business uses Uber for work-related trips, food deliveries, or bicy...

New Guidelines from Cloud Security Alliance and SAFECode Help DevSecOps Teams Translate Security and Compliance Requirements into the Development Cycle

Press Release Published: 02/08/2022

Document provides framework to ensure gap between compliance and development is addressedSEATTLE – Feb. 8, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environ...

NOBELIUM’s Unprecedented Nation-State Attack

Blog Published: 02/08/2022

This blog was originally published by Microsoft on December 15, 2021. Written by Rob Lefferts, Corporate Vice President, Microsoft 365 Security. This is the final post in a four-part series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the wo...

The Secret Behind a Successful Zero Trust Project Is No Secret at All; It’s the Human Element

Blog Published: 02/07/2022

This blog was originally published by CXO REvolutionaries here. Written by Greg Simpson, Chief Technology Officer (Retired). Inventions can lead a hard life. Even those that end up revolutionary. Steve Ballmer, who was CEO at Microsoft when the iPhone was introduced famously said, “There’s no cha...

CCSK Success Stories: From a Cybersecurity Assistant Director

Blog Published: 02/04/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Key Questions for Cloud DLP Transformation

Blog Published: 02/04/2022

Written by Amit Kandpal, Director - Customer Success at NetskopeBased on prior, documented deployments of many DLP transformation programs (as companies adjust to the new cloud-first security stack), there are some critical and fundamental aspects that are often not fully understood:How is DLP di...

New Cloud Security Alliance Survey Finds Uneven Adoption of Emerging Technologies

Press Release Published: 02/03/2022

Organizational plans for Zero Trust, AI/ML, Quantum-Safe Security, 5G, and Blockchain are among the technology preferences revealed in this insightful studySEATTLE – Feb. 3, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications,...

Evolution of Cloud Security and Privacy Technologies

Blog Published: 02/03/2022

Written by Satyavathi Divadari of Micro Focus CyberRes Organizations accelerated digitization and cloud transformation rapidly in the last two years to offer customer digital services from anywhere while balancing Cyber Resilience requirements. Technologies for Security and Privacy evolved to a ...

App Patching is a No-Win Situation. First Principles Reveals a Better Approach.

Blog Published: 02/03/2022

Written by Satya Gupta, Co-Founder and CTO, Virsec When organizations need to get applications up and running quickly, they turn to cloud infrastructure. The last two years accelerated this strategy as nearly everything went digital. But now cloud users are facing an existential threat. I...

What Monsters are Lurking Around the Corner? 2022 Cybersecurity Watch List

Blog Published: 02/02/2022

This blog was originally published on Anjuna.io, the Confidential Cloud company. One thing we’ve learned from the last few years is that the potential perils from cyber attacks are coming more frequently and in new and different guises. We’ve already experienced the SolarWinds supply chain breach...

Improving Security Posture Through the 4-Step Gap Analysis Process

Blog Published: 02/01/2022

Written by Brad Fugitt, Chief Information Security Officer, Pax8 As we move into 2021, managed service providers (MSPs) will increase their focus on security as they work to keep their clients' data safe, protecting them from potential threats and loss. The move to a work from anywhere environmen...

Cyber Risks Haunt Energy and Natural Resource Sector

Blog Published: 01/31/2022

This blog was originally published by KPMG here. Written by Ronald Heil, KPMG. Imagine connected sensors that dispatch a repair crew to a fraying pipeline, laser ‘guard rails’ that prevent tanker trucks from backing off piers, and smart systems that prompt the power company to recharge your elect...

What is DevSecOps and How Does it Create a Holistic Cloud Security Environment?

Blog Published: 01/29/2022

What is DevSecOps?In the past, security needs were only addressed after application deployment or after security vulnerabilities were exploited. Businesses are now requiring a stronger collaboration between the development, security, and operational functions. Different combinations of security t...

Your Enterprise Cloud Risk Management Cheat Sheet

Blog Published: 01/27/2022

Written by Fausto Lendeborg, Secberus Picture this: It’s 2022, and cloud risk is no longer the elusive threat it once was. It is tamed through better understanding, faster mitigation and bold, policy-first strategy. Read on for three starter tips. 01Understanding Comes First. Understanding ...

A Look at the Top Cyber Attacks of 2021

Blog Published: 01/27/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. Across the globe, recent cyberattacks have been occurring at an alarmingly high rate. Specifically, ransomware attacks are a major concern among today’s businesses, governments, schools, and individuals. Ransomw...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
94
95
96
98
100
101
102
Last »