Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Security Performance Reporting

Blog Published: 04/20/2022

Command guidance for CISO-to-stakeholder communications Written by John Hellickson, Field CISO, Coalfire There is tremendous urgency for security professionals to do a better job at communicating security program performance to enterprise stakeholders and boards of directors. For the Coalfi...

A Look Inside a Benchmark Model In InfoSec: CIA Triad

Blog Published: 04/21/2022

This blog was originally published by SafeBase here. We are constantly hearing tips and tricks on how to protect our data - get a VPN, back everything up on a cloud, change your passwords, etc.. And in the business world, there are tons of policies in place and certifications that can be acqui...

Threat Modelling: What It Is and Why It Matters

Blog Published: 04/21/2022

This blog was originally published by Contino here. Written by Marcus Maxwell, Contino. Identifying the security threats that your systems face is one step towards mitigating potential vulnerabilities as part of a wider risk management strategy. But on its own, awareness of threats is not enou...

DevSecOps Best Practices for Vulnerability Management in the Cloud

Blog Published: 04/22/2022

This blog was originally published by Vulcan Cyber here. Written by Natalie Kriheli, Vulcan Cyber. With DevSecOps best practices, teams can remain on top of their security controls while taking full advantage of everything the cloud has to offer. A growing trend in the cloud ecosystem, DevSecO...

Cloud Security Alliance Paper Offers Executive Management Guidance on Factors to Consider When Implementing Serverless Architectures

Press Release Published: 04/20/2022

Report reviews risks, security concerns that accompany serverless architecture and offers industry-wide security best practices for adoptionSEATTLE – April 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best p...

Cloud Security Best Practices from the Cloud Security Alliance

Blog Published: 04/23/2022

Cloud is becoming the backend for all forms of computing and is the foundation for the information security industry. It’s a model for enabling convenient and on-demand network access to a shared pool of computing resources that can be rapidly provisioned and released with minimal management e...

Four Ways to Use the Cloud Security Maturity Model

Blog Published: 04/22/2022

This blog was originally published by Secberus here. Written by Fausto Lendeborg, Secberus.With a name like, Cloud Security Maturity Model, you may be one of the CISOs who think: Sounds like a lot of work.Where does my organization sit?How do we advance?Why should I care?And if any of those qu...

Higher Ed Gets an 'F' for Ransomware Protection: How the Industry Must Evolve

Blog Published: 04/25/2022

This blog was originally published by CXO REvolutionaries here.Written by Bryan Green, Chief Information Security Officer, Zscaler. Colleges and universities are amongst the slowest populations to modernize security controls, resulting in a high price tag – ransomware and breaches.It’s human n...

The Challenge of Protecting Business-Critical Data and Applications

Blog Published: 04/25/2022

This blog was originally published by Onapsis here. Global market intelligence firm IDC conducted a market survey in Germany in September 2021 to explore the challenges enterprises are currently facing in the development and running of security landscapes, as well as the plans they are pursuin...

How SOC 2 Is Changing the Face of Compliance in the Caribbean: Part One

Blog Published: 04/26/2022

Written by Cloud Carib For small island developing nations across the Caribbean and Latin American region, 2020 will, among other things, be remembered as a major catalyst for the acceleration of digital transformation. The onset of the global pandemic exposed major cracks in the infrastructur...

How SOC 2 Is Changing the Face of Compliance in the Caribbean: Part Two

Blog Published: 04/28/2022

Written by Cloud Carib As Caribbean cloud providers grow and expand into new markets, it has become vital that such organizations meet rigorous, standardized requirements. In part one of our series, we established why standardized compliance standards like SOC 2 (Service Organization Control 2...

As You Move to the Cloud, Make Sure Your PKI Goes with You

Blog Published: 04/26/2022

This blog was originally published by Entrust here. Written by Samantha Mabey, Product Marketing Management Director, Certificate Solutions at Entrust. I’m sure most of us have heard the buzz around “multi-cloud” or “hybrid cloud.” But what exactly does it mean? And more importantly, what does...

Women in Cybersecurity: Interviews with CSA’s Staff

Blog Published: 04/24/2022

.In cybersecurity, and the tech industry in general, men significantly outnumber women. However, more women are joining the field every day, helping to pave the way for others and proving that it benefits us all to hire a diverse workforce. Below, we’ve compiled four interviews with some of th...

5 Benefits of Detection-as-Code

Blog Published: 04/27/2022

This blog was originally published by Panther here. Written by Kartikey Pandey, Panther. How modern teams can automate security analysis at scale in the era of everything-as-code.TL;DR: Adopt a modern, test-driven methodology for securing your organization with Detection-as-Code.Over the past ...

Doing Business in Brazil? Get to Know the General Personal Data Protection Law (LGPD)

Blog Published: 04/27/2022

Written by VGS. Did you know that Brazil is bigger than the 48 contiguous United States? The US is only bigger than Brazil if you add Alaska! São Paulo, with over 21 million residents, is more populous than New York. And Brazil’s 210 million citizens enjoy a thriving economy: Brazil’s Gross Do...

Cloud Security Alliance Updates Internet of Things (IoT) Controls Matrix with New Incident Management Domain and Enhanced Technical Clarity and Referencing

Press Release Published: 04/26/2022

Expanded Matrix aimed at enterprise IoT systems that incorporate multiple types of connected devices, cloud services, and networking technologiesSEATTLE – April 26, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and b...

MFA Is Only As Effective As We Want It To Be

Blog Published: 04/28/2022

Written by Authomize Good cybersecurity is all about getting the basics right. Sure, AI and other advanced technologies help us to cyber better, faster, stronger, etc. But the really important work is all about actually using the most basic of tools to fend off the vast majority of attacks. On...

Kubernetes Version 1.24: Everything You Should Know

Blog Published: 04/29/2022

This blog was originally published by ARMO here. Written by Amir Kaushansky, ARMO. The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes.We’ve written this post so you can adjust your Kubernetes res...

The Cloud Has No Hard Edges

Blog Published: 04/29/2022

Written by Tim Sedlack, Sr. Director, Product Management, BeyondTrust You’ve seen the popular meme “I’m old enough to remember when …”, I’m certain. Well, as trite as it sounds, I am old enough to remember when cybersecurity had some pretty hard and fast rules. Passwords had to be complex, an...

The State of Data Security in 2022

Blog Published: 05/02/2022

This blog was originally published by BigID here. Written by Neil Patel, BigID. Data is an organization’s single most valuable asset, relied upon to make critical strategic and operational decisions every day. Much of this information is highly sensitive or critical — and in some cases vulnera...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
95
96
97
99
101
102
103
Last »