Industry Insights
Read the latest cloud security news, trends, and thought leadership from subject matter experts.

What an Auditor Should Know about Cloud Computing Part 3
With the launch of the Certificate of Cloud Auditing Knowledge (CCAK) credential by ISACA and CSA, Moshe Ferber has put together some of the insights gained during the creation of the CCAK. This is the third in a series of three blogs dealing with the essentials an auditor needs to know about clo...
CSA STAR Attestation and STAR Certification Case Studies
As organizations look to cloud services to process more sensitive and critical data, security and risk management teams require tools to quickly assess and understand the types and rigor of security controls applied by cloud service providers. The CSA STAR Attestation and Certification are the fi...
Using CSA STAR to Improve Cloud Governance and Compliance
By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceThe more complex systems become, the less secure they are, even though security technologies improve. There are many reasons for this, but it can all be traced back to the problem of complexity. Why? Because we give a lot of ...
Continuous Auditing and Continuous Certification
By Alain Pannetrat, Senior Researcher at Cloud Security Alliance and Founder of Omzlo.comFor some cloud customers in sensitive or highly-regulated industries, such as banking or healthcare, “traditional” annual or bi-annual audits do not provide enough assurance to move to the cloud. To address t...
Using SOC Reports for Cloud Security and Privacy
By Ashwin Chaudhary, Chief Executive Officer, Accedere Inc Data security and privacy are increasingly challenging in today’s cloud-based environments. Many organizations are storing a significant amount of data in distributed and hybrid cloud and even unmanaged environments, increasing challenge...
Continuous Auditing - STAR Continuous - Increasing Trust and Integrity
By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceAs a SixSigma Black Belt I was brought up over the years with the philosophy of continual monitoring and improvement, moving from a reactive state to a preventive state. Actually, I wrote a white paper a couple of years ag...
Browse by Topic
Write for the CSA blog
Submit your blog proposalSign up to receive CSA's latest blogs
This list receives 1-2 emails a month.