Category Archives: Cloud Security Alliance

As cloud adoption continues to reshape the IT landscape, ensuring cloud environments are secure and compliant is critical. However, a cybersecurity audit specific to cloud computing introduces unique challenges, given the complexities of shared security responsibilities between cloud providers and customers. Fortunately, CSA offers training and certificate programs designed to enhance auditors’ abilities to assess […]

Originally published by Pentera.Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ever to acquire, attackers are looking for ways to profit, which has led to a rise in malicious cryptomining, or cryptojacking. This is where attackers hijack computer resources to mine cryptocurrency […]

Written by Abel E. Molina, Softchoice.”An ounce of prevention is worth a pound of cure.” – Benjamin FranklinIn the digital age, our lives are intricately tied to the online world, from managing finances to sharing moments with loved ones. Yet, with the convenience of the internet comes a significant risk: cyber threats. As the famous […]

Originally published by Vanta.Written by Herman Errico.As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union’s Artificial Intelligence Act (AI Act), formally adopted on March 13, 2024, addresses this critical necessity by […]

Originally published by Dazz.The Olympians make it look easy, but make no mistake: rowing is a more difficult sport than meets the eye. Changing conditions in the water and weather, exhaustion, and even a head tilt in the wrong direction can send the boat off course or cause the team to lose time. And perhaps […]

Originally published by BARR Advisory.Compliance automation tools are designed to assist organizations in streamlining the rigorous demands of cybersecurity frameworks such as SOC 2, ISO 27001, and HITRUST. These platforms can help address the heavy lifting involved in preparing, undergoing, and maintaining compliance by automating repetitive tasks, freeing up security teams to think more strategically […]

Originally published by Astrix on August 14, 2024.Written by Tomer Yahalom.Google announced it will terminate support for Less Secure Apps (LSAs) on September 30, which presents a great opportunity to dive into their evolution – App-Specific Passwords, and the security concerns that still remain.Less Secure Apps (LSAs): How it all beganLess Secure Apps (probably called […]

Written by Ken Huang, CEO of DistributedApps.ai and VP of Research at CSA GCR.1. Introduction and Background On September 24, 2024, I had the privilege of attending the NIST symposium “Unleashing AI Innovation, Enabling Trust.” This event brought together leading experts, policymakers, and industry professionals to discuss the current state and future trajectory of artificial […]

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA’s Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we’ll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether you’re a professional or a beginner, this […]

Originally published by Normalyze.Written by Vamsi Koduru.Artificial Intelligence is evolving at a breakneck pace, with new models and applications being deployed across industries daily. However, this rapid advancement has brought with it a host of compliance challenges.As data security methods struggle to keep up with these technological strides, the responsibility falls heavily on data security […]