Category Archives: Cloud Security Alliance

Written by Anna Campbell Schorr, Training Program Director, Cloud Security Alliance.   Over the years, we’ve witnessed security paradigms evolve—from the early days of perimeter defense, to the rise of Zero Trust, and most recently, the challenges introduced by Artificial Intelligence (AI). AI is rapidly becoming a cornerstone of the enterprise landscape: according to The […]

The Cloud Controls Matrix (CCM) is a framework of controls that are essential for cloud computing security. It is created and updated by CSA and aligned to CSA best practices. You can use CCM to systematically assess and guide the security of any cloud implementation. CCM also provides guidance on which actors within the cloud […]

Originally published by Schellman. Written by Austin Bentley.   It’s no secret: many organizations view and treat phishing as a periodic checkbox assessment. It’s often a basic email template sent to an entire organization. If someone clicks the link, they are recorded and possibly enrolled in training. While this approach can certainly check the “quarterly […]

The Cloud Controls Matrix (CCM) is a framework of essential cloud security controls that follow CSA best practices. You can use CCM to assess and guide the security of any cloud implementation. CCM also provides guidance on which actors within the cloud supply chain should implement which security controls. Both cloud service customers (CSCs) and […]

Originally published by CXO REvolutionaries. Written by Tamer Baker, CTO in Residence, Zscaler.   Technological progress continues to reshape patient care, improve operational efficiencies, and redefine the overall healthcare experience. Economic justification for the digital transformation is driving electronic health records (EHRs), telemedicine, mobile health applications, and wearable health technology forward. Like in all spheres […]

Written by Aashita Jain, Informatica.   We are ushering in an exciting new era where Data Privacy and Artificial Intelligence (AI) innovation move beyond guidelines to become powerful catalysts for change, revolutionizing business operations. Recently, AI’s explosive market growth and cutting-edge innovations are revolutionizing business operations, and these innovations are predicted to drive AI’s market expansion […]

Originally published by Vali Cyber. Written by Nathan Montierth.   Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active exploitation. These flaws allow attackers with virtual machine (VM) admin access to escape the guest OS, execute code on the hypervisor, and potentially take control of ESXi hosts—threatening entire multi-tenant cloud and […]

Originally published by Tenable. Written by Shai Morag.   Multi-cloud and hybrid environments, on the rise in recent years, have increased the complexity of security. Amid this complexity, risks have increased. But those risks don’t just come from threat actors. In fact, choosing cloud security providers with conflicting priorities can also introduce risk. World-class cloud […]

Originally published by TrojAI. Written by Julie Peterson, Lead Product Marketing Manager, TrojAI.     Innovating with artificial intelligence comes with significant risks. The unique nature of AI systems introduces a new threat landscape that traditional security measures are not equipped to handle. Unlike conventional software, AI models can behave unpredictably, absorb unintended biases, and […]

Originally published by Skyhigh Security. Written by Hari Prasad Mariswamy Director, Product Management Data Protection, Skyhigh Security.   Overview In today’s landscape of digital transformation, data security challenges continue to evolve, exposing organizations to new threats and compliance demands. Amidst these challenges, Data Security Posture Management (DSPM) has emerged as a powerful technology to help enterprises gain […]