Category Archives: Cloud Security Alliance

Category Added in a WPeMatico Campaign

Five Lessons Learned From Okta’s Support Site Breach

Originally published by Valence. Written by Adrian Sanabria. On September 29th, 2023, security vendor 1Password discovered unauthorized activity in their Okta tenant. An employee unexpectedly received an email that they had requested a report listing Okta administrators. A 1Password employee had recently uploaded a HTTP Archive (a HAR file), which is a browser session logging […]

Embracing Zero Trust: A Blueprint for Secure Digital Transformation

Written by the CSA Zero Trust Working Group.Zero Trust security has transitioned from a buzzword to a critical framework essential for safeguarding an organization’s assets. Recently released by CSA, Defining the Zero Trust Protect Surface offers a guide for organizations embarking on the first step of their Zero Trust journey. This blog delves into the […]

What are Non-Human Identities?

Originally published by Oasis Security.Written by Amit Zimerman, Co-founder & CPO, Oasis Security. A Non-Human Identity (NHI) is a digital construct used for machine-to-machine access and authentication. NHIs are pivotal in today’s evolving enterprise systems, especially as organizations transition towards machine-centric architectures. The need for rapid innovation has spurred the proliferation of microservices, 3rd-party services, […]

How Do I Choose a SOC Auditor?

Originally published by MJD.Written by JC London, Senior Manager, CISA, CISSP, MJD. Q: How do I choose a SOC auditor?A: MJD Answer:Choosing the right auditor and audit team may seem like an uncomplicated process at first. You’ve done your research, asked ChatGPT for its opinion, and you feel like you understand what a SOC 2 […]

Adhere to the EU Cloud CoC through the CSA

Written by SCOPE Europe.It’s live – you can now adhere to the EU Cloud CoC through the CSA!With a shared mission of supporting the dissemination of trusted cloud services, the anticipated collaboration between the EU Cloud CoC and Cloud Service Alliance (CSA) is now live. In practice, this collaboration offers the CSA community a dedicated […]

Evolving Email Threats: 5 Attacks to Watch For in 2024

Originally published by Abnormal Security.Written by Emily Burns. A new year means a new set of challenges across the email threat landscape. While traditional attack vectors are continuing to trend upward, there are also a number of novel attack types emerging. Threat actors have learned to bypass traditional email security platforms despite the increase in […]

11 Months to DORA: EU’s New Framework For BFSI

Written by [email protected], AuditCue.In September 2020, the European Commission unveiled a landmark proposal – the Digital Operational Resilience Act (DORA) – as part of its sweeping Digital Finance Package aimed at fortifying cybersecurity across EU financial institutions. Once finalized, DORA will enforce strict standards for risk management, reporting, resilience testing and more. This far-reaching regulatory […]

Why Compliance is a Roadmap to Security

Originally published by RegScale.In the realm of cybersecurity, compliance is often perceived as a necessary but sometimes challenging aspect of safeguarding data and systems. As we celebrate Cybersecurity Awareness Month, let’s delve into the evolving role of compliance in the cybersecurity landscape.Compliance: A Roadmap to SecurityCompliance doesn’t make you secure. Compliance gives you the questions […]

A New Era of Data Protection: CSA’s Strategic Partnership with the EU Cloud CoC for GDPR Compliance

Read the full FAQ here.In an era where data protection has become a vital concern for cloud service providers (CSPs) and their clients, the Cloud Security Alliance (CSA) has partnered with the EU Cloud Code of Conduct (EU Cloud CoC) to disseminate privacy standards across the cloud sector. This initiative offers a seamless GDPR compliance […]

To Meet Bold Ambitions and Combat Mounting Threats, Australia Endorses Zero Trust

Originally published by CXO REvolutionaries.Written by Heng Mok, CISO in Residence, Zscaler. If Australia is to become the most cyber-secure nation in the world by 2030, as Cyber Security Minister Clare O’Neill has said it can be, it has a ways to go. The Australian government’s recognition of this fact can be seen in two […]