Originally published by Valence.Written by Jason Silberman.The recent attacks targeting data in customers of Snowflake, a SaaS application focused on data storage, serve as a critical reminder of the importance of understanding the Shared Responsibility Model in SaaS security. While initial reports claimed threat actors had breached Snowflake’s production system to compromise data at companies […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by BARR Advisory.A virtual Chief Information Security Officer (vCISO) is essential for organizations that lack the resources or expertise to manage cybersecurity in-house. Typically, small to mid-sized businesses, startups, or companies undergoing rapid growth benefit the most from a vCISO. These organizations often face complex security challenges but cannot afford a full-time CISO. […]
Originally published by Vanta.According to Vanta’s 2023 State of Trust Report, respondents spend an average of nine working weeks per year on security compliance. Some security teams have accepted that governance, risk, and compliance (GRC) will inevitably take tons of time and effort. And many continue to work towards small-scale efficiencies because they don’t believe […]
Originally published by Oasis Security.In the last few days, there has been a lot of noise about an alleged Snowflake breach that impacted several companies’ supply chains. While the details remain unconfirmed, it appears that the attack is once more identity-based. It is important to remain vigilant and ensure we are doing everything in our […]
Originally published by Truyo.We all want to leverage AI, but models are only as good as the data used to train them. Often, training data is comprised of confidential information. How do you balance the need to make an AI run effectively without exposing PII? It’s not only the initial training that could be exposing […]
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.As a CISO in Residence, one of my favorite activities is presenting on various topics at regional security summits. It lets me share ideas that I am truly passionate about with new and interesting people. Recently, I had the privilege of attending an ISACA […]
Originally published by Dazz.Written by Jordan McMahon, Corporate Marketing, Dazz.I’m not ashamed to admit I’m a massive sucker for videos featuring hilarious moments captured by Ring doorbells.Like this one.And this one.And definitely all of these.Round-the-clock monitoring has become essential in our lives. It’s comforting. It’s smart. It’s proactive. And it resonates with cybersecurity practitioners perhaps […]
Results highlight growing trust in the cloud as traditional cloud security concerns lessen in importanceSEATTLE and Black Hat Conference (Las Vegas) – Aug. 6, 2024 – Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report — the […]
Originally published by RegScale.Digital transformation, a raft of new state and federal regulations, and the exponential pace of change are quickly disrupting governance, risk, and compliance (GRC) processes for organizations and the CISOs who manage them. Big changes are ahead leading up to the year 2030 and beyond. We sat down with RegScale’s Co-Founder and […]
The CSA Security Update podcast is hosted by John DiMaria, Director of Operations Excellence at CSA. The podcast explores the CSA STAR program, cloud security best practices, and associated technologies. In this blog series, we edit key podcast episodes into shorter Q&As. Today’s post features Anna Schorr, Training Program Director at CSA. Anna and John […]