The CSA Security Update podcast is hosted by John DiMaria, Director of Operations Excellence at CSA. The podcast explores the CSA STAR program, cloud security best practices, and associated technologies. In this blog series, we edit key podcast episodes into shorter Q&As. Today’s post features Anna Schorr, Training Program Director at CSA. Anna and John […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by Abnormal Security.In the wake of the COVID-19 pandemic, video conferencing platforms like Zoom experienced an unprecedented surge in popularity. However, this increased usage also attracted the attention of cybercriminals who sought to exploit the platform’s growing user base. Here, we’ll take a look at the methods used to obtain stolen Zoom accounts, […]
Originally published by Adaptive Shield.Written by Maor Bin, CEO & Co-Founder, Adaptive Shield.On May 27, a threat actor group called ShinyHunters announced that it was selling 560 million records stolen in a data breach. The records include names, email addresses, physical addresses, and partial credit card numbers. This personally identifiable information (PII) can be used […]
Originally published by CyberArk.Written by Mike Bykat.A popular topic of conversation in my day-to-day work is how to secure privileged access to cloud management consoles and workloads. And that’s no surprise, considering more and more applications and workloads are migrating to the cloud.Up until recently, the answer has typically been clear when it comes to […]
Originally published by Valence.Often when it comes to security, a significant risk results from an action that is so easy that we tend to overlook the risk itself. Sharing a file using the “anyone with the link” option is the equivalent of leaving a treasure chest unlocked, overflowing with sensitive customer data. Unfortunately, it’s a […]
When Zero Trust was first coined by John Kindervag in 2009, it challenged the “trust but verify” approach of traditional security models. At the time, Zero Trust required us to challenge the assumption that trust is implicit. Especially with the complex networks, systems, and services that we see in today’s vast digital supply chain, trust […]
Originally published by Astrix on June 13, 2024.Last week we held an insightful live event featuring our solutions engineer, Michael Silva, and our CISO in Residence, Tim Youngblood. The event focused on the top four non-human identity (NHI) use cases that are crucial for security teams. Here’s a recap of the key points discussed during […]
Originally published by BARR Advisory.Artificial intelligence (AI) raises significant data privacy concerns due to its ability to collect, analyze, and utilize vast amounts of personal information. So what role do companies that have implemented AI play in keeping user data secured? Let’s dive in.One of the main concerns with AI is the potential for unauthorized […]
Originally published by CXO REvolutionaries.Written by Sam Curry, VP & CISO in Residence, Zscaler.“History doesn’t repeat itself, but it often rhymes.”–Mark TwainWe are in our fourth decade since the Security Administrator Tool for Analyzing Networks (SATAN) hit the scene and we have to ask ourselves, “Why is it still so hard to effectively patch systems?” […]
Paper emphasizes importance of model risk management (MRM) for harnessing full potential of AI and machine learning (ML) modelsSEATTLE – July 24, 2024 – The latest set of AI guidance from the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing […]