Category Archives: Cloud Security Alliance

Paper bridges gap between traditional information technology security methodologies and the unique demands of critical infrastructure sectorsSEATTLE – Oct. 29, 2024 – In today’s interconnected world, critical infrastructure (CI) sectors face an ever-evolving landscape of cyber and physical threats. As these sectors embrace digital transformation and the convergence of operational technology (OT) and information technology […]

CSA extensively leverages the Cloud Controls Matrix (CCM) to enhance security practices across various domains of cloud research. The CCM is a comprehensive cloud security framework consisting of 197 security control objectives. The main purpose of the framework is to help organizations address the unique challenges of cloud computing. However, the CCM also acts as […]

Originally published by Devoteam.The Gartner Security & Risk Management Summit 2024 hammered home the need for a proactive and resilient approach to cybersecurity. Sure, there were plenty of shiny new technologies and strategies on display, but the biggest takeaway for me was the resounding emphasis on a people-centric approach to security and cyber resilience. This […]

Written by CSA’s AI Organizational Responsibility Working Group.In today’s rapidly evolving technological landscape, the rise of Shadow AI poses a significant challenge to organizations. Shadow AI refers to unauthorized or undocumented AI systems within an organization, which can compromise security, compliance, and overall control of AI operations. Drawing from CSA’s recent AI Organizational Responsibilities publication, […]

Paper provides comprehensive, industry-neutral guidelines and best practices for various stakeholders, from CISOs and AI developers to business leaders and policymakersSEATTLE – Oct. 22, 2024 – Driven by the need to address the evolving landscape of Artificial Intelligence (AI) and its associated risks and ethical considerations, the Cloud Security Alliance (CSA), the world’s leading organization […]

As cloud adoption continues to reshape the IT landscape, ensuring cloud environments are secure and compliant is critical. However, a cybersecurity audit specific to cloud computing introduces unique challenges, given the complexities of shared security responsibilities between cloud providers and customers. Fortunately, CSA offers training and certificate programs designed to enhance auditors’ abilities to assess […]

Originally published by Pentera.Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ever to acquire, attackers are looking for ways to profit, which has led to a rise in malicious cryptomining, or cryptojacking. This is where attackers hijack computer resources to mine cryptocurrency […]

Written by Abel E. Molina, Softchoice.”An ounce of prevention is worth a pound of cure.” – Benjamin FranklinIn the digital age, our lives are intricately tied to the online world, from managing finances to sharing moments with loved ones. Yet, with the convenience of the internet comes a significant risk: cyber threats. As the famous […]

Originally published by Vanta.Written by Herman Errico.As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union’s Artificial Intelligence Act (AI Act), formally adopted on March 13, 2024, addresses this critical necessity by […]

Originally published by Dazz.The Olympians make it look easy, but make no mistake: rowing is a more difficult sport than meets the eye. Changing conditions in the water and weather, exhaustion, and even a head tilt in the wrong direction can send the boat off course or cause the team to lose time. And perhaps […]