Category Archives: Cloud Security Alliance

Category Added in a WPeMatico Campaign

Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars of DevSecOps Series

Document promotes and demonstrates the importance of clear measurements for security performance in DevSecOpsSEATTLE – May 15, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, and today released The Six Pillars of DevSecOps: Measure, Monitor, Report, […]

Building Trust Through Vendor Risk Management

Originally published by BARR Advisory.Written by Brett Davis.In today’s business landscape, relationships are paramount. But while the focus often lies on customer relationships, relationships with vendors are equally crucial. Establishing trust with vendors facilitates smooth operations and strengthens the entire business ecosystem. Let’s delve into why building trust with vendors is so important and how […]

New SEC Rules: Material Incident Reporting Through Cybersecurity Disclosures

Originally published by Cyera.Written by Jonathan Sharabi.The Securities and Exchange Commission (SEC) rules set forth on July 26th, 2023, require that nearly all companies that file documents with the SEC (“registrants”) must describe the processes and management procedures they use to assess, identify, and manage cybersecurity risks. The new regulations aim to provide investors and […]

A Risk-Based Approach to Vulnerability Management

Written by Devin Maguire, ArmorCode.Security and risk are related but not synonymous. Security prevents, detects, and responds to attacks and is a key variable in the broader category of risk management. Risk management weighs the probability and impact of adverse events across the organization to inform and influence decisions. The relationship between security and risk […]

Utah S.B. 149: Creating a Safe Space for Developers While Regulating Deceptive AI

Originally published by Truyo.Written by Dan Clarke.Utah’s foray into the realm of artificial intelligence (AI) regulation is marked by the passage of Senate Bill 149, the Artificial Intelligence Policy Act. While many states grapple with the complexities of AI governance, Utah’s rather fast and reactive approach emphasizes consumer protection and seeks to hold businesses accountable […]

Building Resilience Against Recurrence with Cloud Remediation

Originally published by Tamnoon.Written by Michael St.Onge, Principal Security Architect, Tamnoon.In the fast-evolving cloud security landscape, successful remediation isn’t just about fixing issues when they arise – it’s equally about preventing the recurrence of these issues.Prevention is the final, critical stage of the cloud security remediation process. After a specific threat or vulnerability has been […]

The Narrow Escape from the xz Disaster

Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz.In the intricate world of software supply chain, the recent near-miss incident with CVE-2024-3094–the xz/liblzma backdoor–serves as a potent reminder of our system’s fragility and the constant vigilance required to safeguard it. In short, a widely used open source package was compromised to add a […]

Enterprise Management Associates Names Cloud Security Alliance as a Cutting-Edge Security Exhibitor in Its Vendor Vision 2024 Report for RSA

CSA was the only nonprofit to be named in the reportSAN FRANCISCO (RSA Conference) – May 7, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, is pleased to announce that it was selected as a leading […]

12 Strategic Career Tips for Aspiring CISOs

Originally published by Abnormal Security.Written by Mike Britton.In the ever-evolving world of cybersecurity, the role of Chief Information Security Officer (CISO) has been firmly established as a critical position. And while the journey to becoming a CISO can be challenging, the destination is undoubtedly rewarding—and certainly never dull.Whether you’re taking your first steps on the […]

CISOs, AI, and OT: A Balancing Act Between Innovation and Protection

Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.In early 2024, I had the privilege of teaching a SANS leadership course in New Orleans. The food was amazing, as expected. What I didn’t expect was the sheer number of operational technology (OT) security professionals who would be in attendance. As I attended […]

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies. Click More Info to view Privacy Policy.