Document promotes and demonstrates the importance of clear measurements for security performance in DevSecOpsSEATTLE – May 15, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, and today released The Six Pillars of DevSecOps: Measure, Monitor, Report, […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by BARR Advisory.Written by Brett Davis.In today’s business landscape, relationships are paramount. But while the focus often lies on customer relationships, relationships with vendors are equally crucial. Establishing trust with vendors facilitates smooth operations and strengthens the entire business ecosystem. Let’s delve into why building trust with vendors is so important and how […]
Originally published by Cyera.Written by Jonathan Sharabi.The Securities and Exchange Commission (SEC) rules set forth on July 26th, 2023, require that nearly all companies that file documents with the SEC (“registrants”) must describe the processes and management procedures they use to assess, identify, and manage cybersecurity risks. The new regulations aim to provide investors and […]
Written by Devin Maguire, ArmorCode.Security and risk are related but not synonymous. Security prevents, detects, and responds to attacks and is a key variable in the broader category of risk management. Risk management weighs the probability and impact of adverse events across the organization to inform and influence decisions. The relationship between security and risk […]
Originally published by Truyo.Written by Dan Clarke.Utah’s foray into the realm of artificial intelligence (AI) regulation is marked by the passage of Senate Bill 149, the Artificial Intelligence Policy Act. While many states grapple with the complexities of AI governance, Utah’s rather fast and reactive approach emphasizes consumer protection and seeks to hold businesses accountable […]
Originally published by Tamnoon.Written by Michael St.Onge, Principal Security Architect, Tamnoon.In the fast-evolving cloud security landscape, successful remediation isn’t just about fixing issues when they arise – it’s equally about preventing the recurrence of these issues.Prevention is the final, critical stage of the cloud security remediation process. After a specific threat or vulnerability has been […]
Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz.In the intricate world of software supply chain, the recent near-miss incident with CVE-2024-3094–the xz/liblzma backdoor–serves as a potent reminder of our system’s fragility and the constant vigilance required to safeguard it. In short, a widely used open source package was compromised to add a […]
CSA was the only nonprofit to be named in the reportSAN FRANCISCO (RSA Conference) – May 7, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, is pleased to announce that it was selected as a leading […]
Originally published by Abnormal Security.Written by Mike Britton.In the ever-evolving world of cybersecurity, the role of Chief Information Security Officer (CISO) has been firmly established as a critical position. And while the journey to becoming a CISO can be challenging, the destination is undoubtedly rewarding—and certainly never dull.Whether you’re taking your first steps on the […]
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.In early 2024, I had the privilege of teaching a SANS leadership course in New Orleans. The food was amazing, as expected. What I didn’t expect was the sheer number of operational technology (OT) security professionals who would be in attendance. As I attended […]