Originally published by Aembit. For many of today’s hybrid and data-driven enterprises, non-human identities (NHIs) – often referred to as machine and service accounts – are emerging as one of the most overlooked risks. While much attention has been devoted to securing human credentials, countless application-to-application connections and service accounts remain dependent on static and […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by Oasis Security. Written by Roey Rozi, Director of Solution Architecture, Oasis Security. Active Directory (AD) has been around forever—and for good reason. If you’ve got a big on-prem setup, it’s the go-to for managing users, permissions, and access. But here’s the catch: AD wasn’t built for today’s hybrid and machine-driven environments, where on-prem meets […]
The Cloud Controls Matrix (CCM) is a framework of controls (policies, procedures, and technical measures) that are essential for cloud computing security. It is created and updated by CSA and aligned to CSA best practices. You can use CCM to systematically assess and guide the security of any cloud implementation. CCM also provides guidance on […]
Originally published by Seiso. Written by Eric Lansbery. With every new tool or layer of protection, complexity grows—along with risks. Many organizations unknowingly make common security mistakes, such as misconfigurations, reliance on manual processes, and fragmented team efforts, leaving their cloud environments vulnerable despite significant investments. Why is Cloud Security is Becoming More Complex? […]
Originally published by Prescient Assurance. Written by Frejin Arooja. Running a compliance program is a commitment. As long as you do the right things and avoid making any wrong move, you’re okay. But one wrong move can quickly escalate a happy relationship into a nightmare. As the day blessed by St. Valentine approaches, we’ve compiled […]
Written by Enkrypt AI. AI race between US and China take a dark turn as red teaming report uncovers critical safety failures The launch of DeepSeek’s R1 AI model has sent shockwaves through global markets, reportedly wiping USD $1 trillion from stock markets.¹ Trump advisor and tech venture capitalist Marc Andreessen described the release as “AI’s Sputnik moment,” underscoring the global national […]
CSA’s Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It contains 197 control objectives structured into 17 domains that cover all key aspects of cloud technology. You can use CCM to systematically assess a cloud implementation. CCM also provides guidance on which actors within the cloud supply chain should implement which […]
Originally published by BARR Advisory.Written by Julie Mungai.For startups, security and privacy engineering can feel daunting. Limited resources, competing priorities, and the pressure to deliver products quickly often push these considerations to the back-burner. However, embedding security and privacy from the outset saves costs, builds trust, and ensures scalability. So, how can startups get started? […]
Written by the CSA New Jersey Chapter:Stanley Mierzwa, Ph.D.; CISSP, Director, Center for Cybersecurity, Transformational Learning and External Affairs, Kean University Eliot Perez, Director, Information Technology, Township of Bedminster, New Jersey Remember Y2K, in the context of the worry for many technologists and engineers working in the computer field? For many, it may feel like […]
Originally published by Oasis Security.Written by Guy Feinberg.As we meet with customers to discuss non-human identity security strategy, the topic of ownership comes up more frequently as one of the key component for any comprehensive Non-Human Identity Managament (NHIM) program. Our discoveries, along with the insights from our Context Reconstruction Engine have underscored the importance […]