Category Archives: Cloud Security Alliance

Findings emphasize the importance of regulatory compliance, strategic cloud adoption, regional considerations, and the need for continuous improvement in security practices SEATTLE – Dec. 10, 2024 – Financial institutions (FIs) are cautiously but increasingly adopting cloud technologies, while simultaneously placing greater value on multi-cloud strategies in order to avoid vendor lock-in and enhance data sovereignty, […]

Originally published by Scrut Automation.Written by Amrita Agnihotri.A growing wave of AI-related legislation and regulation is building, with the most significant example being the European Union’s (EU) Artificial Intelligence (AI) Act. In March 2024, European leaders passed this sweeping legislation into law.It will clearly have huge impacts on the way business is done, both in […]

Written by Ken Huang, CEO of DistributedApps.ai and Co-Chair of AI Safety Working Groups at CSA.There is no clear and consensus definition of what an AI agent is in the literature. This article does not aim to define what an AI agent is. Rather, I focus on examining AI agents from a range of capabilities, […]

Now celebrating 15 years of advancing cloud security, the Cloud Security Alliance (CSA) is proud to be the world’s leading organization dedicated to defining best practices for a secure cloud computing environment. Since our incorporation in 2009 and the release of our inaugural Security Guidance, CSA has expanded our impact through a broad portfolio of […]

If you’re excited about building a Zero Trust architecture for your organization, we understand! Zero Trust is pretty much the ultimate security strategy. However, before diving headfirst into building out your architecture, you need to perform a comprehensive systems analysis.This analysis should cover the functions and interactions of all devices, assets, applications, and services (DAAS) […]

Originally published by Valence Security.Written by Jason Silberman.The rapid rise of Software-as-a-Service (SaaS) has transformed business operations, offering unprecedented flexibility and scalability. However, this shift brings its own set of security challenges, particularly when it comes to managing the lifecycle of SaaS applications and their associated resources such as identities. Effective lifecycle management is crucial […]

Originally published by AppOmni.Written by Julia Benson, Technical Content Marketing Manager, AppOmni.In 2024, we witnessed a significant evolution in SaaS-based TTPs, which enabled bad actors to bypass traditional entry points, exploit SaaS misconfigurations and identity systems, and compromise sensitive data faster and more efficiently than ever before.In this post, we’ll explore the most impactful SaaS […]

Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA’s Top Threats to Cloud Computing 2024. Drawing from the insights of over 500 experts, we’ll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether you’re a professional or a beginner, this […]

Originally published by BARR Advisory.In the world of data security, a readiness assessment is your organization’s first step toward completing a successful SOC engagement. Readiness assessments test the controls that will be examined during your audit, which will provide recommendations for any necessary remediation. In other words, it helps ensure your audit runs smoothly. We’ve […]

Celebrating 15 years of innovation, the Cloud Security Alliance (CSA) has established itself as the premier organization shaping the future of cloud security through the development of transformative security frameworks. Since the release of our inaugural Security Guidance for Critical Areas of Focus in Cloud Computing in 2009 and the subsequent Cloud Controls Matrix, CSA […]