CSA Blog

Written by Jim Reavis, CEO, CSA. Small and mid-sized cloud service providers often face significant challenges when attempting to meet the rigorous security and compliance requirements set by their enterprise customers, especially those operating within highly regulated industries...

Written by Gerry Gebel, Strata. Originally published by Forbes. Running applications and processes in the cloud has profoundly reshaped business and society. It has introduced remarkable gains in speed, efficiency, and convenience. Today, about 70% of organizations report...

Originally published by Enkrypt AI. Written by Nitin Aravind Birur, AI Researcher, Enkrypt AI. Picture this: every time you picked up a new charger, you had to crack open your wall outlet and rewire the whole thing. Sounds exhausting, right? Well, that’s pretty much the...

Written by Olivia Rempe, Community Engagement Manager, CSA. In recent years, artificial intelligence has shown extraordinary promise—but also a troubling vulnerability: when it fails, it often fails fast, loud, and in the public eye. The Cloud Security Alliance’s AI Resilience...

Originally published by Valence Security. Written by John Filitz. A sophisticated attack vector known as “consent phishing” has emerged as a significant SaaS security threat. Unlike traditional phishing that targets credentials directly, consent phishing exploits...

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO in Residence, Zscaler. 24 specific things you can do to strengthen your security program against today's top threats As we move further into 2025, the cyber threat landscape changes continuously...

Originally published by Kaot.ai. Summary Open-source models are free, customizable, and community-driven, while closed-source models are proprietary with limited customization and professional support. Open-source offers better control over data privacy, while...

The Cloud Controls Matrix (CCM) is a framework of controls that are essential for cloud computing security. It is created and updated by CSA and aligned to CSA best practices. You can use CCM to systematically assess and guide the security of any cloud implementation. CCM also...

Originally published by Abnormal AI. Written by Emily Burns. The rapid integration of artificial intelligence (AI) into cybersecurity solutions has created both opportunities and challenges. AI-driven systems promise advanced threat detection, automation, and adaptability...

Originally published by Axway. Written by Chris Payne, Principal Product & Solutions Marketing Manager for Axway MFT. There’s an old IT saying that nobody notices MFT until something goes wrong. MFT hums along in the background at many enterprises, running on autopilot...

Originally published by Vali Cyber. Written by Chris Goodman. Executive Summary The NIST Cybersecurity Framework (CSF) 2.0 offers organizations a structured path to building cyber resilience in the modern cyber-scape. Its five core functions—Identify, Protect, Detect...

Written by Scott Fuhriman, CISM, CISSP, Invary. Executive Summary Zero Trust security models are designed to eliminate implicit trust and enforce strict, continuous verification across users, devices, networks, applications, and data. However, one foundational element...

Originally published by Vanta. Written by Jess Munday. Trust is critical to the success of every business. And in 2024, we saw that building, scaling, and demonstrating trust is getting more difficult for organizations. Vanta’s second annual State of Trust Report uncovered...

Originally published by CheckRed. Written by Amardip Deshpande, Senior Security Researcher at CheckRed. Cyberattacks on critical infrastructure have become a growing concern, with sectors like water supply, energy, and other essential utilities increasingly in the crosshairs...

Originally published by TrojAI. Written by Phil Munz. The evolution of agentic AI systems Agentic systems - software systems composed of multiple interacting agents - have been used to solve complex problems for many years. The field of AI safety has grown around agentic...