CSA Security Update

In this insightful episode, we explore the intricate world of GDPR compliance and how tools like codes of conduct can support cloud service providers. Our special guest, Gabriela Mercuri, Managing Di…

The attack surface has expanded and evolved dramatically in an era where the industry is investing nearly a trillion dollars in cloud infrastructure, operations, and applications. Modern cloud develo…

In our latest episode, we delve into the innovative approach of auditing "themes" as introduced in the ISO/IEC 27001:2022 revision. This reorganization of domains marks a significant shift in how we …

In this exclusive interview, we have the honor of speaking with a representative from the Cloud Security Alliance (CSA), the esteemed recipient of the 2024 Global InfoSec Award for Cutting-Edge Cyber…

In the ever-expanding digital world, securing applications and the infrastructure they rely on is critical. This episode tackles three key security field acronyms: Application Security Posture Manage…

In this episode, John DiMaria & Cameron Kline, Director of Attest Services at BARR Advisory, delve into the relationship between CSA STAR Level 2 and ISO 27001 standards, emphasizing the significant …

In a world where the speed of business is only outpaced by the speed of regulatory changes, staying compliant without slowing down has become the new competitive edge. In this episode, we delve into …

In the latest CSA Security Update Podcast episode, we delve into the fascinating world of cybersecurity attestations and explore why CPA firms are increasingly leading the charge in this domain. Host…

In today's digital landscape, cloud security and governance are paramount. But how do we measure and attest to the security controls of cloud service providers? Enter the Cloud Security Alliance STAR…

In our enlightening interview with Steve Orrin, Federal CTO at Intel, we delve into the intricate world of government cloud technologies, the key role of FEDRAMP, and the future of CCM/STAR integrati…

In this podcast interview, we sit down with Nandor Csonka, the global practice lead for cloud security services at NCC Group, to explore their adoption and implementation of the CSA Cloud Control Mat…

This case study highlights Dell Technologies' journey towards adopting the Cloud Security Alliance's (CSA) Security, Trust, and Assurance Registry (STAR) program to enhance its cloud security. 

Dell T…

Private cloud computing refers to a computing infrastructure setup where an organization operates its own cloud environment within its data center.

What are the unique information security challenges …

As organizations look to cloud services to process more sensitive and critical data, security and risk management teams require tools to quickly assess and understand the types and rigor of security …

As we’re seeing more cyber attacks in software, open-source software, etc., there is a crucial need for businesses to future-proof against emerging threats. 

- How  can companies take preventative (vs…

STAR Certification is the internationally recognized cloud security certification program from CSA that specifies comprehensive and stringent cloud security requirements on CSPs. The CSA Cloud Contro…

As the businesses change the world changes and so does the standards industry. Being up to speed on those changes and paying attention to such changes can help company's succeed.

CSA is dedicated to k…

In order to fight against ransomware in the cloud, you need to have a multifaceted strategy so you can be better prepared to protect against and respond to attacks. But IT organizations often struggl…

Cloud computing has created new security vulnerabilities, including security issues whose full impacts are still emerging.  With the massive growth the cloud industry is experiencing, it's a "buyer b…