Written by Uday Srinivasan, CTO, Acante.We previously discussed how the modern data stack has changed the threat landscape today. In part II, below, we outline exactly how security and data teams can enable modern data teams to innovate rapidly without compromising on the security and access governance of the enterprise data.The Need: A Data-centric Approach to SecurityHistorically, the term “data security” has been largely equated with encryption and similar control measures. However, with t...continue reading on CSA Home

Event to provide attendees with a holistic understanding of AI’s future along with pragmatic advice on managing risks and gaining benefits from generative AI SEATTLE – April 17, 2024 – This year, the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, will host a revolutionary summit at the RSA Conference — the CSA AI Summit, which will bring together influentia...continue reading on CSA Home

Originally published by InsiderSecurity.Data Breaches are an ever-present threat to enterprises in today’s connected world. Whether you are a small SME or a large multinational company, the risk of a data breach and the company becoming another headline is a constant concern for senior management. It is not just financial loss that worries management but the loss of reputation and customer trust that can take years to recover if a data breach happens. This article reviews seven key issues tha...continue reading on CSA Home

Originally published by Schellman.Amidst the evolving patchwork of data protection and privacy legislation in the United States, privacy remains a top priority for organizations. But protecting privacy also requires resources, and while not all organizations have that much to spare, it is possible to make do with only a small, dedicated team.In this blog post, we’ll describe the common hurdles small privacy teams will face and how you can overcome them to set your organization up for long-ter...continue reading on CSA Home

Originally published by Cyera.Written by Leo Reznik. Microsoft is taking the lead when it comes to AI-powered ecosystems. The company’s newly introduced Copilot AI assistant for Microsoft 365 surfaces organizational data to deliver users a seamless workflow experience. However, with lots of data comes great responsibility. AI-powered tools enhance productivity while generating substantial new data that must be secured. These tools simultaneously raise the risk of inadvertent exposure of sensi...continue reading on CSA Home

Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.(And why it should become our outer superhero persona, too)Let's face it. The days of the CISO as the lone wolf, guarding the castle walls with a stack of firewalls and a suspicious glare, are over (though some of us still have an icy glare). Today's cybersecurity landscape demands a different kind of hero: a business-savvy leader who understands the intricate dance of protecting the organization whil...continue reading on CSA Home

Originally published by Truyo.Written by Dan Clarke.In 2024, a surge of global AI legislation is imminent, with the United States poised to follow the European Union’s lead by implementing comprehensive nationwide rules and guidelines. Senate Commerce Committee Chair Maria Cantwell is gearing up to unleash a wave of groundbreaking AI legislation, marking the first comprehensive initiative in Congress to address the multifaceted challenges posed by the currently unregulated technology.While th...continue reading on CSA Home

Written by MJ Schwenger, CSA AI Working Group.The explosive emergence of Generative AI, with its ability to create seemingly magical outputs from text to code, is undeniably exciting. However, lurking beneath this shiny surface lies a Pandora's box of potential risks that demand immediate attention and effective governance. Left unchecked, these risks could not only compromise the integrity of generated content but also exacerbate existing societal imbalances and undermine trust in technology...continue reading on CSA Home

Originally published by Uptycs.When it comes to cybersecurity, Remote Code Execution (RCE) might sound complex, but in essence, it's a straightforward concept with profound implications. Among the myriad of security vulnerabilities, RCEs are particularly alarming due to their high impact and the severe damage they can cause. A prime example of such a vulnerability is the infamous Log4j flaw, which shook the cybersecurity world by demonstrating just how widespread and dangerous these exploits ...continue reading on CSA Home

Originally published by Vanta.As your business grows, there are new demands of the security team, like adding additional compliance frameworks, more security questionnaires, or new, advanced requirements from large enterprise customers.While this growth is exciting, it also comes with growing pains — like outgrowing your existing security processes. Recognizing when and how to audit these outdated processes is essential for keeping your organization secure and scaling your security program w...continue reading on CSA Home