Written by MJ Schwenger, Co-Chair of the CSA AI Governance and Compliance Working Group.Generative AI: Embracing Hallucinations for Responsible InnovationThis blog delves into the fascinating world of Generative AI (GenAI), acknowledging its revolutionary potential while addressing the inherent challenge of "hallucinations." It explores the technical underpinnings of these hallucinations and proposes a nuanced perspective, shifting the focus from criticizing AI to fostering collaborative inte...continue reading on CSA Home

Originally published by BARR Advisory. Written by Larry Kinkaid, Manager, Cybersecurity Consulting. When it comes to implementing and maintaining a strong cybersecurity posture within any organization, accountability is key. An information security program is only effective when controls—i.e., internal processes designed to manage and mitigate the risk of cyber threats—are clearly outlined and when all stakeholders understand what they’re accountable for in terms of managing those controls. U...continue reading on CSA Home

Originally published by Adaptive Shield.Written by Hananel Livneh.Last month, The Verge reported on an amusing story of abusing Slack in a design, technology, science, and science fiction website. Tom McKay of IT Brew successfully hid on Slack after leaving the company in 2022 by assuming the persona of "Slackbot," remaining undetected by management for months. McKay shared screenshots of his antics on X and confirmed the escapade to The Verge. By changing his profile picture to resemble an a...continue reading on CSA Home

Originally published by MJD.Written by Shonda Knowles Elliott, CPA.In the digital age, where data is the new currency, businesses must prioritize the security and integrity of their clients' information. To demonstrate this, many organizations adhere to frameworks like SOC 2 (System and Organization Controls), developed by the American Institute of CPAs (AICPA). SOC 2 reports provide an independent auditor’s opinion on the design and operating effectiveness of a company’s information security...continue reading on CSA Home

Originally published by CXO REvolutionaries.Written by Nat Smith, Senior Director, Product Management, Zscaler.Could you accurately and succinctly describe zero trust to your leadership team or board? During my five years as a VP analyst at Gartner, I witnessed executives struggle to convey the concept in business language, and it’s not entirely their fault; “Zero trust” rolls out the red carpet for misinterpretation and misrepresentation.Zero trust is a model for secure resource access. Gart...continue reading on CSA Home

Originally published by Reco.Written by Gal Nakash.On March 14, Microsoft made Copilot available to customers in their 365 environment. Originally designed to enable productivity, Copilot is an AI chatbot that allows any user to conduct research or create content. It has the ability to generate slide decks, create text in word files, analyze spreadsheets and more. It’s powerful. ‍Shared Organizational Data Is Now at Risk of Data LeakageIt also opens up new doors for threat actors to gain acce...continue reading on CSA Home

Written by Uday Srinivasan, CTO, Acante.We previously discussed how the modern data stack has changed the threat landscape today. In part II, below, we outline exactly how security and data teams can enable modern data teams to innovate rapidly without compromising on the security and access governance of the enterprise data.The Need: A Data-centric Approach to SecurityHistorically, the term “data security” has been largely equated with encryption and similar control measures. However, with t...continue reading on CSA Home

Event to provide attendees with a holistic understanding of AI’s future along with pragmatic advice on managing risks and gaining benefits from generative AI SEATTLE – April 17, 2024 – This year, the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, will host a revolutionary summit at the RSA Conference — the CSA AI Summit, which will bring together influentia...continue reading on CSA Home

Originally published by InsiderSecurity.Data Breaches are an ever-present threat to enterprises in today’s connected world. Whether you are a small SME or a large multinational company, the risk of a data breach and the company becoming another headline is a constant concern for senior management. It is not just financial loss that worries management but the loss of reputation and customer trust that can take years to recover if a data breach happens. This article reviews seven key issues tha...continue reading on CSA Home

Written by Martin Hall.As business reliance on cloud infrastructure has grown, attack surfaces have changed, vulnerabilities have increased, and the nature of threats continues to evolve. Zero Trust has become a pivotal framework to enhance the security of cloud infrastructure and services. Its foundational principle of “never trust, always verify” is key for organizations to mitigate an evolving array of sophisticated cyber threats.While it’s essential for securing a company’s digital assets...continue reading on CSA Home