Latest news with #CloudSecurityAlliance
Yahoo
19-05-2025
- Business
- Yahoo
Knox Systems Joins Cloud Security Alliance to Advance Global Cloud Security Standards
WASHINGTON and NEW YORK, May 19, 2025 /PRNewswire/ -- Knox Systems, the fastest way for SaaS vendors to deliver secure software to the U.S. government, today announced that it has joined the Cloud Security Alliance (CSA), a global organization dedicated to defining and raising awareness of best practices for secure cloud computing. CSA counts among its members the world's leading technology and cloud providers, including Microsoft, AWS, Google Cloud, Cisco, IBM, Oracle, Salesforce, VMware, and Okta. Together, CSA members work to shape the future of secure cloud adoption by driving global standards, education, and certification. Knox joins CSA at a critical moment as the public sector accelerates its adoption of cloud-native platforms, generative AI, and Commercial Off the Shelf (COTS) software. As the operator of the largest and longest-running FedRAMP- and DISA-authorized SaaS cloud in the federal marketplace—including platforms hosting Adobe's federal cloud - Knox brings deep experience in securing high-impact workloads for civilian and defense agencies. "As government and enterprise organizations race to adopt internet-connected AI tools and cloud-native software, it's critical we align around globally recognized security practices," said Irina Denisenko, CEO of Knox Systems. "The Cloud Security Alliance is where the world's top cloud leaders come together to drive that alignment, and we're proud to join them in shaping the future of secure cloud." Knox's AI-powered platform enables SaaS vendors to achieve FedRAMP authorization in just 90 days for 90% less than of the traditional cost - unlocking faster and safer adoption of mission-critical tools across government and highly regulated sectors. About Knox SystemsKnox is the fastest way for SaaS vendors to get FedRAMP-ready and deliver secure software to the U.S. Government. Knox operates the largest and longest-running FedRAMP and DISA-authorized SaaS cloud and helps top vendors serve government missions at speed. Learn more at About the Cloud Security Alliance (CSA)The Cloud Security Alliance is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Its global membership includes thought leaders from the public and private sectors, driving innovation across cloud architecture, compliance, and emerging technologies. Learn more at Media Contact: media@ View original content to download multimedia: SOURCE Knox Systems, Inc
Techday NZ
01-05-2025
- Business
- Techday NZ
Cloud Security Alliance report urges new defences for cloud
The Cloud Security Alliance has published its latest Top Threats to Cloud Computing Deep Dive 2025 report, detailing critical cloud security incidents and offering actionable guidance for organisations. The report analyses eight real-world breaches involving organisations including a multinational technology conglomerate, an Australian sports governing body, a multinational automotive manufacturer, and a cybersecurity technology company. Developed by the alliance's Top Threats Working Group, the cases are mapped against relevant Cloud Controls Matrix controls, providing threat models and detailed narratives describing the circumstances of each breach. The report expands on the findings of the previous year's Top Threats to Cloud Computing documentation by examining how those vulnerabilities and security weaknesses have played out in actual incidents. According to the authors, these breaches illustrate persistent patterns and misconfigurations that malicious actors have exploited. Michael Roza, Co-Chair of the Top Threats Working Group and one of the lead authors of the paper, said: "The vulnerabilities, threats, and security weaknesses outlined in Top Threats to Cloud Computing 2024 have materialized in real-world breaches, exposing recurring failure patterns and misconfigurations that attackers continue to exploit. By analyzing these incidents, we have identified actionable lessons that organizations can adopt today to enhance cloud security and mitigate breach risks." The report draws attention to recurring security gaps, with a particular focus on the impact of identity and access management, supply chain risks, and the evolving nature of threat actors targeting cloud environments. It emphasises that these factors have continued to influence the frequency and impact of cloud security breaches across all sectors. Key takeaways outlined for cloud users, builders, and defenders include the need for security practices that consider both human error and persistent threats, and underline that identity and access security controls are essential for robust cloud security. The report also highlights that shared responsibility between cloud service providers and customers remains vital, urging clear delineation and enforcement of role-specific security practices. Continuous monitoring and real-time detection are recommended as critical components for incident prevention and response. Supply chain security is identified as an area requiring further attention, with calls for strengthened processes and oversight. The report further suggests that proactive cloud governance plays a significant role in reducing long-term risk exposure for organisations operating in the cloud. Another recommendation is that incident response plans and recovery strategies must be tailored specifically to the cloud environment, rather than repurposing traditional on-premises approaches. Security testing and validation, the report notes, should be extended beyond production environments to cover the full cloud lifecycle. The Top Threats Working Group's goal is to equip organisations with the latest expertise regarding cloud security risks, threats, and vulnerabilities, thereby supporting informed risk management decisions for cloud adoption. The group has invited individuals interested in contributing to its ongoing research and initiatives to join its efforts.
Techday NZ
30-04-2025
- Business
- Techday NZ
Cloud Security Alliance launches initiative to automate compliance
The Cloud Security Alliance has established a new initiative, the Compliance Automation Revolution, to address the growing complexity of regulatory compliance in data security and privacy. Organisations are facing mounting pressure to comply with an expanding array of data security and privacy laws, a trend accelerated by the proliferation of artificial intelligence technologies. The challenge is compounded by the increasing volume of data and technological advances that expand compliance requirements, leading to rising costs and diminishing returns in security improvement efforts. The Compliance Automation Revolution (CAR) is a coalition supported by a range of industry partners, including Google, Oracle, Anecdotes, Coalfire, Deloitte Italy, Salesforce, Schellman, and Vanta. The initiative aims to offer practical and effective solutions to common compliance challenges, leveraging automation and collaborative frameworks to relieve the regulatory burden on organisations. CAR's objectives include enhancing the quality of compliance, reducing associated risks and costs, and progressing towards regulatory harmonisation. The initiative also seeks to introduce real-time information exchanges between businesses and regulators to bolster assurance and cultivate greater trust within the wider ecosystem. Jim Reavis, Chief Executive Officer and Co-Founder of the Cloud Security Alliance, stated, "With 16 years of thought leadership, cutting-edge innovation, and global expertise, CSA is uniquely positioned to lead the Compliance Automation Revolution. Through initiatives like the globally recognized Security, Trust, Assurance and Risk (STAR) program and vendor-neutral research, we've consistently prioritised the industry's evolving needs. Now, with the launch of CAR, we're shaping a future where compliance not only enhances security but does so efficiently - eliminating unnecessary costs and redundant efforts." The CAR coalition intends to focus on four main action areas. The first involves automating the collection and sharing of compliance evidence through standardised, machine-readable formats. The second area is the integration of compliance checks earlier in the software development lifecycle through shift-left approaches. Thirdly, CAR aims to harmonise diverse regulatory frameworks into a common set of controls. The fourth area is the development of metrics and models to objectively quantify security and compliance risks, including the standardisation of effectiveness and assurance measurement. Archana Ramamoorthy, Senior Director, Regulated and Trusted Cloud at Google Cloud and CAR Founding Member, commented, "Adhering to compliance is often viewed as a costly, point-in-time snapshot that lags behind the pace of innovation. CAR represents a vital industry collaboration to change that paradigm. By embracing automation, harmonisation, and 'compliance-as-code,' we're not just aiming to reduce audit fatigue; we're building a future founded on continuous, evidence-based trust that can finally scale with the dynamic nature of cloud and AI." Anil Markose, GVP, Chief Compliance Officer for Oracle SaaS, said, "The Compliance Automation Revolution marks a strategic move toward aligning compliance and security as complementary forces. As the regulatory landscape grows more complex, and threats become more sophisticated, it is critical for organisations to proactively address both. We're excited to work with CSA in advancing this mission." Yair Kuznitsov, CEO and Co-Founder of Anecdotes, explained, "Enterprises today face increasingly complex GRC environments, and the need for scalable, automated solutions has never been greater. At Anecdotes, we're proud to be an ambassador for the Compliance Automation Revolution initiative, championing innovation that will help organisations navigate these challenges with greater ease and efficiency. This initiative tackles an unsolved problem, and we anticipate every enterprise will benefit from the groundbreaking work coming out of it." Adam Shnider, Executive Vice President for Compliance Services at Coalfire, stated, "Security and compliance should be less of a burden — they should be a business enabler. The Compliance Automation Revolution provides the framework and collaboration needed to streamline compliance efforts, reduce risk exposure, and ensure organisations stay ahead of emerging threats." Fabio Battelli, Senior Partner at Deloitte Central Mediterranean for Cyber Security Services, said, "By joining the Compliance Automation Revolution, we reaffirm our commitment to proactive security and compliance excellence. In an era of growing regulatory complexity, automation is key to reducing operational risk and streamlining compliance efforts. CAR represents a significant step forward in enabling organisations to shift resources from manual compliance tasks to innovation and business growth." Prashant Vadlamudi, Senior Vice President, Product Security at Salesforce, added, "The regulatory landscape is shifting fast — and so are emerging threats. Static, check-the-box compliance models are no longer sufficient to keep pace. At Salesforce, we see compliance as a trust enabler, not a roadblock. That's why we're proud to join the Compliance Automation Revolution and partner with CSA to drive scalable, proactive solutions, leveraging the power of AI, that help organisations meet rising expectations with confidence." Avani Desai, Chief Executive Officer of Schellman, commented, "In today's environment of mounting regulatory demands and rapidly evolving cyber threats, the Compliance Automation Revolution isn't just timely, it's essential. It's about transforming how organisations approach compliance, turning a traditionally reactive process into a proactive strategy for resilience. By embracing automation and collaboration, we can drive smarter decisions, reduce risk, and build a stronger, more secure future." Jadee Hanson, Chief Information Security Officer at Vanta, said, "As regulations grow more complex and the threat landscape evolves, companies need automation not just to keep up, but to get ahead. The Compliance Automation Revolution is an important industry movement, and Vanta is proud to join this effort to push the industry toward smarter, more scalable ways of working. Together, we can simplify compliance, strengthen security programmes, and free up teams to focus on what matters most."
Associated Press
29-04-2025
- Business
- Associated Press
TrojAI Has Joined the Cloud Security Alliance as an AI Corporate Member
In joining as an AI Corporate Member, TrojAI becomes a strategic partner in CSA's AI Safety Ambassador program SAINT JOHN, NB and BOSTON, April 29, 2025 /CNW/ -- TrojAI, the first security platform for AI that protects the behavior of AI models, agents and applications, is pleased to announce it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, as an AI Corporate Member. In doing so, TrojAI is demonstrating its commitment to leading AI security and safety practices within its organization, as well as advocating for responsible AI practices across the industry and promoting pragmatic solutions to manage AI risks. 'AI is evolving rapidly, and with it comes an urgent need for clear, practical guidance to ensure its secure and responsible use,' said Lee Weiner, CEO of TrojAI. 'Joining the Cloud Security Alliance as an AI Corporate Member reflects our deep commitment to advancing secure and responsible AI development and collaborating with industry leaders to shape the future of secure, trustworthy AI systems.' CSA's AI Corporate Membership empowers organizations to lead, innovate, and excel in the evolving AI security landscape. AI Corporate Members are strategic partners in CSA's AI Safety Ambassador Program, with organizations receiving enhanced benefits designed to maximize their impact in the AI security landscape. 'We're thrilled to welcome TrojAI as a founding AI Corporate Member of the Cloud Security Alliance,' said Jim Reavis, CEO and co-founder of CSA. 'TrojAI's mission to secure the behavior of AI models, applications and agents aligns perfectly with the goals of our AI Safety Initiative. Together, we are focused on developing practical, trusted guidance for the safe and responsible use of AI. Their leadership and expertise will be invaluable as we shape the future of AI security.' Since its founding, TrojAI has been committed to protecting against threats to AI models, applications and agents so that enterprises can manage risks and innovate securely using AI. Learn more about TrojAI's commitment to the responsible development and implementation of AI. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by the cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at and follow us on X @cloudsa. About TrojAI TrojAI's mission is to enable the secure rollout of AI in the enterprise. TrojAI delivers a comprehensive security platform for AI that protects AI models, applications and agents. The best-in-class platform empowers enterprises to safeguard AI models, applications and agents both at build time and run time. TrojAI Detect automatically red teams AI models, safeguarding model behavior and delivering remediation guidance at build time. TrojAI Defend is an AI application and agent firewall that protects enterprises from real-time threats at run time. By assessing the risk of AI model behavior during the model development lifecycle and protecting it at run time, TrojAI delivers comprehensive security for AI models, applications and agents. Media Contact [email protected] View original content to download multimedia: SOURCE TrojAI
Cision Canada
29-04-2025
- Business
- Cision Canada
TrojAI Has Joined the Cloud Security Alliance as an AI Corporate Member
In joining as an AI Corporate Member, TrojAI becomes a strategic partner in CSA's AI Safety Ambassador program SAINT JOHN, NB and BOSTON, April 29, 2025 /CNW/ -- TrojAI, the first security platform for AI that protects the behavior of AI models, agents and applications, is pleased to announce it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, as an AI Corporate Member. In doing so, TrojAI is demonstrating its commitment to leading AI security and safety practices within its organization, as well as advocating for responsible AI practices across the industry and promoting pragmatic solutions to manage AI risks. "AI is evolving rapidly, and with it comes an urgent need for clear, practical guidance to ensure its secure and responsible use," said Lee Weiner, CEO of TrojAI. "Joining the Cloud Security Alliance as an AI Corporate Member reflects our deep commitment to advancing secure and responsible AI development and collaborating with industry leaders to shape the future of secure, trustworthy AI systems." CSA's AI Corporate Membership empowers organizations to lead, innovate, and excel in the evolving AI security landscape. AI Corporate Members are strategic partners in CSA's AI Safety Ambassador Program, with organizations receiving enhanced benefits designed to maximize their impact in the AI security landscape. "We're thrilled to welcome TrojAI as a founding AI Corporate Member of the Cloud Security Alliance," said Jim Reavis, CEO and co-founder of CSA. "TrojAI's mission to secure the behavior of AI models, applications and agents aligns perfectly with the goals of our AI Safety Initiative. Together, we are focused on developing practical, trusted guidance for the safe and responsible use of AI. Their leadership and expertise will be invaluable as we shape the future of AI security." Since its founding, TrojAI has been committed to protecting against threats to AI models, applications and agents so that enterprises can manage risks and innovate securely using AI. Learn more about TrojAI's commitment to the responsible development and implementation of AI. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by the cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at and follow us on X @cloudsa. About TrojAI TrojAI's mission is to enable the secure rollout of AI in the enterprise. TrojAI delivers a comprehensive security platform for AI that protects AI models, applications and agents. The best-in-class platform empowers enterprises to safeguard AI models, applications and agents both at build time and run time. TrojAI Detect automatically red teams AI models, safeguarding model behavior and delivering remediation guidance at build time. TrojAI Defend is an AI application and agent firewall that protects enterprises from real-time threats at run time. By assessing the risk of AI model behavior during the model development lifecycle and protecting it at run time, TrojAI delivers comprehensive security for AI models, applications and agents.
