Cloud Security Alliance

💡 Dive into the next issue of the CSA Roundup, your bimonthly briefing on the ideas shaping the future of cybersecurity. In this edition, we explore the rise of agentic AI and its far-reaching impact on governance, risk, and compliance, along with the evolving challenges of identity, trust, and cloud assurance in increasingly autonomous systems. From new frameworks for securing AI agents to practical strategies for navigating compliance and identity in dynamic environments, this issue brings clarity to one of the most transformative shifts in security today. Check it out below 👇 #AgenticAI #AIGovernance #IdentityAndAccessManagement

The recent flurry of software supply chain attacks, including the compromise of LiteLLM, should have you asking: What can my organization do to protect itself? CSA Chief Analyst Rich Mogull's number one recommendation is Dependency Management. We've made the recording of Rich's Enterprise Member Briefing on the topic available to the general public. Get the full rundown and all of Rich's recommendations → https://ow.ly/FSav50YLnub #SoftwareSecurity #SupplyChainSecurity #DependencyManagement

Caroline Wong has spent over 20 years leading security across product, risk, and operations, from Symantec to eBay to Zynga. Today, as Chief Strategy Officer at Axari and author of The AI Cybersecurity Handbook, she’s focused on one of the biggest shifts in cybersecurity: how AI is changing how security decisions get made. At the Agentic AI Security Summit, Caroline will break down what this means for modern security programs. In this session, she’ll cover: • Why detection is no longer the bottleneck • How AI is compressing the gap between discovery and exploitation • What it takes to move from alerts to context-driven decisions • How to translate signals into real business risk If you're responsible for evolving your security program, this is directly applicable. ⚠️ Attendance is limited, and we expect to reach capacity. Register early and plan to join on time to secure your seat. 🎓 Attendees will receive 50% off the TAISE certificate. 📅 April 29-30 | Free & virtual Register Now → https://ow.ly/ZPXZ50YOfFt #AgenticAI #AISecurity #CyberSecurity #SecurityLeadership #CISO #AI #RiskManagement

📣 New research release! In "Using Zero Trust to Counter Identity Spoofing & Abuse," we explore the evolution of modern identity-based attacks and how to defend against them using Zero Trust principles. Benefit from real-world examples, architectural guidance, and future considerations such as AI-driven impersonation. Equip your organization to proactively address identity-centric threats. Key Takeaways: 🪪 The critical differences between identity spoofing and identity abuse ⚙️ How to apply Zero Trust principles to strengthen identity security and access control 👁️ How to implement risk-based, context-aware authentication and monitoring 🌩️ Common weaknesses in identity ecosystems 🦾 How to prepare for emerging threats, including AI-driven identity attacks Read it here → https://ow.ly/Up5550YJi6s #ZeroTrustSecurity #IdentitySecurity #IdentitySpoofing #IdentityAbuse

🤝 CSAI is a public-interest 501(c)(3) that supports independent research and education about AI safety and trust. Watch the clip below to get CEO Jim Reavis' perspective on the new foundation, and learn more by visiting the CSAI website: https://ow.ly/G19050YNMwJ ----------------------------------------------------------- 🎓 To get all the details about CSAI's 2026 mission, as well as some big project announcements, attend the FREE virtual Agentic AI Security Summit on April 29 & 30. Attendees qualify for 50% off the TAISE training and exam! Register here: https://ow.ly/kJYJ50YNMwI #AISafety #AITrust #AIResearch

The recent TeamPCP supply chain attacks reveal that we've entered an era where threat actors are specifically targeting the tools we use to defend ourselves, then riding those trust relationships deeper into our environments. In this exclusive Enterprise Member Briefing that we've made available to the general public, learn about the attacks and what to do if you were compromised → https://ow.ly/qVZu50YLne7 #IncidentResponse #RiskManagement #ThreatIntelligence

Gadi Evron has been shaping cybersecurity for decades. From founding the Israeli CERT to leading national cyber initiatives and now building AI security solutions at Knostic, he’s seen how threat landscapes evolve and how defenders have to adapt. At the Agentic AI Security Summit, Gadi joins a panel of security innovators to break down how agentic AI is introducing entirely new attack paths. In this session, you’ll get into: • Prompt injection and tool abuse in real environments • Agent-to-agent attack paths and data exposure risks • How to actually test, monitor, and control autonomous systems • What modern AI security looks like in practice This is a practitioner-level conversation with people actively building and defending these systems. ⚠️ Attendance is limited, and we expect to reach capacity. Register early and plan to join on time to secure your seat! 🎓 Plus, attendees will receive 50% off the TAISE certificate. 📅 April 29-30 | Free & virtual Register for the Summit→ https://ow.ly/UgFL50YObZg #AgenticAI #AISecurity #CyberSecurity #CloudSecurity #CISO #AI #ZeroTrust

When cyber, AI, and geopolitics converge, leadership is tested. Join senior executives and risk leaders at ALWAYS EXPOSED, featuring Troy Leach, Chief Strategy Officer at CSA, to explore interconnected threats, strengthen governance, and build resilience. Save 30% with code TROY30 and receive 1 complimentary ticket for every 4 booked. Register now → https://ow.ly/2Ws250YJ708 #CyberLeadership #AIGeopolitics #RiskManagement

Security teams aren’t just managing vulnerabilities anymore. They’re managing exposure across cloud, SaaS, identity, OT, and now AI. CSA is proud to support Tenable’s #EXPOSURE26, where leaders and practitioners will share how they are: • Prioritizing risk with real-world context • Preparing for AI-enabled threats • Building exposure-centric security programs 📅 May 19–21 📍 Boston, MA Register Now: https://ow.ly/Tfmx50YO5gW #CloudSecurityAlliance

📰 CSA in the news! 📰 In this article, IT Brew's Billy Hurley introduces Project Glasswing and CSA's "The 'AI Vulnerability Storm': Building a 'Mythosready' Security Program" briefing. Learn all about the "big-time patch party" coming your way → https://ow.ly/CMta50YNL1R #ProjectGlasswing #SecurityBriefing #SecurityProgram