The CSA Enterprise Authority to Operate (EATO) Framework is an assessment, remediation, consultancy, and certification framework. It targets Anything-as-a-Service (XaaS) providers and their entire underlying supply chain who are catering to customers in highly regulated industries processing sensitive data. EATO controls are based on CCMv4, with augmented controls to reflect tight regulatory requirements, and the certification plugs into the C...

Join global leaders from industry, regulatory agencies, and standards bodies at CSA’s third annual Virtual Cloud Trust Summit—now expanded into a dynamic, free, two-day virtual event. As cloud adoption accelerates and emerging technologies like generative AI reshape the digital landscape, organizations face mounting pressure to meet evolving security and compliance demands. This year’s summit will spotlight two of the most pr...

Mergers and acquisitions can fuel growth—but they also create prime opportunities for cyber threats. Financial services organizations must act fast to secure newly acquired entities, maintain compliance, and prevent cyber risks from jeopardizing the deal. In this webinar, security leaders will learn:The biggest cybersecurity risks during M&A and how attackers exploit themBest practices for securing the business throughout the process...

As organizations realize security and operational benefits of protecting users with zero trust principles, they are also achieving value for extended environments like office branches, factories, data centers, and clouds. This session will demonstrate how they adopt and operationalize these locations by extending their zero trust architecture to branch offices, cloud workloads, and OT/IoT devices.

AWS is recognized as the most comprehensive cloud platform globally, but with complex identity management, permissions, and access controls, it can be difficult to know what you can secure at scale and where to start. Join our cloud security experts to learn essential best practices for maintaining a secure AWS environment. Whether you’re a beginner or specialist, you’ll discover new strategies that will help continually strengthen...

Organizations are navigating a rapidly evolving threat landscape, with hybrid and multi-cloud environments introducing fragmented visibility and complex data exposure risks. To better understand how enterprises are managing this challenge, Thales commissioned the Cloud Security Alliance (CSA) to investigate how organizations view risk to improve their data security posture. The study explores how organizations identify and prioritize data risk...

Artificial Intelligence has introduced and accelerated a new era of unprecedented technological advancement, opportunity, and risk. The impact of AI on critical areas of cloud computing and cybersecurity such as Non-Human Identity, Quantum, Governance and Assurance, Threat Assessment, Zero Trust, DevSecOps, Data Security and more is vast, casting a bright spotlight on the essential need for organizations to increase education and improve their...

With the emergence of AI agents transforming how organizations operate, securing the AI infrastructure itself becomes increasingly central to security leaders. How much of traditional security strategies like shift left and zero trust can be applied to AI security? As organizations integrate AI deeper into their operations, they must determine which established practices remain effective and where new approaches are needed. Join Caleb Sima, Ch...

Business continuity is top of mind in 2025. With AI-fueled cyberattacks at an all-time high, geopolitical instability in the news, and an ever-growing number of regulations to deal with, organizations are looking for solid foundations on which to build their operations. In this webinar we will peel back the layers of operational resilience and explore practical ways in to help organizations:Remain compliant to regulations covering business con...

Ever wonder what security leaders across industries are focusing on in the GRC space? What are their top priorities, and how should they shape yours? Join Vanta’s GRC Subject Matter Expert, Faisal Khan, and Daniele Catteddu, CSA's Chief Technology Officer, for a deep dive on building and scaling GRC programs. They will share their take on the role of trust, AI, and automation in strengthening your foundation and preparing for what...