Cloud Security Alliance

At RSAC Conference 2026, Sean Martin caught up with Rich Mogull at the Cloud Security Alliance (CSA) booth for a candid on-site conversation about where enterprise security programs stand today -- and what it actually takes to keep pace with AI. Mogull, who joined CSA as Chief Analyst in October 2025, brings a practitioner's instinct to a research-first organization. The result ...

  Introduction: The Identity Everyone Ignores For over two decades, identity security has revolved around a simple assumption, “people are the risk.” We built programs to govern users, authenticate humans, de-provision employees, and enforce access reviews. That model worked until it did not. In multiple enterprise environments I have worked with over the past few years,...

Lack of visibility remains a top security risk with 65% of respondents reporting AI agent-related incidents in the past year   SEATTLE – April 21, 2026 – A new survey report from the Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, found that nearly all organizations (82%) have u...

New research shows rapid AI adoption is outpacing governance, with unintended AI agent behavior becoming common across enterprises    SEATTLE – April 16, 2026 – A new study conducted by the Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, found that the risk posed by AI agen...

“The AI Vulnerability Storm: Building a Mythos-Ready Security Program” delivers a risk register, 11 priority actions, and board briefing framework built by 60+ contributors and reviewed by 250+ CISOs in a single weekend April 14, 2026. SANS Institute and the Cloud Security Alliance (CSA), alongside [un]prompted and the OWASP GenAI Security Project, today released “The AI Vulner...