CSA Security Update

Beyond the Black Box: An AppSec Guide to AI

Most organizations are still securing AI like traditional systems, but AI changes the rules entirely. In this episode, leading security experts Jim Rotan and Manish Kumar Yadav from SAP reveal how AI’s probabilistic nature, supply chain risks, and emerging attack surfaces like prompt injection demand a complete overhaul of modern security strategy. From model poisoning to AI-driven data exfiltration, they break down the real risks in AI-powered environments—and what security teams must do differently. You’ll gain practical insights on adapting threat modeling, securing model provenance, implementing AI-specific guardrails, and embedding security early in the development lifecycle. This episode cuts through the hype to deliver actionable strategies for rethinking risk, strengthening defenses, and building resilient AI systems. If you’re responsible for protecting modern applications, this is essential listening. https://cloudsecurityalliance.org/star/

The Importance of AI Ready Data - How AI Is Changing Data Security and Quality

This episode explores how AI is transforming data management, governance, and security. Ben Wilcox, CTO with extensive cloud experience, discusses the shift from data sprawl to quality, the security implications, and best practices for organizations to prepare for AI-driven data strategies. Key Topics * Impact of AI on data sprawl and governance * Importance of data quality for AI effectiveness * Security risks associated with uncontrolled data sprawl * Best practices for AI data environment architecture * The role of data governance and lifecycle management in AI https://cloudsecurityalliance.org/star/

The importance of Cybersecurity in Education

Cyberattacks dominate today’s headlines, and in many cases, the weakest link isn’t technology—it’s people. In this episode, cybersecurity leader and educator Francisco Garcia Martinez, a member of the Technical Operations Committee of the Cloud Security Alliance, Spanish Chapter (CSA-ES), explores why cybersecurity education must evolve to meet the realities of an AI-driven world. As some countries introduce AI into high school curricula, many education systems still rely on outdated programs that fail to teach the critical thinking and security awareness needed in today’s digital landscape. Fran discusses how universities, governments, and industry can better prepare the next generation by focusing on foundational security principles, analytical thinking, and real-world technologies like cloud and AI, ensuring cybersecurity becomes a core skill for everyone, not just technical professionals.  https://cloudsecurityalliance.org/star/

From Pilot to Production: Preventing Breaches in AI Platforms

Artificial intelligence is no longer confined to innovation labs or pilot programs. As enterprises deploy GenAI and MLOps platforms across Azure, AWS, and hybrid environments, AI is becoming a first-class cloud workload, and that shift is exposing security models that were never designed for autonomous, adaptive systems. In this episode, we’re joined by Milan Rana, Principal AI Architect at Headstorm, to explore what actually breaks when organizations scale AI in production. Drawing from hands-on experience building secure AI landing zones for regulated enterprises, Milan moves beyond theory to highlight real-world failure points, architectural tradeoffs, and governance gaps. https://cloudsecurityalliance.org/star/

Beyond Encryption: Quantum Computing and the Future of Cyber Risk

In this episode, we delve into the transformative world of quantum computing and its implications for cybersecurity. Join us as William (Bill) Genovese, Chief Quantum Officer at Cyber Eagle Project, shares insights on how quantum technology is reshaping cyber risk, governance, and resilience. Discover why organizations must prepare now for a quantum future, the challenges of transitioning to post-quantum encryption, and the strategic steps leaders should take to safeguard their digital assets. Tune in to explore the intersection of quantum advancements and cybersecurity with industry experts. https://cloudsecurityalliance.org/star/