CSA Security Update
by John DiMaria; Director of Operations Excellence
Is this your podcast?Insights from recent episode analysis
Audience Interest
Podcast Focus
Publishing Consistency
Platform Reach
Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.
Most discussed topics
Brands & references
Total monthly reach
Estimated from 1 chart position in 1 market.
By chart position
- 🇷🇴RO · Arts#145500 to 3K
- Per-Episode Audience
Est. listeners per new episode within ~30 days
250 to 1.5K🎙 ~2x weekly·59 episodes·Last published 2mo ago - Monthly Reach
Unique listeners across all episodes (30 days)
500 to 3K🇷🇴100% - Active Followers
Loyal subscribers who consistently listen
200 to 1.2K
Market Insights
Platform Distribution
Reach across major podcast platforms, updated hourly
Total Followers
—
Total Plays
—
Total Reviews
—
* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.
On the show
From 10 epsHost
Recent guests
Recent episodes
Beyond the Black Box: An AppSec Guide to AI
Apr 17, 2026
38m 15s
The Importance of AI Ready Data - How AI Is Changing Data Security and Quality
Mar 16, 2026
24m 57s
The importance of Cybersecurity in Education
Mar 10, 2026
28m 21s
From Pilot to Production: Preventing Breaches in AI Platforms
Feb 24, 2026
21m 49s
Beyond Encryption: Quantum Computing and the Future of Cyber Risk
Jan 28, 2026
39m 07s
Social Links & Contact
Official channels & resources
Official Website
Login
RSS Feed
Login
| Date | Episode | Topics | Guests | Brands | Places | Keywords | Sponsor | Length | |
|---|---|---|---|---|---|---|---|---|---|
| 4/17/26 | Beyond the Black Box: An AppSec Guide to AI✨ | AI securityAppSec+5 | Jim RotanManish Kumar Yadav | SAP | — | AIsecurity+5 | — | 38m 15s | |
| 3/16/26 | The Importance of AI Ready Data - How AI Is Changing Data Security and Quality✨ | AI in data managementdata governance+3 | Ben Wilcox | CSA Security Update | — | AIdata security+5 | — | 24m 57s | |
| 3/10/26 | The importance of Cybersecurity in Education✨ | cybersecurityeducation+3 | Francisco Garcia Martinez | Cloud Security AllianceCSA-ES | — | cybersecurityeducation+3 | — | 28m 21s | |
| 2/24/26 | From Pilot to Production: Preventing Breaches in AI Platforms✨ | AI securitycloud workloads+3 | Milan Rana | HeadstormAzure+1 | — | AIsecurity breaches+6 | — | 21m 49s | |
| 1/28/26 | Beyond Encryption: Quantum Computing and the Future of Cyber Risk✨ | quantum computingcybersecurity+5 | William (Bill) Genovese | Cyber Eagle Project | — | quantum computingcybersecurity+5 | — | 39m 07s | |
| 1/23/26 | The New Mandate for Internal Audit in Cloud & AI Environments✨ | internal auditcloud technology+4 | Jerrad Bartczak | Cloud Security AllianceAdvantage Partners | — | cloud adoptionAI technologies+4 | — | 26m 17s | |
| 1/9/26 | Navigating AI Governance Insights - ISO 42001: The Future of AI Compliance✨ | AI governancecompliance+5 | Walter Haydock | StackAwareISO 42001 | — | AI governanceISO 42001+5 | — | 16m 38s | |
| 12/11/25 | AI Governance Gets Real: How ISO/IEC 42001 Elevates Cloud GRC✨ | AI governancecloud environments+3 | — | ISO/IEC 42001ISO 27001+1 | — | AI governanceISO/IEC 42001+3 | — | 26m 05s | |
| 12/11/25 | Internal Audit in the Age of Cloud & AI: Navigating the New Risk Frontier✨ | internal auditcloud technology+5 | Vik Rai | Cloud Security AllianceGrant Thornton | — | internal auditcloud+6 | — | 31m 23s | |
| 11/4/25 | Continuous verifiable proof is the new standard✨ | cloud securityvulnerabilities+3 | Scott Fuhriman | Invary | — | cloud securityvulnerabilities+3 | — | 38m 24s | |
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users. | |||||||||
| 10/23/25 | The Human Side of AI Security: Leadership, Culture, and Change | Summary In this episode, John DiMaria and John Earle discuss the rapid rise of AI in cybersecurity, drawing parallels to the early adoption of cloud security. They explore the importance of organizational culture, change management, and team dynamics in shaping security initiatives. The conversation emphasizes the need for effective communication and the role of security champions in overcoming resistance to change. Looking ahead, they highlight the qualities that will define successful secu... | 26m 27s | ||||||
| 9/22/25 | Guardrails for Generative AI: Balancing Innovation with Responsibility | As organizations embrace generative AI, ensuring applications align with safeguards is critical. Today, we are here to explore how proper Guardrails can enable responsible AI by filtering harmful content, enforcing policies, and supporting compliance—all without slowing innovation. Join us as we interview Saptarshi Banerjee, Senior Solutions Architect at Amazon Web Services (AWS Listeners will hear real-world use cases, governance best practices, and how to build AI solutions that ... | 25m 50s | ||||||
| 9/26/24 | Empowering Cloud Providers: The EU Cloud Code of Conduct and GDPR Explained | In this insightful episode, we explore the intricate world of GDPR compliance and how tools like codes of conduct can support cloud service providers. Our special guest, Gabriela Mercuri, Managing Director of SCOPE Europe, shares her expertise on the EU Cloud Code of Conduct (EU Cloud CoC), a pivotal GDPR compliance tool designed specifically for the cloud industry. Join us as we discuss the significance of these codes of conduct, their role in ensuring data protection, and how they offer a p... | 31m 05s | ||||||
| 8/21/24 | Real-talk: Opportunities for Security Teams to Fight AI with AI | The attack surface has expanded and evolved dramatically in an era where the industry is investing nearly a trillion dollars in cloud infrastructure, operations, and applications. Modern cloud development enables faster application building and introduces complex security challenges. As generative AI becomes increasingly integrated into our tools and processes, it promises to transform how we approach cybersecurity. But what does that mean for security and development teams today? Join us in... | 41m 19s | ||||||
| 7/23/24 | ISO/IEC 27001:2022 Unpacked: Embracing Auditing Themes | In our latest episode, we delve into the innovative approach of auditing "themes" as introduced in the ISO/IEC 27001:2022 revision. This reorganization of domains marks a significant shift in how we think about and implement information security management. By centering our conversation on auditing themes, we explore how this new structure enhances the alignment of security practices with organizational goals and risks. We'll discuss the rationale behind this change, practical insights on tra... | 43m 33s | ||||||
| 6/27/24 | From Concept to Competence: The Impact of CSA's Zero Trust Training | In this exclusive interview, we have the honor of speaking with a representative from the Cloud Security Alliance (CSA), the esteemed recipient of the 2024 Global InfoSec Award for Cutting-Edge Cybersecurity Training. This award acknowledges CSA's groundbreaking Certificate of Competence in Zero Trust (CCZT), the industry's first authoritative training and certification program dedicated to Zero Trust architecture, components, and best practices. During this session, we will delve into the de... | 41m 41s | ||||||
| 5/28/24 | Decoding Security Solutions: ASPM vs CSPM vs CNAPP | In the ever-expanding digital world, securing applications and the infrastructure they rely on is critical. This episode tackles three key security field acronyms: Application Security Posture Management (ASPM), Cloud Security Posture Management (CSPM), and Cloud-Native Application Protection Platform (CNAPP). While all focused on bolstering security posture, these target different aspects of one's security program. Listen as we interview Karthik Swarnam, Chief Security and Trust Officer at ... | 30m 23s | ||||||
| 5/2/24 | Aligning Security Standards: Maximizing Synergy Between CSA STAR Level 2 and ISO 27001 | In this episode, John DiMaria & Cameron Kline, Director of Attest Services at BARR Advisory, delve into the relationship between CSA STAR Level 2 and ISO 27001 standards, emphasizing the significant overlap in best practices, procedures, and controls for cloud service providers (CSPs) operating in medium- to high-risk environments. They highlight how collaboration with an auditing firm certified in both frameworks can expedite the compliance process, offering practical tips for streamlini... | 28m 32s | ||||||
| 4/30/24 | Navigating the New Age of Compliance | In a world where the speed of business is only outpaced by the speed of regulatory changes, staying compliant without slowing down has become the new competitive edge. In this episode, we delve into the heart of agile compliance with a special guest Travis Howerton; Co-Founder and Chief Executive Officer of RegScale, a pioneering company at the forefront of compliance automation. Discover how automated technology and continuous monitoring is revolutionizing the way organizations approach comp... | 37m 55s | ||||||
| 1/17/24 | Why CPA Firms Excel in Cybersecurity Attestations | In the latest CSA Security Update Podcast episode, we delve into the fascinating world of cybersecurity attestations and explore why CPA firms are increasingly leading the charge in this domain. Host John DiMaria is joined by Pawel Wilczynski, Cybersecurity Manager at Baker Newman Noyes (BNN), a top-ranked tax, assurance, and advisory firm and an accredited CSA STAR Assessment Firm. The episode delves into why CPA firms, traditionally known for financial audits, are exceptionally well-suited ... | 28m 33s | ||||||
| 11/27/23 | Cloud Security Unveiled: Navigating CSA STAR Attestation and SOC2 in the Digital Age | In today's digital landscape, cloud security and governance are paramount. But how do we measure and attest to the security controls of cloud service providers? Enter the Cloud Security Alliance STAR Attestation and SOC2 - two prominent frameworks for assessing and ensuring cloud security. In this episode, we dive deep into the intricacies of CSA STAR Attestation, its relationship with SOC2, and their collective impact on cloud governance and cybersecurity. Join the CSA and our guests, Pat Ne... | 43m 44s | ||||||
| 7/24/23 | Bridging Cloud Security and Compliance: Government Cloud, FEDRAMP, and CCM/STAR Integration | In our enlightening interview with Steve Orrin, Federal CTO at Intel, we delve into the intricate world of government cloud technologies, the key role of FEDRAMP, and the future of CCM/STAR integration. Orrin provides an insider's perspective on how these powerful tools are shaping the landscape of data security and regulatory compliance in the digital age. We also explore the challenges and opportunities presented by these technologies, offering valuable insights for stakeholders navigating ... | 41m 05s | ||||||
| 5/16/23 | Securing Cloud Technology: Insights from NCC Group. Adopting and Implementing CSA Cloud Control Matrix | In this podcast interview, we sit down with Nandor Csonka, the global practice lead for cloud security services at NCC Group, to explore their adoption and implementation of the CSA Cloud Control Matrix (CCM). Nandor shares the initial process of why NCC Group adopted the CCM and the challenges they encountered as a non CSP (Cloud Service Provider), along with their strategies for overcoming them. He also highlights the specific benefits and improvements that resulted from the adoption... | 34m 26s | ||||||
| 4/18/23 | Shining Bright with Dell: A Case Study on Embracing CSA STAR Program for Cloud Security | This case study highlights Dell Technologies' journey towards adopting the Cloud Security Alliance's (CSA) Security, Trust, and Assurance Registry (STAR) program to enhance its cloud security. Dell Technologies addressed the continued challenges of the cloud by adopting the CSA STAR program, which provided a framework for assessing and documenting cloud providers' security and compliance posture. Join us as we talk to Andrea Doherty; Technical lead for the Dell Technologies... | 17m 56s | ||||||
| 1/30/23 | Private Cloud Computing - Security Considerations, Risks and Shared Responsibility | Private cloud computing refers to a computing infrastructure setup where an organization operates its own cloud environment within its data center. What are the unique information security challenges faced day to day. VS other types of cloud, and how does one use the CSA Cloud Control Matrix to mitigate the risks? Due to heightened security issues over the last few years, are companies considering moving to a private cloud? What are the pros and cons and what is the best advise from those d... | 35m 16s | ||||||
Showing 25 of 59
Sponsor Intelligence
Sign in to see which brands sponsor this podcast, their ad offers, and promo codes.
Chart Positions
1 placement across 1 market.
Chart Positions
1 placement across 1 market.