Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

All Articles

All Articles
What is IoT Security?

Blog Published: 09/25/2022

Internet of Things (IoT) devices describe a variety of non-traditional, physical objects including medical devices, cars, drones, simple sensors, and more. IoT represents objects that exchange data with other systems over the internet or other networks. IoT security is the practice of securing th...

The Biggest Cloud and Web Security Concerns Today

Blog Published: 09/24/2022

With the continuation of remote work and newsworthy cyber attacks, organizations are struggling to adapt their overall security strategies to the changing landscape. To get a better understanding of the industry’s current attitudes regarding cloud and web security risks, Proofpoint commissioned C...

Survey: What Short Training Courses Most Interest You?

Blog Published: 09/24/2022

CSA is in the process of developing a series of 1 hour micro-training courses that provide potential CPE credits. These courses provide a high-level primer on some of the most critical cloud security topics. Based on research by CSA’s expert working groups, they build upon your cybersecurity know...

How Sensitive Cloud Data Gets Exposed

Blog Published: 09/23/2022

Originally published by Sentra here. When organizations began migrating to the cloud, they did so with the promise that they’ll be able to build and adapt their infrastructures at speeds that would give them a competitive advantage. It also meant that they’d be able to use large amounts of data t...

Supply Chain Challenges in the Shadow of Digital Threats

Blog Published: 09/23/2022

Originally published by HCL Technologies here. Written by Andy Packham, SVP & Chief Architect, HCL Microsoft Business Unit. In a monumental move toward greater organizational safety, the US government’s recent Cybersecurity Executive Order marks a major paradigm shift in the battle against di...

Monitor Your SaaS Environment for Three Common SaaS Misconfigurations

Blog Published: 09/23/2022

Originally published by AppOmni here. Written by John Whelan, Senior Director of Product Management, AppOmni. SaaS is ubiquitous across the enterprise and accounts for approximately 70% of software usage in companies. And SaaS usage is growing, with thousands of SaaS applications available to...

Do You Really Need a Service Mesh?

Blog Published: 09/22/2022

Originally published by Tigera here. Written by Phil DiCorpo, Tigera. The challenges involved in deploying and managing microservices have led to the creation of the service mesh, a tool for adding observability, security, and traffic management capabilities at the application layer. While a serv...

Are You Ready for a Slack Breach? 5 Ways to Minimize Potential Impact

Blog Published: 09/22/2022

Originally published by Mitiga here. Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga. TL; DRAs Slack becomes a dominant part of the infrastructure in your organization, it will become a target for attacks and at some point, it is likely to be breached (just like any other te...

Attention CISOs: The Board Doesn’t Care About Buzzwords

Blog Published: 09/22/2022

Originally published by Lookout here. Written by Paul Simmonds, Global Identity Foundation. We live in an IT world surrounded by buzzwords that are largely marketing gimmicks. Zero Trust, for example, is a concept no one actually understands and is slapped onto everything, including derivativ...

The Anatomy of Wiper Malware, Part 1: Common Techniques

Blog Published: 09/21/2022

Originally published by CrowdStrike here. Written by Ioan Iacob and Iulian Madalin Ionita, CrowdStrike. This blog post is the first in a four-part series in which an Endpoint Protection Content Research Team will dive into various wipers discovered by the security community over the past 10 years...

3 Trends from Verizon’s 2022 Data Breach Investigations Report

Blog Published: 09/21/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. The Verizon Data Breach Investigations Report is essentially infosec’s report card. It comes out right before summer vacation and gives us an ~120 page snapshot of the state of security. The findings, much like my report...

Comments on NIST Special Publication 1800-35B, ‘Implementing a Zero Trust Architecture’ Volume B

Blog Published: 09/21/2022

Originally published by Gigamon here. Written by Ian Farquhar and Orlie Yaniv, Gigamon. Editor’s note: As a supplier of network software and hardware to multiple U.S. government agencies, Gigamon reviews and comments on many draft standards and documents issued by government agencies. This has ac...

Learning Not to Step on Lego: Blast Radius, Cloud Sprawl, and CNAPP

Blog Published: 09/20/2022

Originally published by CXO REvolutionaries here. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. Ever stepped on a Lego block? It hurts, doesn’t it!If not, imagine for a moment that it’s 2 a.m. and you’re navigating your way to the bathroom in the dark. Your child has ...

Being a Good Cyber Citizen in a Digital World

Blog Published: 09/20/2022

Originally published by KPMG here. Written by Akhilesh Tuteja, Global Cyber Security Practice Leader, KPMG India. For organizations across all industries, cyber security has become an increasingly important board issue with growing public debate and scrutiny. And its connection to the environment...

Data Breaches Can Cost Far More than Money

Blog Published: 09/20/2022

Originally published by PKWARE here. Every year, cyber-attack statistics grow larger and more threatening. In 2021 alone, the average number of cyberattacks and data breaches increased by 15.1 percent over 2020. This sharp increase should prompt organizations to consider when—not if—they will...

NIST Post-Quantum Competition: And the Round 3 Finalists Are…

Blog Published: 09/19/2022

Originally published by Entrust here. Written by Samantha Mabey, Entrust. If you’ve been following the NIST Post-Quantum (PQ) Cryptography Competition, then you likely know the round 3 finalist have recently been announced. In the off chance you’re not familiar, here’s a little background: Quant...

The Chipmunks Are Coming: Appreciating the Motivation of Threat Actors

Blog Published: 09/19/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. I like birds, but more on them in a moment. At the point in time of our story, I’d worked from home for about 10 years, and the shine of my basement office had worn away. One summer, I thought it...

Better Uptime: The Key to Preventing Revenue Loss

Blog Published: 09/19/2022

Originally published by TokenEx here. Written by Anni Burchfiel, TokenEx. Quick Hits: Uptime is the amount of time hardware or software is active and operating successfully. Downtime costs businesses an average of $926- $17,244 a minute in productivity loss and revenue loss. The most important th...

Top Threat #4 to Cloud Computing: Lack of Cloud Security Architecture and Strategy

Blog Published: 09/17/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

How to Solve Complex Cloud Security Problems with AI

Blog Published: 09/16/2022

Written by Morey J. Haber, Chief Security Officer, BeyondTrust. Artificial intelligence (AI) and, to a lesser extent, machine learning (ML) have become increasingly prevalent as a solution to solve complex cybersecurity problems. While the cloud has made this more practical due to shared resource...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.