Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Securing data and maintaining compliance in ServiceNow

Published: 01/27/2020

By Neeraj Nayak, Senior Manager, CipherCloud2019 was one of the worst and shocking years in cybersecurity. Worst because of the scale of data exposure - 5183 breaches, exposing 7.9 billion records in just the first nine months of 2019 [1]. Shocking because of the post-mortem reports - most of the...

Can you arrest a decentralized autonomous organization that lives in outer space?

Published: 01/23/2020

By Kurt Seifried, Chief Blockchain Officer, CSAOne aspect of the modern world is that lawbreaking has gotten more and more ambiguous. If I ship a pile of electronic scooters to some random city and pay contractors to drop them off around the city, have I just committed some bizarre act of litteri...

​Prevent security misconfigurations in a multi-cloud environment

Published: 01/20/2020

By the CipherCloud TeamIn November 2019, we witnessed one of the biggest data breaches to date. Personal information of 1.2 billion users got exposed, including phone numbers, email addresses and profiles of hundreds of millions of people that include home and cell phone numbers, associated socia...

2020 Predictions: Hear Me Now and Believe Me Later

Published: 01/17/2020

By Jim Reavis, Co-Founder and CEO of CSAI am typing up my prediction blog using an invisible ink font, to reduce my embarrassment when 2021 rolls by. I know prediction articles can be a dime a dozen and prognosticators pick both easy and vague items to appear smarter than they are. I am all about...

Behind the Scenes of the IoT Working Group with Mark Yanalitis

Published: 01/15/2020

By CSA Staff and Mark Yanalitis Here at CSA, our working groups are the core of what we do. From researching best practices, to tackling challenges on the horizon, they bring together security professionals from diverse backgrounds and experiences to collaborate on research that will benefit the ...

​Five Predictions to Impact Enterprise Network Security in 2020

Published: 01/10/2020

By Etay Bogner, VP, Zero-Trust Products, ProofpointAccelerating developments in security are playing a significant role in the evolution of enterprise networking. For years, the industry has relied on a hardware-centric, trust-based model that has become increasingly inflexible and insecure. Empl...

​We Need More Women Mentors For a More Complete Cybersecurity Workforce

Published: 01/07/2020

By Sivan Tehila, Director of Solution Architecture at Perimeter 81It seems like everyone wants to get into the field of cybersecurity. However, this isn’t the case for women. The cybersecurity industry needs to rethink how to attract more women into the talent pool to bring more order into the ge...

Enterprise Architecture Cloud Delivery Model - CCM Mapping

Published: 01/06/2020

The Enterprise Architecture working group has been developing a Cloud Service Delivery Model mapping which aims to give businesses who are building out their cloud program an inside look into roles and responsibilities when it comes to IaaS, PaaS, and SaaS and specific areas within each.This phas...

​CCPA is Ambiguous About Cloud. Your Response Shouldn’t Be.

Published: 12/18/2019

This article was originally published on Fugue's blog here.By Drew Wright, Co-Founder of Fugue On January 1, 2020, the California Consumer Privacy Act (CCPA), California’s answer to GDPR, goes into effect. Like GDPR, the CCPA is delivering anxiety and dread to executives, marketers, compliance...

The Four Pillars of CASB: Visibility

Published: 12/04/2019

By Juan Lugo Product Marketing Manager at BitglassDue to the potential for data leakage in the cloud, the use of CASBs (cloud access security brokers) is needed in order to maintain visibility over data that has gone beyond the reach of on-premises tools. Activity LogsWhen it comes to sensitive d...

What’s a Pseudo Cryptocurrency?

Published: 11/25/2019

By Kurt Seifried, Chief Blockchain Officer, CSAYou may not have yet seen the term “pseudo cryptocurrency,” in fact it (as of 2019-08-22) it only shows up 2030 Google search results and a quarter million without the quotes. So if nobody is using this term, why does it matter?Currently, we have a n...

Digital Transformation, Cybersecurity, Cloud Apps, and Cloud Security

Published: 11/21/2019

By Ben Rice VP Business Development at BitglassWhat you see in the title is what we covered in our latest webinar, but what part of it is really important? All of it? Some? Or is it all just marketing blather that can be ignored? The truth lies in the middle – we are all adopting more cloud in ou...

The Four Pillars of CASB: Threat Protection

Published: 11/18/2019

By Juan Lugo Product Marketing Manager at BitglassThreat protection is integral for defense against malware. Oftentimes, months go by without organizations realizing that they have been infected with malware – rather than addressing the problem after the fact, it is best to prevent the attack in ...

​Keeping Up With Changing Technology by Reducing Complexity

Published: 11/15/2019

By John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, CSA Research Fellow, Assurance Investigatory Fellow, Cloud Security Alliance Fox News reported that in answer to the previous Boeing 737 accidents, the Federal safety officials say, “Boeing should consider how cockpit confusion can slow the res...

4 Common Cloud Misconfigurations & What To Do About Them

Published: 11/14/2019

By Kevin Tatum, IT Security Engineer at ExtraHopIn a recent report, McAfee uncovered the rise of Cloud-Native Breaches and the state of multi-cloud adoption. We'll define the top 4 cloud misconfiguration goofs from their list, how they can affect your organization, and what to do about them.When ...

The Risk of Unsecured Dev Accounts

Published: 11/13/2019

This article was originally published on Fugue's blog here. By Drew Wright, Co-Founder Fugue Most organizations now recognize the importance of cloud security, likely due in large part to the sharp uptick in cloud-based data breaches resulting from cloud misconfiguration. Achieving an...

Google’s Potential Claim to the Throne of Quantum Supremacy: What Does it Mean for Cybersecurity?

Published: 11/06/2019

By Roberta Faux, Shamik Kacker, Bruno Huttner, John Hooks, Ron F. del Rosario, Ludovic Perret and John Young A mysterious paper A research paper titled “Quantum Supremacy Using a Programmable Superconducting Processor” briefly appeared last September 21, 2019 on NASA’s Technical Report Server (...

CMMC – the New Protocol Droid for DoD Compliance

Published: 11/06/2019

By Doug Barbin - Cybersecurity Practice Leader at Schellman & Company, LLCA long time ago in a galaxy exactly ours…There was 800-171. For some time, the US Department of Defense has been working to revise its funding procurement procedures referred to as the Defense Acquisition Regulation...

3 Technical Benefits of Service Mesh, and Security Best Practices

Published: 11/04/2019

By Ran Ilany, co-founder and CEO for PortshiftOrganizations that implement containers often ask about using a service mesh layer. While this isn’t obligatory by any means, there are many benefits to running a service mesh that makes it the sensible choice for organizations seeking security, effic...

Corporate Contractors and the Requirement for Zero-Trust Network Access

Published: 10/21/2019

By Etay Bogner, VP, Zero-Trust Products Proofpoint and former CEO of Meta NetworksIt’s not a stretch to say that most industries and organizations today have contractors in the mix who need remote access to the company’s network. Yet the traditional virtual private network (VPN) method of enablin...

Browse by Topic