Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Critical Controls for Oracle E-Business Suite
Published: 06/11/2021

Written by Mike Miller, OnapsisOver the past months, cyber threat activity has increased to unprecedented levels, with threat actors expanding their capabilities to target critical infrastructure and mission-critical applications. From hacktivists to cyber-criminals and state-sponsored, these act...

How to Enhance GRC Program Collaboration in Your Organization
Published: 06/10/2021

This blog was originally published by OneTrust GRC here. When it comes to Governance, Risk, and Compliance (GRC), understanding the integrated risk management responsibilities for each internal and external stakeholder isn’t just a best practice. It’s a critical component to preparing for and ...

Why Is Cybersecurity Critical in Protecting Infrastructure?
Published: 06/09/2021

Written by Angela Stone, Content Creator, Eleven Fifty AcademyCybersystems, assets, and physical infrastructure are vital to the economy of a country. Destroying or incapacitating infrastructure and cyber systems can have a devastating impact on the economy. Industries such as the oil and gas ind...

Real-Time Security Metrics: Insights Every Risk Management Team Should Monitor
Published: 06/08/2021

This blog was originally published by OneTrust GRC here. There is one thing that businesses of all sizes, industries, and sectors have in common – they face a wide range of risk management threats. Specifically, retail, finance, hospitality, government, manufacturing, and healthcare industries...

The STAR Certification Journey
Published: 06/08/2021

The CSA STAR Program is a powerful tool for security assurance in the cloud. It encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies who use STAR indicate best practices and validate the security posture of their cloud offerings. The CSA Securit...

Final Versions of Standard Contractual Clauses Adopted!
Published: 06/07/2021
Author: Francoise Gilbert

Three years after the General Data Protection Regulation (GDPR) came into effect, the European Commission has issued the much-awaited final version of two new sets of Standard Contractual Clauses that are expected to enable data controllers and processors to address some of the thorny issues in t...

CAIQ v4 Released - Changes from v3.1 to v4
Published: 06/07/2021
Author: Daniele Catteddu

Since the publication of CCM v4 in January 2021, CSA has initiated a process to upgrade CAIQ, the questionnaire associated with CCM. In this blog we will explain changes made to version 4 of the CAIQ, and what you can expect when using it to submit to the STAR registry. CCM V4 represents a major ...

7 Simple but effective tactics to protect your website against DDoS attacks in 2021
Published: 06/04/2021

Written by Tars Geerts, from Mlytics Intro Experts believe that the total number of DDoS attacks will double from the 7.9 million seen in 2018 to over 15 million by 2023. One of the reasons for this significant increase is that DDoS attacks are quite easy to pull off, making them very appeali...

CCSK Success Stories: From a Quality Security Consultant
Published: 06/03/2021

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

How CSPs Can Make the Security and Compliance Evaluation Process Easier for Financial Institutions
Published: 06/02/2021

This blog was originally published by Oracle hereOracle author: Maywun Wong, Director, Product MarketingContributed by: Steven D'Alfonso, Research Director, IDC Financial InsightsSo, you have finally decided to move applications to the cloud. But your board's risk committee wants assurance that s...

President Biden’s Cybersecurity Executive Order: What will it mean for you?
Published: 06/01/2021

This blog was originally published by OneTrust here.On May 12, US President Joe Biden issued an executive order on cybersecurity seeking to improve the state of national cybersecurity in the US and to increase protection of government networks following incidents involving SolarWinds and more rec...

CCAK Testimonials: From a Cybersecurity Principal
Published: 05/28/2021

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical educat...

Introducing the COVID-19 Data Science Dashboard Case Study
Published: 05/27/2021

Written by Samir Souidi, Cloud Security Alliance - New Jersey ChapterSince the beginning of the COVID-19 outbreak, cloud-enabled and open-access health data resources have been created and provided by federal agencies and public and private entities. These initiatives have accelerated the adapta...

With Great Power Comes Great Responsibility: The Challenge of Managing Healthcare Data in the Cloud
Published: 05/26/2021

By Jon Moore, MS, JD, HCISSP, Chief Risk Officer and Head of Consulting Services, Clearwater Seeking flexibility, scalability, and cost savings, an increasing number of healthcare organizations are moving systems and data to the Cloud. This trend is accelerating, fueled by increased adoption of ...

Cloud lateral movement: Breaking in through a vulnerable container
Published: 05/25/2021

This blog was originally published by Sysdig hereWritten By Stefano Chierici, SysdigLateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach?What often happens in famous attacks to Cloud environment...

Five Approaches for Securing Identity in Cloud Infrastructure
Published: 05/20/2021

Written by Shai MoragAs clouds have drifted into the mainstream of business, it has become clear that they offer numerous advantages. They streamline processes, cut costs and create new ways to work. In some cases, the benefits are transformative. However, there’s a dark side to the public cloud,...

Application Security is Getting Worse, not Better
Published: 05/19/2021

This blog was originally published by CyberCrypt here.There’s an app for everything, and hackers and thieves are taking advantage. What are enterprises doing about it? Not enough.Web and mobile application use has exploded in recent years as businesses have digitized and moved more of their opera...

The Challenges Managing Multi-Cloud Environments
Published: 05/18/2021

This blog was originally published by OpsCompass hereWritten by John Grange, OpsCompassWith multi-cloud deployments becoming the norm, ensuring the security of workloads deployed across different cloud platforms is a major focus point for many organizations. Yet even though security controls migh...

Unified threat detection for AWS cloud and containers
Published: 05/17/2021

This blog was originally published by Sysdig here.Written by Vicente Herrera García, SysdigImplementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, c...

The Shift to Eight-Digit BINs
Published: 05/14/2021

This blog was originally published by TokenEx hereWritten by Branden Morrow, TokenExThere is a lot of information going around about an eight-digit BIN mandate, and we wanted to give some clarity on what a BIN is, why it is important, how it relates to PCI DSS compliance, why a shift to an eight-...

Browse by Topic
Write for the CSA blog
Submit your blog proposal