Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Study: The Truth About SaaS Security and Why No One Cares…Yet
Published: 09/29/2022

Originally published by Axonius here. Written by Tracey Workman, Axonius. A few months ago, we decided to conduct a study of IT and security professionals in the U.S. and Europe to better understand how they’re handling the rapid adoption of SaaS applications across their organizations. We alread...

One Pane (of Glass) Makes Many Clouds Work
Published: 09/29/2022

Originally published by Entrust here. Written by Tushar Tambay of Entrust and Mark LaRoche of VMware. Cloud computing is a well established part of almost every organization’s IT infrastructure, but the proliferation of these cloud platforms, as well as increased focus on cloud platforms by hacke...

How SOC 2 Audits Add Value to an Organization
Published: 09/29/2022

Originally published by A-LIGN here. Written by Stephanie Oyler, Vice President of Attestation Services, A-LIGN. From ISO 27001 to PCI DSS to SOC 1 and SOC 2, there is no shortage of security assessments for organizations to pursue. While some audits can be more time intensive than others, the va...

The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
Published: 09/28/2022

Originally published by CrowdStrike here. Written by Ioan Iacob and Iulian Madalin Ionita, CrowdStrike. In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers...

Cloud DNS Security – How to Protect DNS in the Cloud
Published: 09/28/2022

Originally published by Sysdig here. Written by Brett Wolmarans, Sysdig. When using DNS in the Cloud, security cannot be overlooked. This article is for cloud architects and security practitioners who would like to learn more about deployment options for DNS security and some security best practi...

The Security Risks of Taking a Stand
Published: 09/27/2022

Originally published by CXO REvolutionaries here. Written by Heng Mok, CISO APJ, Zscaler. Organizations face increasing internal and external pressures to take public stands on issues unrelated to their core business. Examples include a broad range of social, political, and global events, which a...

The Ripple Effect of a Data Breach
Published: 09/27/2022

Originally published by PKWARE here. The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up impact...

8 Common Cloud Misconfiguration Types (And How to Avoid Them)
Published: 09/27/2022

Originally published by Vulcan Cyber here. Written by Roy Horev, Vulcan Cyber. Cloud misconfiguration refers to any errors, glitches, or gaps in the cloud environment that could pose a risk to valuable information and assets. It occurs when the cloud-based system is not correctly configured by th...

Takeaways From the New Healthcare Interoperability Report
Published: 09/26/2022
Author: Alex Kaluza

Continuing to examine important healthcare information security topics, CSA’s Health Information Management Working Group has released a new report on Healthcare Interoperability. The purpose of this report is to examine the current state of interoperability according to the Office of the Nationa...

Stolen Cookies Enabling Financial Fraud
Published: 09/26/2022

Originally published by Ericom here. Written by Nick Kael, CTO, Ericom Software. Multi-Factor Authentication (MFA) is one of the most frequently recommended best practices for securing data and applications, designed to prevent even cybercriminals who have compromised user credentials in hand fro...

The Ongoing Cyber Threat to Critical Infrastructure
Published: 09/26/2022

Originally published by Thales here.Written by Marcelo Delima, Senior Manager, Global Solutions Marketing, Thales.The effects of cyberattacks on critical infrastructure can be catastrophic. Security breaches in this sector can be incredibly disruptive to society and are attracting considerable at...

SAP S/4HANA: 5 Ways to Build In Security From the Start
Published: 09/26/2022

Originally published by Onapsis here. Many SAP customers are currently at the point of either planning or executing a transformation to SAP’s next generation ERP, S/4HANA. More than 18,800 companies[1] have adopted SAP S/4HANA and thousands more are in the process of migrating to the new platform...

What is IoT Security?
Published: 09/25/2022
Author: Nicole Krenz

Internet of Things (IoT) devices describe a variety of non-traditional, physical objects including medical devices, cars, drones, simple sensors, and more. IoT represents objects that exchange data with other systems over the internet or other networks. IoT security is the practice of securing th...

The Biggest Cloud and Web Security Concerns Today
Published: 09/24/2022
Author: Megan Theimer

With the continuation of remote work and newsworthy cyber attacks, organizations are struggling to adapt their overall security strategies to the changing landscape. To get a better understanding of the industry’s current attitudes regarding cloud and web security risks, Proofpoint commissioned C...

Survey: What Short Training Courses Most Interest You?
Published: 09/24/2022
Author: Megan Theimer

CSA is in the process of developing a series of 1 hour micro-training courses that provide potential CPE credits. These courses provide a high-level primer on some of the most critical cloud security topics. Based on research by CSA’s expert working groups, they build upon your cybersecurity know...

How Sensitive Cloud Data Gets Exposed
Published: 09/23/2022

Originally published by Sentra here. When organizations began migrating to the cloud, they did so with the promise that they’ll be able to build and adapt their infrastructures at speeds that would give them a competitive advantage. It also meant that they’d be able to use large amounts of data t...

Supply Chain Challenges in the Shadow of Digital Threats
Published: 09/23/2022

Originally published by HCL Technologies here. Written by Andy Packham, SVP & Chief Architect, HCL Microsoft Business Unit. In a monumental move toward greater organizational safety, the US government’s recent Cybersecurity Executive Order marks a major paradigm shift in the battle against digita...

Monitor Your SaaS Environment for Three Common SaaS Misconfigurations
Published: 09/23/2022

Originally published by AppOmni here. Written by John Whelan, Senior Director of Product Management, AppOmni. SaaS is ubiquitous across the enterprise and accounts for approximately 70% of software usage in companies. And SaaS usage is growing, with thousands of SaaS applications available to...

Do You Really Need a Service Mesh?
Published: 09/22/2022

Originally published by Tigera here. Written by Phil DiCorpo, Tigera. The challenges involved in deploying and managing microservices have led to the creation of the service mesh, a tool for adding observability, security, and traffic management capabilities at the application layer. While a serv...

Are You Ready for a Slack Breach? 5 Ways to Minimize Potential Impact
Published: 09/22/2022

Originally published by Mitiga here. Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga. TL; DRAs Slack becomes a dominant part of the infrastructure in your organization, it will become a target for attacks and at some point, it is likely to be breached (just like any other te...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.