Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Detecting new crypto-mining attack targeting Kubeflow and TensorFlow
Published: 07/23/2021

This blog was originally published by Sysdig hereWritten by Stefano Chierici, Security Researcher, SysdigMicrosoft has discovered a new large-scale attack targeting Kubeflow instances to deploy malicious TensorFlow pods, using them to mine Monero cryptocurrency in Kubernetes cluster environments....

Identity and PAM meet in the Cloud
Published: 07/21/2021

By Ravi Erukulla, Sr. Director of Product Management, Saviynt, Inc and Shamun Mahmud, Sr. Research Analyst, CSAAt the end of 2020, CSA published The 2020 State of Identity Security in the Cloud.Goals of the study Determine the use and challenges of public cloud workloads today and 1 year from now...

Certificate of Cloud Security Knowledge (CCSK) Modules for Non-Tech Staff
Published: 07/21/2021

The Certificate of Cloud Security Knowledge (CCSK) is a standard of expertise for cloud security. While this is a certificate that technical professionals typically strive to earn, the study materials can also offer valuable lessons to non-technical staff interested in gaining a general understan...

Building the Next Generation of Cybersecurity and Privacy Professionals
Published: 07/20/2021
Author: Daniele Catteddu

ContextIn the past two decades we have witnessed a dramatic evolution in the cyber domain; new technologies have revolutionized the world we live in, our habits, our behaviors and our way of thinking. Cloud Computing, Edge Computing, Internet of Things/Everything, Smart Environments, Artificial I...

Six Key Characteristics of a Modern ZTNA Solution
Published: 07/20/2021

This blog was originally published by Bitglass hereWritten by Jeff Birnbaum, BitglassEven as organizations continue adoption of cloud technologies, the need for secure access to on-premises resources has not gone away. In fact, as many companies navigate a return to the office while simultaneousl...

Scaling GRC Programs: 5 Ways Security Leaders Enable the Business
Published: 07/19/2021

This blog was originally published by OneTrust GRC here.The compliance landscape is in constant flux between external factors changing and businesses working toward scaling GRC programs. Managing compliance is difficult for organizations operating across multiple geographies with multiple sets of...

2021 State of Cloud Security Posture Management Report
Published: 07/16/2021

This blog was originally published by OpsCompass here.We recently announced the results of a report we conducted on cloud security and management challenges. The “2021 State of Cloud Security Posture Management Report” is based on survey responses from 253 full-time, US-based, IT professionals wh...

Got Vulnerability? Cloud Security Alliance Wants to Identify It
Published: 07/15/2021
Author: Jim Reavis

I wanted to take some time to tell you about a new CSA working group in formation that I am taking a personal interest in. I am sure you have all heard the expression, “when you have a hammer, all problems look like nails.” This is very relatable to our industry as we have to be careful that we d...

CCSK Success Stories: From an IS Control and Audit Partner
Published: 07/15/2021

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Machine Learning in Identity and Access Management
Published: 07/14/2021

This blog was originally published by ZTEdge hereWritten by Leo Versola, ZTEdge In recent years, artificial intelligence and machine learning have been quietly transforming industries from agriculture and education to healthcare, marketing, and customer service. In 2018 over 60,000 US patent app...

Will New Executive Order on Cybersecurity Fast Track Zero Trust?
Published: 07/13/2021

This blog was originally published by Bitglass hereWritten by Jonathan Andresen, BitglassOn May 12, US President Biden issued a landmark executive order on Improving the Nation’s Cybersecurity that signals the need for governments and enterprises alike to boost their cyber defenses around the pri...

A Moment in Time: SECtember
Published: 07/12/2021
Author: Jim Reavis

Our fortunes are often dictated not just by what we do, but when we do it. Understanding that special “moment in time” when we can do great things with our lives, our business, our world is not easy. In my mentoring of colleagues, I try to stress the importance of being able to take a “step back”...

Cloud Security: 5 Lessons I Learned the Hard Way
Published: 07/09/2021

This blog was originally published by OpsCompass hereWritten by John Grange, OpsCompassIt’s 2021, and it’s clear that cloud is a global IT trend relevant to every company, regardless of size or industry. The main cloud infrastructure providers (AWS, Azure, and GCP), as well as their local alterna...

The C-Suite’s Long Embrace of the Cloud
Published: 07/06/2021
Author: Illena Armstrong

Take a gander at any recent research report covering cloud services or security and you quickly find some persistent and common themes:Spending on cloud services has not only grown exponentially during the pandemic, but will keep on rising as we continue to slowly return to some sense of normalcy...

Food Industry Increasingly Targeted by Cybercriminals
Published: 07/02/2021

This blog was originally published by Ericom Software hereBy Simon Moran, VP Business Development, Ericom Software In recent weeks, cybercriminals seem to be working their way down a checklist of the basic necessities of a modern life: Healthcare – check, Scripps, HSE and a bunch more. Energy – ...

CCSK Success Stories: From a Head of Cloud Security
Published: 07/01/2021

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

The Right Time to Hire a Product Security Analyst
Published: 06/30/2021

This blog was originally published by CyberCrypt here.A doll that understands what children say and responds to them seemed, in 2015, like a great idea — unless you were a security analyst.Unfortunately for Mattel, security analysts seem to have been left out of the conversation until the toymake...

Is the Cloud Control Plane a New Frontline in Cybersecurity?
Published: 06/29/2021

This blog was originally published on Vectra.ai As cloud adoption continues to accelerate with no end in sight, the evolution of the next generation of modern attacks will traverse through and towards an enterprise’s cloud control plane. But why is that? The control plane provides management...

Top 10 Linux Server Hardening and Security Best Practices
Published: 06/28/2021

This blog was originally published by Intezer here.If you have servers connected to the internet, you likely have valuable data stored on them that needs to be protected from bad actors.Linux server hardening is a set of measures used to reduce the attack surface and improve the security of your ...

Split Knowledge: Literally the Key to Secure Encryption
Published: 06/25/2021

This blog was originally published by CyberCrypt here.When you store your valuable items in a safe deposit box, do you leave your key to that box with the bank? Of course not. Although you might trust your banker, you keep control of that key. Otherwise, if it fell into the wrong hands, you might...

Browse by Topic
Write for the CSA blog
Submit your blog proposal