Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Why Securing Internet-Facing Applications is Challenging in a Kubernetes Environment
Published: 09/08/2022

Originally published by Tigera here. Written by Ratan Tipirneni, Tigera. Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditi...

GitOps and Shift Left Security: The Changing Landscape of DevSecOps
Published: 09/07/2022

Originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development team...

Are Conventional Cybersecurity Tactics Leading You to Defeat?
Published: 09/07/2022

Originally published by CXO REvolutionaries here. Written by Daniel Ballmer, Senior Transformation Analyst, Zscaler. Today’s organizations are fighting cyberattacks using strategies that have historically failed in a combat environment. While there are many differences between conventional warfar...

The Standout Cybersecurity Stats You Need to Know
Published: 09/07/2022

Find Part 1 of this blog, "Trends in Cybersecurity Breaches," here. The complete blog was originally posted by Alert Logic on July 7, 2022. Written by Antonio Sanchez. How rampant is cybercrime today? The prevalence of cybercrime is enormous. More than one-third of organizations have experien...

Evolving Security to Meet the Challenges of the Cloud, Part 1
Published: 09/06/2022

Written by Raul Neagoe, Senior Cyber Security Product Manager, NTT DATA. The widespread move to the cloud has forced organizations to restructure themselves to be more flexible, scalable, and adaptable in a variety of ways. However, these advancements have posed new challenges to cyber security e...

3 Access Security Lessons Learned from the Marriott Data Breach
Published: 09/06/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. For the third time in less than five years, international hotel corporation Marriott is back in the news with yet another data breach.According to reports out of who broke the story, Marriott was the vic...

Cold Storage Migration to the Cloud Is Heating Up for CISOs
Published: 09/06/2022

Originally published by ShardSecure here. Written by Bob Lam, CEO and Co-Founder, ShardSecure. A lot of enterprise data storage today is on-premises—whether it’s hot data that is actively being used and needs to be accessed immediately or cold data that you don’t touch for weeks, months or even y...

How to Achieve CSA STAR Compliance
Published: 09/02/2022

Written by Ashwin Chaudhary, CEO, Accedere. We know that a lot of organizations want to achieve the Cloud Security Alliance’s STAR Level 1 Self-Assessment or Level 2 Certification. However, some organizations face challenges in understanding the process, documentation, and approach to achieve...

A Roadmap to Zero Trust Architecture
Published: 09/01/2022

Originally published by DoControl here. Written by Corey O'Connor, DoControl. Zero Trust was first introduced in 2010, which was also the same year Apple introduced the iPad! This new concept was a bit slow to catch on before really gaining any sort of traction. Fast forward to today, Zero Trust ...

Treading Sensibly - Not Blindly - Into the Metaverse
Published: 09/01/2022

Originally published by KPMG here. Written by David Ferbrache, Leadership, Global Head of Cyber Futures, KPMG in the UK. The metaverse is here. Organizations have the opportunity to leverage the metaverse to engage with customers and to experiment sooner, rather than later, to create a competitiv...

CSA STAR Certification vs. CSA STAR Attestation
Published: 09/01/2022

Originally published by Schellman & Co here.Written by Ryan Mackie, Principal at Schellman & Company.In the popular modern musical Hamilton, the titular character is given an opportunity by George Washington. Hamilton can stay on the front lines of the American Revolution, or he can become the ge...

FIDO - Leading the Zero Trust Passwordless Authentication Evolution
Published: 08/31/2022

Originally published by Thales here. Written by Gregory Vigroux, PKI Product Line Manager, Thales. It’s no secret that passwords have become one of the weakest links in enterprise security. Credential compromise is the leading cause of cybercriminals’ ability to gain access to enterprise resource...

The Evolving Role of the SOC Analyst
Published: 08/30/2022

Originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says...

Revisiting the Idea of the "False Positive"
Published: 08/30/2022

Originally published by Gigamon here. Written by Joe Slowik, Principal Security Engineer, Applied Threat Research, Gigamon. Background One common refrain in security circles is the chore related to “false positive” alerts and detection results. The “false positive” alert correlates with security ...

Database Security Exposed: The Truth Behind the Record High Number of Data Breaches
Published: 08/29/2022

Written by Cyral. “Every company is a data company.”From building better products and providing better customer experiences to improving efficiencies, data is driving the business.With data taking the spotlight, there are important implications for security, privacy, and compliance teams. It’s no...

Building a Shadow IT Policy: What CEOs, CTOs, and CISOs Need to Know
Published: 08/29/2022

Originally published by ThirdPartyTrust here. Written by Sabrina Pagnotta, ThirdPartyTrust. When a US contact-tracing company exposed the details of 70,000 individuals, the term Shadow IT resonated: employees had used Google accounts for sharing data as part of an “unauthorized collaboration chan...

Data Security Compliance in the Age of “Work from Anywhere, on Any Device”
Published: 08/29/2022

Originally published by Ericom here. Written by Peter Fell, Ericom. Customer protection and data security regulations vary significantly across industries and compliance requirements vary with them. Rigorously controlling sensitive data and safeguarding it against misuse, exposure and exfiltratio...

CCSK Success Stories: From a Project Manager of Certificate Policy
Published: 08/27/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

SOC 1, SOC 2, and SOC 3 Reports: Type 1, Type 2, or Readiness Assessment?
Published: 08/26/2022

Originally published by A-LIGN here. Written by Alex Welsh, Manager, ISO Practice, A-LIGN. SOC reports are gaining in popularity across industries and across the globe. More and more customers are asking for demonstrated SOC compliance, and independent cybersecurity control validation and attesta...

How Can Transit Gateway VPC Flow Logs Help My Incident & Response Readiness?
Published: 08/26/2022

Originally published by Mitiga here. Written by Or Aspir, Mitiga. On July 14th 2022, AWS announced a new capability: flow logs for Transit Gateway. Transit Gateway VPC flow logs allows users to gain more visibility and insights into network traffic on the Transit Gateway.AWS highlights these ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.