Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
News of Note: Building Bridges for Business and Beyond
Published: 03/29/2023
Author: Illena Armstrong

One of my CISO friends and I met recently to catch up and discuss the current cybersecurity challenges and priorities at the organization he moved to six to eight months ago. His company is fully embracing cloud services and trying to wed these with some existing on-prem operations. However, they...

Becoming Cyber Resilient—Cybersecurity Trends to Watch in 2023
Published: 03/23/2023

Originally published by BARR Advisory. Written by Kyle Cohlmia. According to the 2022 IBM Cost of Data Breach report, 83% of organizations surveyed experienced more than one data breach with an average total cost of $4.35 million. This cost was an all-time high for 2022 and a 2.6% increase from t...

What Business Leaders Can Learn from Russia's Cyber Offensive Against Ukraine
Published: 03/21/2023

Originally published by Google Cloud. Written by Phil Venables, VP/CISO, Google Cloud. Threat actors are taking tactics from Russia's cyber operations against Ukraine. Businesses and organizations should evaluate their countermeasures accordingly. A new Google report finds the offensive against U...

How to Pen Test the C-Suite for Cybersecurity Readiness
Published: 03/21/2023

Originally published by F5. Written by Gail Coury. F5’s executive leadership got an urgent message: a malicious actor within the company was sending confidential information to a third party that could put customers at serious risk. We immediately formed a combined response team of technical cybe...

CISO: A Job in Search of a Description
Published: 03/13/2023

By Manuela Italia, Co-Chair of CSA Italy's CisoRM Working Group The massive increase in cyber attacks' volume and complexity accelerated by various and recent global events and new pressures coming from authorities and regulations are pushing organizations to discover and establish a CISO role to...

Who You Gonna Call (For DataSec)?
Published: 03/10/2023

Written by Ravi Ithal, Cofounder and Chief Technology Officer, Normalyze. Originally published on Forbes. My title plays on the refrain of Ghostbusters, a #1 hit dance/pop song in a blockbuster comedy film with a trio of parapsychologists who set up a ghost removal service in New York. Cybersecur...

Could A Data Breach Land Your CISO In Prison?
Published: 03/03/2023

Originally published by F5. Written by Gail Coury. On November 9, 2022 Twitter CISO Lea Kissner resigned along with the company’s chief privacy officer and its chief compliance officer. The Washington Post and other media outlets reported that internal Slack messages at Twitter revealed serious c...

Modernizing Assurance for Cloud and Beyond
Published: 02/28/2023
Author: Jim Reavis

Since we launched in 2009, organizations around the world have looked to the Cloud Security Alliance to see what we might be able to offer to assist them in addressing assurance issues with the cloud services they were beginning to use. Fast forward to 2023, this has grown into a critical aspect ...

Cloud CISO Perspectives: January 2023
Published: 02/27/2023

Originally published by Google Cloud. Written by Phil Venables, VP and Chief Information Security Officer, Google Cloud. Welcome to January’s Cloud CISO Perspectives. This month, we’re going to catch up with a few of the cloud security megatrends that I described a year ago, and see how they and ...

The Changing Role of the CISO in 2023
Published: 02/24/2023

Originally published by TrueFort. Written by Nik Hewitt, TrueFort. It’s the year of the water rabbit. It’s also the year of the nation-state ransomware attack. The role of the Chief Information Security Officer (CISO) has gone through a significant evolution in recent years. As technology and bus...

CISO Survival Guide: Vital Questions to Help Guide Transformation Success
Published: 02/22/2023

Originally published by Google Cloud. Written by Anton Chuvakin, Security Solution Strategy, and David Stone, Office of the CISO, Google Cloud. Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how t...

5 Tips for Successfully Navigating C-Suite and Board Communication as a CISO
Published: 12/29/2022

Originally published by Blue Lava. Written by the Beacon Digital Team. Even the most experienced CISOs can struggle to communicate effectively with their Board of Directors and Executive team. This is not a surprise given the challenges CISOs are commonly up against, which include:Having very lim...

How State CIOs Can Elevate Priorities Above Personalities
Published: 12/13/2022

Originally published by CXO REvolutionaries. Written by David Cagigal, Former CIO of the State of Wisconsin. If we continue to develop technology without wisdom or prudence, our servant may prove to be our executioner." - General Omar N. Bradley Earlier this month, the National Association of Sta...

5 Tips for CISOs and Boards Navigating the Evolving Regulatory Landscape
Published: 12/06/2022

Originally published by ShardSecure. Written by Marc Blackmer, VP of Marketing, ShardSecure. Corporate boards are facing mounting pressure to “get smart” about data protection as they navigate an evolving regulatory landscape. It starts with a deeper understanding of cybersecurity, but under...

CISOs of the World, Unite!
Published: 12/03/2022
Author: Jim Reavis

This article represents personal commentary from CSA’s Chief Executive Officer Jim Reavis. I have been in the industry long enough to have observed the creation of the Chief Information Security Officer role and the journey to making this person a crucial part of our ecosystem. For almost all ...

‘Cyber Isolationism’ is Making CXOs’ Jobs More Complicated – And More Critical
Published: 11/30/2022

Originally published by CXO REvolutionaries. Written by Simon Hodgkinson, former CISO, BP. Is globalization in decline? Put this question to a group of economists, diplomats, social scientists, or other specialists, and you’d likely kick off a long and spirited debate with representatives on both...

Tailoring Your Zero Trust Transformation to Your Pain Points
Published: 11/28/2022

Originally published by CXO REvolutionaries. Written by Gary Parker, Field CTO - AMS, Zscaler. Zero trust is often likened to a journey. And, as the proverb says, even a journey of a thousand miles begins with a single step.But where to start? For better or for worse, there’s no single embarkatio...

Beating IT’s Bad Rap: How CXOs Can Maintain a Positive Corporate Presence
Published: 11/23/2022

Originally published by CXO REvolutionaries. Written by Gary Parker, Field CTO - AMS, Zscaler. Winston Churchill famously said, “never let a good crisis go to waste.” But, if a CXO only appears in front of the board when trying to keep their job after a cyber incident, a crisis may well lay waste...

Security Scope and the Threat Continuum. What CISOs Need to Know.
Published: 11/14/2022

Originally published by Netography. Written by Martin Roesch, Netography. The pandemic kicked off a rapid evolution of networks that have now become composites of multi-cloud, hybrid-cloud, and on-prem infrastructure with mobile and remote workers accessing data and applications scattered across ...

A SECtember Refrain: CxOs Need Help Educating Their Boards
Published: 10/26/2022
Author: Illena Armstrong

The concerns and challenges discussed during this September’s SECtember Conference and adjoining CxO Trust Summit ran the gamut. However, one refrain focused on chief information security officers’ need for more help and guidance on messaging cybersecurity problems, required security controls, an...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
3
Last »