Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
The Challenges of Cloud Detection and Response
Published: 03/13/2023

Originally published by TrueFort. Written by Nik Hewitt. Detecting unexpected behavior in a cloud environment is often challenging due to the lack of instrumentation and the continual churn of devices and applications. Being able to separate legitimate attacks from everyday ‘noise’ is a critical ...

Ransomware Recovery: RTO and Optimizing the Recovery Process
Published: 03/13/2023

Originally published by Rubrik. Written by James Knott and Steve Stone. Recovery Time Objectives (RTOs) are on everyone’s mind. It bears repeating, one of the most fundamental ways to reduce recovery time from a ransomware or cybersecurity attack is being well prepared and ready to take actions q...

Definitive Guide to Hybrid Clouds, Chapter 5: Threat Detection and Response in the Hybrid Cloud
Published: 03/02/2023

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon.Editor’s note: This post explores Chapter 3 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1, Chapter 2, Chapter 3, and check back for future posts covering Chapters 6 and 7.F...

10 SaaS Governance Best Practices to Protect Your Data
Published: 02/17/2023

Written by the SaaS Governance Working Group. In the context of cloud security, the focus is almost always on securing Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments. This is despite the reality that while organizations tend to consume 2-3 IaaS providers, they ar...

CircleCI Cybersecurity Incident Hunting Guide
Published: 01/30/2023

Originally published by Mitiga. Written by Doron Karmi, Deror Czudnowski, Ariel Szarf, and Or Aspir, Mitiga. On January 4, CircleCI published a statement announcing the investigation of a security incident. In this technical blog, we will share how to hunt for malicious behavior that may be cause...

What is a Cloud Incident Response Plan?
Published: 01/28/2023

Written by the Cloud Incident Response Working Group. In today’s connected era, a comprehensive incident response strategy is an integral aspect of any organization aiming to manage and lower its risk profile. Many organizations and enterprises without a solid incident response plan have been rud...

Designing for Recovery: Infrastructure in the Age of Ransomware
Published: 01/23/2023

Originally published by Nasuni. Written by Joel Reich, Nasuni. The menace of ransomware is driving increased security spending as organizations try to harden their systems against potential attacks, but ransomware is a new kind of threat. You can’t simply deploy tools to defend against the malwar...

SANS 2022 Cloud Security Survey, Chapter 3: How Do Enterprises Keep Their Cloud Infrastructure Secure?
Published: 01/18/2023

Originally published by Gigamon.Editor’s note: This post explores Chapter 3 of the SANS 2022 Cloud Security Survey. Read Chapter 1 and Chapter 2. And check back or future posts covering Chapter 4.There’s been a cloud land rush over the past few years as more and more organizations move compute an...

Be Prepared to Neutralize Cyberattacks When – Not If – They Happen
Published: 12/22/2022

Originally published by Titaniam. Businesses today are under the constant threat of cyberattacks from ransomware and extortion. 68% of business leaders feel their risk of a cyberattack is increasing, according to Accenture.For years, enterprise-level organizations have relied on data protection p...

Data Center Resilience and Risk Assessment
Published: 11/15/2022

Originally published by ShardSecure. Written by Marc Blackmer, VP of Marketing, ShardSecure. What is data resilience? A multifaceted endeavor, data resilience can include data integrity and availability, cluster storage, regular testing, disaster recovery, redundancy, backups, and more. As TA...

Uber Cybersecurity Incident: Which Logs Do IR Teams Need to Focus On?
Published: 11/15/2022

Originally published by Mitiga. Written by Or Aspir, Mitiga. On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber.In this incident, the attacker annou...

Incident Detection and Response in the Cloud
Published: 11/08/2022

Written by Lior Zatlavi, Senior Cloud Security Architect, Ermetic. Cloud technology is not the future of business. Not anymore; now it’s the present. Businesses born today are often cloud-native, and older businesses are migrating their workloads to the cloud, looking for agility and efficien...

Responding to and Recovering from a Ransomware Attack
Published: 10/22/2022
Author: Megan Theimer

Thanks to Dr. Jim Angle, Michael Roza, and Vince Campitelli After learning what ransomware is, how to protect your organization against it, and how to detect it, it’s time to learn how to respond and recover if a ransomware attack occurs. In this blog, we’ll explain how to mitigate and contain a ...

7 Best Practices for Cloud Incident Response
Published: 10/18/2022

Originally published by Mitiga here. Written by Matthew Stephen, Mitiga. You may have heard the saying that it is not a matter of “if” but “when” you will experience a breach. An attack could be targeted or opportunistic, performed by a nation-state or a less sophisticated threat actor, focused o...

Why is Data Resilience Important?
Published: 10/18/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. What is data resilience? Data resilience can mean different things to different organizations. As a Carnegie Mellon University literature review notes, the concept of resilience is often used inf...

The Ripple Effect of a Data Breach
Published: 09/27/2022

Originally published by PKWARE here. The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up impact...

How Can Transit Gateway VPC Flow Logs Help My Incident & Response Readiness?
Published: 08/26/2022

Originally published by Mitiga here. Written by Or Aspir, Mitiga. On July 14th 2022, AWS announced a new capability: flow logs for Transit Gateway. Transit Gateway VPC flow logs allows users to gain more visibility and insights into network traffic on the Transit Gateway.AWS highlights these ...

Rise of Cloud Computing Adoption and Cybercrimes
Published: 08/24/2022

Originally published by HCL Technologies here.Written by Sam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies. The COVID-19 pandemic has caused a major disruption in the business leaders’ perspectives of their company’s’ requirements. A surve...

An Overview on the Modern, Cloud-Native SOC Platform
Published: 08/15/2022

Originally published by Panther here. Written by Mark Stone, Panther. For the modern security team, the concepts of Security Operations Center (SOC) and Security Information and Event Management (SIEM) are well known and have become increasingly crucial. To defend against the wide range of cyber ...

An Overview of TDIR: Threat Detection and Incident Response
Published: 08/04/2022

Originally published by Panther here. Today, countless solutions support threat detection. This is great news, but the market is saturated with different solutions and many different acronyms. One of the more recent acronyms to gain traction is threat detection and incident response (TDIR). This ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.