Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Data Center Resilience and Risk Assessment
Published: 11/15/2022

Originally published by ShardSecure. Written by Marc Blackmer, VP of Marketing, ShardSecure. What is data resilience? A multifaceted endeavor, data resilience can include data integrity and availability, cluster storage, regular testing, disaster recovery, redundancy, backups, and more. As TA...

Uber Cybersecurity Incident: Which Logs Do IR Teams Need to Focus On?
Published: 11/15/2022

Originally published by Mitiga. Written by Or Aspir, Mitiga. On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber.In this incident, the attacker annou...

Incident Detection and Response in the Cloud
Published: 11/08/2022

Written by Lior Zatlavi, Senior Cloud Security Architect, Ermetic. Cloud technology is not the future of business. Not anymore; now it’s the present. Businesses born today are often cloud-native, and older businesses are migrating their workloads to the cloud, looking for agility and efficien...

Responding to and Recovering from a Ransomware Attack
Published: 10/22/2022
Author: Megan Theimer

Thanks to Dr. Jim Angle, Michael Roza, and Vince Campitelli After learning what ransomware is, how to protect your organization against it, and how to detect it, it’s time to learn how to respond and recover if a ransomware attack occurs. In this blog, we’ll explain how to mitigate and contain a ...

7 Best Practices for Cloud Incident Response
Published: 10/18/2022

Originally published by Mitiga here. Written by Matthew Stephen, Mitiga. You may have heard the saying that it is not a matter of “if” but “when” you will experience a breach. An attack could be targeted or opportunistic, performed by a nation-state or a less sophisticated threat actor, focused o...

Why is Data Resilience Important?
Published: 10/18/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. What is data resilience? Data resilience can mean different things to different organizations. As a Carnegie Mellon University literature review notes, the concept of resilience is often used inf...

The Ripple Effect of a Data Breach
Published: 09/27/2022

Originally published by PKWARE here. The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up impact...

How Can Transit Gateway VPC Flow Logs Help My Incident & Response Readiness?
Published: 08/26/2022

Originally published by Mitiga here. Written by Or Aspir, Mitiga. On July 14th 2022, AWS announced a new capability: flow logs for Transit Gateway. Transit Gateway VPC flow logs allows users to gain more visibility and insights into network traffic on the Transit Gateway.AWS highlights these ...

Rise of Cloud Computing Adoption and Cybercrimes
Published: 08/24/2022

Originally published by HCL Technologies here.Written by Sam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies. The COVID-19 pandemic has caused a major disruption in the business leaders’ perspectives of their company’s’ requirements. A surve...

An Overview on the Modern, Cloud-Native SOC Platform
Published: 08/15/2022

Originally published by Panther here. Written by Mark Stone, Panther. For the modern security team, the concepts of Security Operations Center (SOC) and Security Information and Event Management (SIEM) are well known and have become increasingly crucial. To defend against the wide range of cyber ...

An Overview of TDIR: Threat Detection and Incident Response
Published: 08/04/2022

Originally published by Panther here. Today, countless solutions support threat detection. This is great news, but the market is saturated with different solutions and many different acronyms. One of the more recent acronyms to gain traction is threat detection and incident response (TDIR). This ...

Optimize Incident Response Plans with Smarter Security Tabletop Exercises
Published: 08/03/2022

Originally published by CXO REvolutionaries here. Written by Jeff Lund, Global CISO - Global Information Security, Marsh McLennan. Building your Blueprint for Incident ResponseTabletop exercises (TTXs) are a great way to assess an organization’s incident response plan (IRP) for cybersecurity inci...

Cyber Considerations From the Conflict in Ukraine
Published: 08/03/2022

Originally published by KPMG here.After months and weeks of tension, the Russian government’s invasion of Ukraine has elevated concerns for cyber security incidents and the resilience of critical business functions, amongst international organizations. Beyond protecting their employees and suppor...

What We Get Wrong About Ransomware
Published: 06/29/2022

This blog was originally published by Forbes and Nasuni. Written by Andres Rodriguez, founder and CTO of Nasuni. We live in the age of ransomware. This persistent threat remains top of mind for CEOs, their boards, CIOs, CISOs and everyone in the line of fire in IT. Yet we still get so much wrong ...

SEC Cybersecurity Rule Changes: The Straight Path to Now
Published: 06/08/2022

This blog was originally published by Agio on April 4, 2022 here. Written by Kirk Samuels, Executive Director, Cybersecurity, Agio. On February 9th, 2022 the United States Securities and Exchange Commission (SEC) proposed new rules related to cybersecurity risk management and disclosures for regi...

Threats of Russia Cyber Attacks Following Invasion of Ukraine
Published: 05/19/2022

This blog was originally published by BlueVoyant here.In the wake of Russia’s invasion of Ukraine, cyber experts predicted a surge in cyber activity. While BlueVoyant has observed an increase in reported adversarial activity associated with Russia-based threat actors, cyber attacks to date are mo...

PCI DSS Version 4.0: Responding to Sensitive Data Discovery Incidents
Published: 05/12/2022

This blog was originally published by PKWARE here. Written by Marc Punzirudu, Field CTO, PKWARE. At the end of March, the PCI Standards Security Council (PCI SSC) publicly released the most recent update to the PCI Data Security Standards (DSS), version 4.0. While much speculation has occurred ...

The North Star Your Cloud Strategy Needs
Published: 02/25/2022

This blog was originally published by Booz Allen here. Written by Delie Minaie, Booz Allen. Orient cloud success around mission assuranceAs IT leaders throughout the federal government look to guide their agencies toward enterprise-wide cloud maturity, they are met with endless choices regarding ...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 2
Published: 02/16/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IRIntroduction In part one of this series, we discussed some specific incidents that we at Profero have dealt with in the past and some ways in which attackers can take advantage of cloud environments during an incident. In part two w...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 1
Published: 02/10/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IR Introduction As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and its APIs and ample preparation. In cases when a co...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.