Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Threats of Russia Cyber Attacks Following Invasion of Ukraine
Published: 05/19/2022

This blog was originally published by BlueVoyant here.In the wake of Russia’s invasion of Ukraine, cyber experts predicted a surge in cyber activity. While BlueVoyant has observed an increase in reported adversarial activity associated with Russia-based threat actors, cyber attacks to date are mo...

PCI DSS Version 4.0: Responding to Sensitive Data Discovery Incidents
Published: 05/12/2022

This blog was originally published by PKWARE here. Written by Marc Punzirudu, Field CTO, PKWARE. At the end of March, the PCI Standards Security Council (PCI SSC) publicly released the most recent update to the PCI Data Security Standards (DSS), version 4.0. While much speculation has occurred ...

The North Star Your Cloud Strategy Needs
Published: 02/25/2022

This blog was originally published by Booz Allen here. Written by Delie Minaie, Booz Allen. Orient cloud success around mission assuranceAs IT leaders throughout the federal government look to guide their agencies toward enterprise-wide cloud maturity, they are met with endless choices regarding ...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 2
Published: 02/16/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IRIntroduction In part one of this series, we discussed some specific incidents that we at Profero have dealt with in the past and some ways in which attackers can take advantage of cloud environments during an incident. In part two w...

From the Trenches: Common-Sense Measures to Prevent Cloud Incidents - Part 1
Published: 02/10/2022

Written by Omri Segev Moyal & Brenton Morris, Profero - Rapid IR Introduction As an incident response team, we see a lot of cloud breaches that could have been prevented. Adequate protection requires in-depth knowledge of the cloud provider and its APIs and ample preparation. In cases when a co...

How the Incident Response Lifecycle Changes for Cloud
Published: 11/13/2021
Author: Nicole Krenz

Incident Response (IR) is a critical facet of any information security system. Most organizations have some sort of IR plan to govern how they will investigate an attack, but as the cloud presents distinct differences in both access to forensic data and governance, organizations must consider how...

President Biden’s Cybersecurity Executive Order: What will it mean for you?
Published: 06/01/2021

This blog was originally published by OneTrust here.On May 12, US President Joe Biden issued an executive order on cybersecurity seeking to improve the state of national cybersecurity in the US and to increase protection of government networks following incidents involving SolarWinds and more rec...

Incident Response and Knowing When to Automate
Published: 03/24/2021

This blog was originally published on Measuring and improving total time of response is easier said than done. The reality is many organizations do not know their existing state of readiness to be able to respond to a cybersecurity incident in a fast, effective manner. And most don’t...

Planning Through Recovery: Five Things to Keep in Mind
Published: 03/23/2021

By Bryan Sartin, Senior Vice President, Chief Services Officer, eSentirePlanning is everything. Just ask the Boy Scouts. While being caught in a downpour without an umbrella is certainly inconvenient, maybe even unpleasant, it pales in comparison to your organization experiencing a significant da...

Incident Response and the Need for Speed
Published: 03/16/2021

This blog was originally published on When a cyberattack occurs, most aspects of the threat are not under the control of a targeted organization. These range from who is targeting them, what is the motivation, where and when the attack occurs, how well-equipped and skilled that attac...

Threat Hunting and Incident Response in Azure Environments
Published: 03/15/2021

This blog was originally published on Garland Technology's website.Contributed by Vijit Nair from Corelight. When cyber-attacks cross the network, grabbing quality and relevant data from network traffic is essential for security operations. This is especially pertinent in cloud environments w...

SolarWinds, GitHub Leaks and Securing the Software Supply Chain
Published: 01/11/2021

Written by BluBracketThe massive cybersecurity breach from SolarWinds by now has reached everyone in our industry’s attention. It’s a truly wide-spread and dangerous breach that, at least from what we know now, is an example of two trends in cybersecurity that frankly need more attention by any c...

Lessons Learned from GoDaddy’s Email Phishing Simulation Debacle
Published: 01/08/2021

Written By: Omer Taran, Co-founder & CTO, CybeReadyCISOs and security teams know that running phishing simulations is a tricky business. As security professionals who deal with employee training, one thing we can do to avoid taking the wrong turn is learn from each other’s mistakes. Above anythin...

SolarWinds - How Cybersecurity Teams Should Respond
Published: 12/16/2020

By Paul Kurtz Co-founder and Executive Chairman, TruSTAR Technology SolarWinds perhaps represents the most severe hack of the digital age. The playbook of our adversaries continues to evolve, but defenders are losing, and the gap is widening. Discussion of imposing consequences on adversaries see...

Cloud Incident Response: Guideline for the Dark Cloudy Days
Published: 04/22/2020

By Prof. Alex SIOW, Professor (Practice) in the School of Computing, NUS & LIM Soon Tein, Vice President, IT, ST Engineering ElectronicsGiven today’s evolving threat landscape, incident response (IR) strategy for safeguarding is no longer optional. In 2019 alone, the cloud realm saw countless not...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.