Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
​Vendor Management Software Evaluation: How to Get Executive Buy-In

Published: 10/23/2020

For most InfoSec teams, the benefits of a vendor risk management platform are well defined. From making it easier to mitigate third-party risk to ensuring your internal team and external vendors are on the same page, vendor management software is a must-have in today’s open-source, cloud-based en...

What is the Cloud Controls Matrix (CCM)?

Published: 10/16/2020

By Eleftherios Skoutaris, Program Manager for CCM Working Group at Cloud Security AllianceWhat is the Cloud Controls Matrix?The CSA Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It is a spreadsheet that lists 16 domains covering all key aspects of cloud tec...

No Free Rides With Your OAuth Tokens

Published: 10/03/2020

By Ian Sharpe, Product Leader at AppOmni It’s just another typical Wednesday in May. You’ve received an email from one of your contacts, someone with whom you haven’t spoken to in years. They’ve shared a Google Docs with you. It seems a bit odd, but you’re curious, so you click on the “Open in D...

Understanding the Complexities of Securing a Remote Workforce

Published: 09/09/2020

By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however there ...

SaaS Security Series: Understanding Salesforce Administrative Permissions

Published: 08/19/2020

Brian Soby, CTO & Co-founder of AppOmniToday, more than ever, SaaS applications drive the modern enterprise. They are relied upon for managing customer data, allowing internal collaboration, and keeping organizations connected across the world. As the amount of sensitive and business-critical...

Cloud Cybersecurity and the Modern Applications (part 3)

Published: 05/28/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Hybrid Patterns in AzureIn new cloud deployment, it is common to see organizations using a combination of multiple cloud environments or methodologies. Managing access control in a single appliance is al...

Cloud Cybersecurity and the Modern Applications (part 2)

Published: 05/27/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd. Use cases and common pitfallsSecurity appliance vendors are still updating their appliances to include typical cloud architecture that integrates into the cloud provider fabric more efficiently. Some ot...

Cloud Cybersecurity and the Modern Applications (part 1)

Published: 05/26/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Modern enterprises tend to utilize a mix or hybrid of cloud services like IaaS, PaaS and SaaS (Infrastructure/Platform/Software as a Service) to develop cloud applications. In a hybrid situation designi...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security AllianceCloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP)...

Rethinking Security for Public Cloud

Published: 02/13/2019

Symantec’s Raj Patel highlights how organizations should be retooling security postures to support a modern cloud environment By Beth Stackpole, Writer, Symantec Enterprises have come a long way with cyber security, embracing robust enterprise security platforms and elevating security ...

Cloud Security Alliance Announces the Release of the Spanish Translation of Guidance 4.0

Published: 11/09/2018

By JR Santos, Executive Vice President of Research, Cloud Security Alliance. The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the release of Guida...

Cloud Migration Strategies and Their Impact on Security and Governance

Published: 06/29/2018

By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.com Public cloud migrations come in different shapes and sizes, but I see three major approaches. Each of these has very different technical and governance implications. Three approaches to cloud migration Companies dying...

Five Cloud Migration Mistakes That Will Sink a Business

Published: 06/05/2018

By Jon-Michael C. Brook, Principal, Guide Holdings, LLC Today, with the growing popularity of cloud computing, there exists a wealth of resources for companies that are considering—or are in the process of—migrating their data to the cloud. From checklists to best practices, the Internet teems w...

Browse by Topic