Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Train my entire team
Get Involved
Become an Instructor
Become a Training Partner
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Train my entire team
Get Involved
Become an Instructor
Become a Training Partner
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals
Published: 12/02/2022

Originally published by Ermetic. Security professionals are constantly inundated with warnings about the potentially colossal impact of security threats and risks to their organization. But what is colossal in real currency? By understanding how much the cost of a data breach can impact one's org...

Definitive Guide to Hybrid Clouds, Chapter 2: Exploring the Roles of NetOps, CloudOps, and SecOps
Published: 12/01/2022

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. This post explores Chapter 2 of the “Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.” Read Chapter 1 and check back for future posts covering Chapters 3–7. As more organizations move forward with t...

Altruism in Information Security? (Part 1 of 3)
Published: 11/14/2022

Originally published by Tentacle. Written by Matt Combs, Tentacle. Altruism and Information Security; two terms not commonly used together - the first term not often used to describe the foundational philosophy of the latter. Altruism is ideological; a desired state of the ultimate do-gooder who...

2022 Threat Report: Cloud-Native Threats are Increasing and Maturing
Published: 11/04/2022

Originally published by Sysdig. Written by Michael Clark. Sysdig. The first annual cloud-native threat report from Sysdig explores some of the year’s most important security topics in the cloud. As the use of containers and cloud services keeps growing, threat actors are increasingly turning thei...

A Practical Guide to Container Networking
Published: 11/03/2022

Originally published by Tigera. Written by Reza Ramezanpour, Tigera. An important part of any Kubernetes cluster is the underlying containers. Containers are the workloads that your business relies on, what your customers engage with, and what shapes your networking infrastructure. Long story...

The String (Cheese) Theory of Zero Trust
Published: 10/19/2022

Originally published by CXO REvolutionaries here. Written by Martyn Ditchburn, Director of Transformation Strategy, Zscaler. I regularly get asked, “How did you drive the change from the traditional data center and legacy architecture to a new paradigm of 100% cloud, DevNetSecOps, and zero trust ...

26 AWS Security Best Practices to Adopt in Production
Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to so...

Facing the Shift-Left Security Conundrum. A True Story
Published: 10/06/2022

Originally published by Ermetic here. Written by Diane Benjuya, Ermetic. There was a time when developers and security teams did not, er, get along. Friction reigned as each struggled to meet their own needs. Security teams forewarned of data breaches, DevOps forewarned of development slowdowns a...

Cloud DNS Security – How to Protect DNS in the Cloud
Published: 09/28/2022

Originally published by Sysdig here. Written by Brett Wolmarans, Sysdig. When using DNS in the Cloud, security cannot be overlooked. This article is for cloud architects and security practitioners who would like to learn more about deployment options for DNS security and some security best practi...

Do You Really Need a Service Mesh?
Published: 09/22/2022

Originally published by Tigera here. Written by Phil DiCorpo, Tigera. The challenges involved in deploying and managing microservices have led to the creation of the service mesh, a tool for adding observability, security, and traffic management capabilities at the application layer. While a serv...

Your Cloud Footprint is Growing: Here’s How to Scale Cloud Governance
Published: 09/14/2022

Written by Umair Khan, Marketing Director, Stacklet For today’s businesses, cloud footprints have grown—and keep getting larger. Increasingly, that means many teams and departments are running implementations across multiple cloud providers, services, and regions. From a cloud governance or polic...

Why Securing Internet-Facing Applications is Challenging in a Kubernetes Environment
Published: 09/08/2022

Originally published by Tigera here. Written by Ratan Tipirneni, Tigera. Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditi...

GitOps and Shift Left Security: The Changing Landscape of DevSecOps
Published: 09/07/2022

Originally published by CrowdStrike here. Written by David Puzas, CrowdStrike. Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development team...

The Evolving Role of the SOC Analyst
Published: 08/30/2022

Originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says...

Cloud Security is Broken but it Doesn’t Have to Be
Published: 08/23/2022

Originally published by Dazz here. Written by Tomer Schwartz, Co-founder & CTO, Dazz. Continuous Delivery is Here to StayDevelopment is in the cloud in a big way. Modern engineering teams have built continuous integration pipelines, pulling together code repositories, continuous integration platf...

The New Kubernetes Gateway API and Its Use Cases
Published: 08/02/2022

Originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO. Despite being a large open-source and complex project, Kubernetes keeps on evolving at an impressive pace. Being at the center of various platforms and solutions, the biggest challenge for the Kubernetes proj...

The 5 Faces of Development Risk
Published: 07/28/2022

Written by Tony Karam, Strategic Marketing Leader, Concourse Labs.Which of these development risks do you recognize?Delivering cloud-native applications, quickly, is an existential requirement for most businesses. Security, Risk Management, and DevSecOps leaders are tasked with ensuring cloud mis...

Lessons Learned from Scanning Over 10,000 Kubernetes Clusters
Published: 07/25/2022

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, VP Marketing & Business Development, ARMO. With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies leveraging...

Cloud Data Protection
Published: 07/21/2022

Written by Luigi Belvivere, Elena Minghelli, and Sara Frati of NTT DATA. IntroductionIn the digital era and its digital transition, business and institutions have clearly understood that a robust cloud security is essential. It is well known that security threats evolve in parallel with the evol...

Secure SAP Application Development at the Speed of Digital Transformation
Published: 07/18/2022

This blog was originally published by Onapsis here. Written by Curtis Parker, Onapsis. Business-critical applications like SAP help run enterprises, supporting financial systems, human capital management, supply chains, supplier relationships, and more. Considering 94% of the world’s 500 largest ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
3
4
5
Last »