Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
How to Secure Your CDE and Achieve PCI DSS Compliance

Published: 02/18/2021

Written by TokenExSuccessfully securing cardholder data should be top of mind as businesses try to keep up with the rise of data regulations and the resulting increased focus on consumer privacy. The process of securing a cardholder data environment (CDE) and ensuring it is compliant with the Pay...

How to choose a Zero Trust architecture: SDP or Reverse-Proxy?

Published: 02/15/2021

This blog was originally published on Wandera.comWritten by Alex Wells at WanderaZero Trust Network Access (ZTNA) is the next generation access solution that is set to be a key part of IT administrators toolkits, displacing longstanding Virtual Private Networks (VPN). There are numerous factors a...

Abuse in the Cloud

Published: 02/12/2021

Written By: Allan Stojanovic and Spencer Cureton from Salesforce, Inc.When we talk about “abuse”, we use the term as shorthand for the much more encompassing “Abuse, Misuse, Malice and Crime” (with credit to Trey Ford). Within this definition we find that there are three subcategories of activiti...

​3 Data Strategies that will be Critical for Surviving 2021

Published: 02/05/2021

By: Jim McGann, Vice President Marketing and Business Development, Index EnginesUsers create content on a daily basis. Much of this content has no long-term value and is not business critical, however, a small percentage is key to running operations. Some of it contains sensitive client informa...

2020 Hindsight and 2021 Foresight – Lessons Learned and Predictions for the Velocity of Business

Published: 02/01/2021

By Ravi Balupari, Founder & CTO, CloudVector This blog originally was published by CloudVectorThey say that hindsight is 2020, which has certainly been the case this year. For most organizations, 2020 orchestrated a fundamental shift to the way we work. The paradigm shift to work from home ha...

Cloud Workload Security: Part 4 - Explaining the Security Features of GCP

Published: 01/28/2021

Written by IntezerWhen it comes to securing your workloads in the cloud, having a well-defined security strategy with the right controls means that the battle is only half won. This series explains the important security controls and categories that can help you build a strong cloud security stra...

Tokenization vs. Encryption: Which is Better for Your Business?

Published: 01/06/2021

Written by TokenExFinding the right security technology for your company's data can be difficult. There are myriad options and a lot of industry terms and jargon thrown around without much reliable information with which to make a smart business decision. To assist with this process, we're going ...

Security Policies | Q&A with TokenEx Industry Experts

Published: 12/10/2020

Contributed by TokenExSecurity Policies | What You Need to KnowWhat is a Security Policy?Security policies are internal frameworks that formally document an organization’s requirements for the safe handling of sensitive information and assets. Effective security policies tend to be developed for ...

What is the Cloud Controls Matrix (CCM)?

Published: 10/16/2020

By Eleftherios Skoutaris, Program Manager for CCM Working Group at Cloud Security AllianceWhat is the Cloud Controls Matrix?The CSA Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. It is a spreadsheet that lists 16 domains covering all key aspects of cloud tec...

Understanding the Complexities of Securing a Remote Workforce

Published: 09/09/2020

By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however there ...

Cloud Cybersecurity and the Modern Applications (part 3)

Published: 05/28/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Hybrid Patterns in AzureIn new cloud deployment, it is common to see organizations using a combination of multiple cloud environments or methodologies. Managing access control in a single appliance is al...

Cloud Cybersecurity and the Modern Applications (part 2)

Published: 05/27/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd. Use cases and common pitfallsSecurity appliance vendors are still updating their appliances to include typical cloud architecture that integrates into the cloud provider fabric more efficiently. Some ot...

Cloud Cybersecurity and the Modern Applications (part 1)

Published: 05/26/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Modern enterprises tend to utilize a mix or hybrid of cloud services like IaaS, PaaS and SaaS (Infrastructure/Platform/Software as a Service) to develop cloud applications. In a hybrid situation designi...

Introducing Reflexive Security for integrating security, development and operations

Published: 10/14/2019

By the CSA DevSecOps Working Group Organizations today are confronted with spiraling compliance governance costs, a shortage of information security professionals, and a disconnect between strategic security and operational security. Due to these challenges, more and more companies value agilit...

CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers

Published: 06/10/2019

By Victor Chin, Research Analyst, Cloud Security AllianceCloud technologies are being increasingly adopted by organizations, regardless of their size, location or industry. And it’s no different when it comes to business-critical applications, typically known as enterprise resource planning (ERP)...

Better Vulnerability Management: How to Master Container Security in Three Steps

Published: 03/21/2019

By Nate Dyer, Product Marketing Director, TenableApplication containers like Docker have exploded in popularity among IT and development teams across the world. Since its inception in 2013, Docker software has been downloaded 80 billion times and more than 3.5 million applications have been “dock...

Are Cryptographic Keys Safe in the Cloud?

Published: 03/18/2019

By Istvan Lam, CEO, TresoritBy migrating data to the cloud, businesses can enjoy scalability, ease of use, enhanced collaboration and mobility, together with significant cost savings. The cloud can be especially appealing to subject-matter experts as they no longer have to invest in building and...

AWS Cloud: Proactive Security and Forensic Readiness – Part 4

Published: 11/16/2018

Part 4: Detective Controls in AWSBy Neha Thethi, Information Security Analyst, BH Consulting Security controls can be either technical or administrative. A layered security approach to protecting an organization’s information assets and infrastructure should include preventative controls, detect...

Software-Defined Perimeter Architecture Guide Preview: Part 3

Published: 09/18/2018

Part 3 in a four-part seriesBy Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc.Thanks for returning for our third blog posting, providing a preview of the forthcoming Software-Defined Perimeter (SDP) Architecture Guide. In this article, we’re focusing on the "Core SD...

Software-Defined Perimeter Architecture Guide Preview

Published: 07/31/2018

Part 1 in a four-part series.By Jason Garbis, Vice President/Secure Access Products, Cyxtera Technologies Inc.The Software-Defined Perimeter (SDP) Working Group was founded five years ago, with a mission to promote and evangelize a new, more secure architecture for managing user access to applica...

Browse by Topic