Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
MITRE ATT&CK® Mitigations: Thwarting Cloud Threats With Preventative Policies and Controls
Published: 03/28/2023

Originally published by Rapid7. Written by James Alaniz. As IT infrastructure has become more and more sophisticated, so too have the techniques and tactics used by bad actors to gain access to your environment and sensitive information. That’s why it's essential to implement robust security meas...

Survey Says: Leaders are Doubling Down on Cloud for Stability and Financial Resilience
Published: 03/28/2023

Originally published by Google Cloud. Written by Blair Franklin, Contributing Writer, Google Cloud. While the future is uncertain, one thing is clear: decision makers are looking to the cloud to help prepare for whatever lies ahead. Cloud computing has come a long way since 2012, when one ...

What Does the M-21-31 Requirement Mean for Federal Agencies?
Published: 03/28/2023

Originally published by Axonius. Written by Tom Kennedy. The cybersecurity memorandum M-21-31, from the Office of Management and Budget, provides guidance on how to stop this type of leapfrogging before it can begin. M-21-31 focuses on visibility and incident response, and establishes a four-...

Your Cloud SDLC is a Goat Rodeo. Here are 6 Steps to Wrangle It.
Published: 03/27/2023

Originally published by Dazz. Written by Julie O’Brien, CMO and Matt Brown, Solutions Engineer, Dazz. Companies are developing software in the cloud in a big way. The cloud has opened up a world of possibilities for application makers, enabling flexible architectures and ever more efficient ways ...

Understanding Data Protection Needs in a Cloud-Enabled Hybrid Work World
Published: 03/24/2023

Originally published by Netskope. Written by Carmine Clementelli. Netskope partnered with the Cloud Security Alliance to release the Data Loss Prevention (DLP) and Data Security Survey Report, a survey focused on data protection needs in cloud and hybrid work environments. Unsurprisingly, the...

Insights from the Uber Breach: Ways to Prevent Similar Attacks
Published: 03/23/2023

Originally published by InsiderSecurity on December 9, 2022. Uber Technologies disclosed it was investigating a cybersecurity incident after reports that hackers had breached the company’s network. An in-depth analysis of the attack reveals how the attack occurred and ways organizations can preve...

Too Much Trust in the Cuckoo’s Nest
Published: 03/22/2023

Originally published by CXO REvolutionaries. Written by Kyle Fiehler, Senior Transformation Analyst, Zscaler. Editor’s note: The world’s first cyber thriller anticipated zero trust more than three decades before it was born. And yes, this article could be a spoiler for some readers.I didn’t read ...

Doubled-up and Disorganized DLP Strategies Leave Organizations Desiring Simpler Management
Published: 03/17/2023
Author: Hillary Baron

With the reduction and elimination of many traditional perimeters, the popularization of zero trust security strategies, and an increased attention on data breaches, an even greater focus has been placed on data security in recent years. For many organizations, data loss prevention (DLP) solution...

Three Ways DSPM Reduces the Risk of Data Breaches
Published: 03/15/2023

Originally published by Sentra. The movement of more and more sensitive data to the cloud is driving a cloud data security gap – the chasm between the security of cloud infrastructure and the security of the data housed within it. This is one of the key drivers of the Data Security Posture Manage...

Is Your Digital Transformation Secure? How to Tell if Your Team is on the Right Path
Published: 03/14/2023

Originally published by Google Cloud. Written by David Stone, Office of the CISO, and Anton Chuvakin, Security Solution Strategy, Google Cloud. In our Security Leaders Survival Guide, we answer the tough questions about how to weave security throughout your digital transformation Digital transfor...

Who You Gonna Call (For DataSec)?
Published: 03/10/2023

Written by Ravi Ithal, Cofounder and Chief Technology Officer, Normalyze. Originally published on Forbes. My title plays on the refrain of Ghostbusters, a #1 hit dance/pop song in a blockbuster comedy film with a trio of parapsychologists who set up a ghost removal service in New York. Cybersecur...

Factors to Consider When Choosing the Right Equipment for the Access Control System
Published: 03/10/2023

Written by Alex Vakulov When building an access control system, the determining parameters are speed, reliability, and ease of use. Modern access control system architecture In modern access control systems, communication between controllers, user workstations, and the system server is often carr...

Attackers Don't Hack, They Log In.
Published: 03/09/2023

Originally published by Sonrai Security. Written by Eric Kedrosky. Lessons from the LastPass Breach Below we’ll detail the latest LastPass incident, discuss the implications of this attack, and finally recommend how organizations can protect their critical cloud assets.What HappenedThe threat act...

How a Multi-Processor Strategy Can Improve Your Authorization Rates
Published: 03/09/2023

Originally published by TokenEx. Written by Valerie Hare. Consumers used credit and debit cards for 57 percent of total payments in 2021. It’s no surprise digital commerce continues to increase due to the convenience of cards. While there are multiple benefits to a surge in card transactions, bus...

4 Tips for Improving Cloud Security
Published: 03/07/2023

Originally published by InsiderSecurity. Cloud security protects critical applications and data from attacks and unauthorized access. It is especially important since at least 50% of data worldwide is stored and processed in the cloud, and 60% of enterprises have implemented multi-cloud infrastru...

Unity, Data, Focus, Culture: Important Steps to Build Organizational Resilience
Published: 03/03/2023

Originally published by Google Cloud. Written by Sahana Sarma, Managing Director, Customer Value and Transformation Advisory, Google Cloud. It takes the right mix of teamwork and technology to get organizational resilience right. Here's five steps to help jump-start the process. Organizational re...

Protecting Data and Promoting Collaboration During Times of Change
Published: 03/01/2023

Originally published by Lookout. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. When it comes to the way we work, change is now the status quo — and it often happens so quickly that security teams have a tough time keeping up. Organizations that try to keep using their ...

Save Your Data and Your Sanity
Published: 02/28/2023

Originally published by Rubrik. Written by Jeff Inouye, Rubrik. I recently read a technology forum post where a system administrator described symptoms of post-traumatic stress disorder after their company was attacked by ransomware. The recent State of Data Security report from Rubrik Zero Labs ...

Cloud CISO Perspectives: January 2023
Published: 02/27/2023

Originally published by Google Cloud. Written by Phil Venables, VP and Chief Information Security Officer, Google Cloud. Welcome to January’s Cloud CISO Perspectives. This month, we’re going to catch up with a few of the cloud security megatrends that I described a year ago, and see how they and ...

Protecting Source Code in the Cloud with DSPM
Published: 02/23/2023

Originally published by Sentra. Written by Daniel Suissa, Software Engineer, Sentra. Source code lies at the heart of every technology company’s business. Aside from being the very blueprint upon which the organization relies upon to sell its products, source code can reveal how the business op...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
3
4
5
Last »