Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Why Machine Identity Management Has Become a Critical Priority for Organizations
Published: 05/09/2022

This blog was originally published by Entrust here. Written by Samantha Mabey, Product Marketing Management Director, Certificate Solutions at Entrust. As the number of machine identities continues to rise, so does the urgency to make sure they are being properly managed. In fact, in a recent s...

Security Service Edge (SSE) is the Way to Go, But How Do You Choose?
Published: 05/02/2022

This blog was originally published by Lookout here. Written by Pravin Kothari, Executive Vice President, Product and Strategy, SASE, Lookout. Gartner® recently predicted that “By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from...

The Cloud Has No Hard Edges
Published: 04/29/2022

Written by Tim Sedlack, Sr. Director, Product Management, BeyondTrust You’ve seen the popular meme “I’m old enough to remember when …”, I’m certain. Well, as trite as it sounds, I am old enough to remember when cybersecurity had some pretty hard and fast rules. Passwords had to be complex, and n...

MFA Is Only As Effective As We Want It To Be
Published: 04/28/2022

Written by Authomize Good cybersecurity is all about getting the basics right. Sure, AI and other advanced technologies help us to cyber better, faster, stronger, etc. But the really important work is all about actually using the most basic of tools to fend off the vast majority of attacks. One o...

A Look Inside a Benchmark Model In InfoSec: CIA Triad
Published: 04/21/2022

This blog was originally published by SafeBase here. We are constantly hearing tips and tricks on how to protect our data - get a VPN, back everything up on a cloud, change your passwords, etc.. And in the business world, there are tons of policies in place and certifications that can be acquired...

Hey You, Get Out of My Cloud!
Published: 03/25/2022

Written by Jim Mandelbaum, Gigamon Field CTO When we take a cloud solution to production how do we know who has access to that data? The process of deploying the production environment has certainly involved several groups and individuals. Who still has access and what can they do with it? Ho...

Five Cloud Security Traps (And How to Avoid Them)
Published: 03/21/2022

This blog was originally published by Vulcan Cyber here. Written by Gal Gonen, Vulcan Cyber. It’s no surprise that one of the biggest concerns for companies using the cloud – whether they were born in the cloud or migrated to one – is the attached security management, specifically when “operating...

Leapfrog Your Cloud Migration – Don’t Let a Skills Shortage Stifle Business Possibilities
Published: 03/10/2022

This blog was originally published by Entrust here. Written by Juan Asenjo, PH.D., CISSP, Director of Product, Solutions and Partner Marketing at Entrust. Most of you will be familiar with the term leapfrog. Stemming from a children’s game, it’s an expression used not only in English, but also ...

Payments 101: Card Networks & Transactions
Published: 03/09/2022

This blog was originally published by VGS here. Written by Kenneth Geers, PhD, Information Security Analyst at VGS. Accounting is one of the oldest professions, as evidenced by financial records four times older than the Great Pyramids of Egypt. “Tally marks” etched into the thigh bone of a baboo...

Pfizer IP Leak Isn’t Unique. Protect Your Cloud Data With Proactive Encryption.
Published: 02/25/2022

This blog was originally published by Lookout on December 17, 2021. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. The pharmaceutical company Pfizer recently acknowledged that thousands of internal documents were leaked, including trade secrets related to its COVID-19 vacci...

Multi Cloud Security
Published: 02/17/2022

Written by Madhukeshwar Bhat, Director, Chapter Development, CSA Bangalore, and Rob Aragao, Chief Security Strategist, CyberRes “Computing may someday be organized as a public utility just as the telephone system is a public utility”- Prof. John McCarthy at MIT’s centennial celebration in 1961.T...

Behind The Buzzword: Four Ways To Assess Your Zero Trust Security Posture
Published: 02/15/2022

This blog was originally published by Lookout here. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. With just about everything delivered from the cloud these days, employees can now collaborate and access what they need from anywhere and on any device. While this newfound fl...

NOBELIUM’s Unprecedented Nation-State Attack
Published: 02/08/2022

This blog was originally published by Microsoft on December 15, 2021. Written by Rob Lefferts, Corporate Vice President, Microsoft 365 Security. This is the final post in a four-part series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the wo...

Kubernetes Security Best Practices
Published: 01/21/2022

Written by the CSA Serverless Working Group Kubernetes is an open-source container orchestration engine for automating deployment, scaling, and management of containerized applications. A Kubernetes cluster consists of worker nodes/pods that host applications. The Kubernetes control plane manages...

Securing DevOps: The ABCs of Security-as-Code
Published: 01/19/2022

Written by Tony Karam, Concourse Labs. Cybersecurity Built for Public Cloud Traditional cybersecurity architectures and models break down when applied to public cloud. Most public cloud breaches stem from misconfiguration of cloud services, not attacks on the underlying cloud infrastructure. Ho...

3 Key Security Threats Facing Retail Today
Published: 01/17/2022

This blog was originally published by BigID here. Written by Kimberly Steele, BigID. The retail space has always been on the front lines of security threats. Most shoppers need only consult their latest inbox notifications to find evidence of a recent breach that exposed their personal or sensiti...

Focus on People, Process, and Technology to Secure Your Shadow IT
Published: 01/13/2022

Written by David Golding, AppOmni. Anyone in IT is familiar with shadow IT. How many times has an IT manager been surprised by the number of unknown applications that connect to their network? Shadow IT isn’t a new challenge, but the ability to keep track of unsanctioned IT has become more diffic...

Transitioning to the Cloud in 2022: Recommended Resources from CSA
Published: 01/11/2022

How can your organization improve how it approaches the cloud? In this blog we put together a list of research created by the Cloud Security Alliance’s working groups and other resources created by our community that will be helpful to you if you are considering transitioning your organization to...

Too Much of a Good Thing — Too Much Flexibility in Permission Management is Putting IAM Security at Risk
Published: 01/06/2022

This blog was originally published by Authomize here. Written by Gabriel Avner, Authomize. As cloud services like Salesforce, AWS, and others have grown more robust over time, they have added more options for how IAM security teams can manage their organizations’ access policies.This increased fl...

Managing Partial Offboarding Risks and Other Bad Breakups
Published: 12/08/2021

This blog was originally published by Authomize here. Written by Michael Sheinkman, Authomize. They say that breaking up is hard to do. You grow together, share secrets, and open up to each other. Maybe you even give them a key to your place. But then the relationship ends and all you want is a c...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.