Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
How Sensitive Cloud Data Gets Exposed
Published: 09/23/2022

Originally published by Sentra here. When organizations began migrating to the cloud, they did so with the promise that they’ll be able to build and adapt their infrastructures at speeds that would give them a competitive advantage. It also meant that they’d be able to use large amounts of data t...

Monitor Your SaaS Environment for Three Common SaaS Misconfigurations
Published: 09/23/2022

Originally published by AppOmni here. Written by John Whelan, Senior Director of Product Management, AppOmni. SaaS is ubiquitous across the enterprise and accounts for approximately 70% of software usage in companies. And SaaS usage is growing, with thousands of SaaS applications available to...

Are You Ready for a Slack Breach? 5 Ways to Minimize Potential Impact
Published: 09/22/2022

Originally published by Mitiga here. Written by Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga. TL; DRAs Slack becomes a dominant part of the infrastructure in your organization, it will become a target for attacks and at some point, it is likely to be breached (just like any other te...

3 Trends from Verizon’s 2022 Data Breach Investigations Report
Published: 09/21/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. The Verizon Data Breach Investigations Report is essentially infosec’s report card. It comes out right before summer vacation and gives us an ~120 page snapshot of the state of security. The findings, much like my report...

Challenges of Cloud Security (5 Traps to Avoid)
Published: 09/12/2022

Originally published by Vulcan Cyber here. Written by Gal Gonen, Vulcan Cyber. It’s no surprise that one of the biggest concerns for companies using the cloud - whether they were born in the cloud or migrated to one - is the attached challenges of cloud security, specifically when “operating in t...

The Credential Theft Food Chain - How Does a Bad Actor Move Laterally Once In?
Published: 09/09/2022

Written by Anastasios Arampatzis, Tech Writer, Bora Any time a breach occurs, senior management and any subsequent media coverage often focus on how the criminal got into the network. Most company leadership would like to imagine that the breach resulted from a sophisticated, lengthy campaign to ...

3 Access Security Lessons Learned from the Marriott Data Breach
Published: 09/06/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. For the third time in less than five years, international hotel corporation Marriott is back in the news with yet another data breach.According to reports out of Databreaches.net who broke the story, Marriott was the vic...

FIDO - Leading the Zero Trust Passwordless Authentication Evolution
Published: 08/31/2022

Originally published by Thales here. Written by Gregory Vigroux, PKI Product Line Manager, Thales. It’s no secret that passwords have become one of the weakest links in enterprise security. Credential compromise is the leading cause of cybercriminals’ ability to gain access to enterprise resource...

Database Security Exposed: The Truth Behind the Record High Number of Data Breaches
Published: 08/29/2022

Written by Cyral. “Every company is a data company.”From building better products and providing better customer experiences to improving efficiencies, data is driving the business.With data taking the spotlight, there are important implications for security, privacy, and compliance teams. It’s no...

Improve Visibility in Cyberattacks with Cybersecurity Asset Management
Published: 08/24/2022

Originally published by Axonius here. Written by Kathleen Ohlson, Axonius. Google issued three emergency security updates, in as many weeks, to all of its 3.2 billion users of its Chrome browser. One was for a high-severity zero-day vulnerability that attackers exploited. Okta’s platform experien...

The CISOs Report: A Spotlight on Today’s Cybersecurity Challenges
Published: 08/19/2022

Originally published by CXO REvolutionaries here. Written by Sean Cordero, CISO - Americas, Zscaler. New attacks and attack classes demand new solutions and strategies The swift evolution of IT infrastructures has made cybersecurity more challenging than ever for CISOs. They face a broader range ...

Treating Healthcare’s Insider Threat
Published: 08/16/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. There’s an old joke about why bank robbers rob banks. Because that’s where the money is. Given the valuable assets under their care, banks, fintech, insurance, and other financial institutions have understood that they h...

Can You See Me Now? Time to Shine a Light on the Huge Security Risk Posed by Your Shadow Data.
Published: 07/28/2022

Originally published by Laminar here. Written by Karen Sung, Laminar. Shadow data is the largest threat to your data security that you don’t even know about. There is nothing that is growing faster in the cloud than data.It only takes one developer to leave an S3 bucket with user data open or lea...

Stop Modern Identity-Based Attacks in Chrome
Published: 07/20/2022

This blog was originally published by CrowdStrike here. Written by Eamonn Ryan, Matthew Puckett, and Liviu Arsene of CrowdStrike. A novel technique that reduces the overhead in extracting sensitive data from Chromium browser’s memory was recently found by researchers from CyberArk Labs Existing a...

IAM Stakeholders and Adoption Challenges
Published: 07/17/2022

This is Part 5 of our ‘What is IAM’ blog series. Make sure to check out the rest of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Part 4: The Evolution of IAM Written by Paul Mezzera, Ravi E...

The Evolution of IAM
Published: 07/17/2022

This is Part 4 of our ‘What is IAM’ blog series. Make sure to check out the beginning of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM...

The Components of IAM
Published: 07/17/2022

This is Part 3 of our ‘What is IAM’ blog series. Read Part 1 here and Part 2 here. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. As alluded to previously, IAM is a set of tools that implement a number of use cases. If broken down into access management and...

The Definition of IAM and Its Criticality to Good Security Hygiene
Published: 07/17/2022

This is Part 2 of our ‘What is IAM’ blog series. Read Part 1 here. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. What exactly is identity and access management (IAM)? It is the overall discipline that encompasses not only tools and technologies, but proces...

What is IAM: Identity in the Digital and Cloud Era
Published: 07/17/2022

This is Part 1 of our ‘What is IAM’ blog series. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. Identity and access management (IAM) is not a new concept, yet it is becoming much more essential in today's digital-first world. The modern workforce demands a ...

An Introduction to Cloud Security for Infosec Professionals
Published: 07/15/2022

Originally published on Fugue’s website. Written by Richard Park, Chief Product officer, Fugue / Senior Director Product Management, Snyk. As someone who has spent a long time in network and endpoint security then moved to cloud security, I can sympathize with people with security backgrounds...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.