Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
CCSK Success Stories: From a Banking Project Delivery Leader
Published: 05/28/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

Cyber Risks Haunt Energy and Natural Resource Sector
Published: 01/31/2022

This blog was originally published by KPMG here. Written by Ronald Heil, KPMG. Imagine connected sensors that dispatch a repair crew to a fraying pipeline, laser ‘guard rails’ that prevent tanker trucks from backing off piers, and smart systems that prompt the power company to recharge your elect...

Blockchain Security and Legaltech
Published: 12/14/2021

Written by Sebastian Soriano, TRATO Since its inception, the blockchain technology has shown promising application prospects. With the rise of technology many industry players are now digitizing and integrating new technologies to ensure cybersecurity in transactions. Among all solutions, t...

Why Cloud Security is Critical for Retailers
Published: 10/29/2021

By Kristen Bickerstaff, CyberArk. The past few years have seen accelerated digital transformations for the retail industry as online shopping and the demand for digital-first businesses have grown tremendously. Retailers are rapidly turning to the cloud and Infrastructure-as-a-Service (IaaS) to...

How Do You Securely Use the Office 365 Suite?
Published: 10/26/2021

This blog was originally published by Fortica here. Written by Romain Coussement – Cloud Security Expert at Fortica. The Office 365 suite is already in place in many companies. Does everyone use it completely securely? Not necessarily. But be aware that Microsoft’s range of tools offers a host ...

Why the World Needs Proactive Cybersecurity
Published: 09/21/2021

This blog was originally published by Bitglass here.Written by Ben Rice, Bitglass.Computing is now in a ubiquitous state with users able to connect to a dizzying number of services and applications. Companies have networked together everything to reduce costs, increase automation, and achieve dig...

Cybersecurity’s Next Fight: How to Protect Employees From Online Harassment
Published: 09/15/2021

This blog was originally published by Microsoft here.The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In this blog post, Microsoft Product Marketing Manager Natalia Godyla talks with Leigh Honeywell, CEO and...

From CapEx to OpEx, and Greater Security
Published: 09/13/2021

This blog was originally published by CyberCrypt here.In the cloud, cloud service providers (CSPs) manage the infrastructure they control—where organizational data and applications are stored—and perform the patching and updates so that the applications they use remain current.These advantages ar...

Here are Five Key Takeaways to Build a Best-in-Breed Security Architecture for Your Enterprise
Published: 09/03/2021

Written by Fausto Lendeborg, CEO, Secberus.Secberus was invited to participate in Plug and Play’s (PnP) Partnerships Transforming Healthcare: Healthcare and the Cloud event. Our CEO, Fausto Lendeborg was accompanied by Edmond Mack, VP Security Architecture at GSK as well as Jennifer Thomas, Manag...

How Can 3DS Authentication Enhance My Payments Flow?
Published: 08/11/2021

This blog was originally published by TokenEx here. Written by Jessica Titsworth, TokenEx. As the rapid growth of ecommerce platforms and digital payments continue, the amount of card-not-present (CNP) transactions has increased. While this can provide extra convenience for the cardholder, mercha...

The Visionary CCM/CAIQ v4 Early Adopters
Published: 08/06/2021
Author: John DiMaria

This blog was updated on 8/16/21 with the news that organizations can now submit CAIQ v4 to the STAR Registry.The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to CSA best practices and is considered the de-facto standard for cloud security and priva...

Blue Team Diaries: Becoming ‘data-smart’
Published: 08/05/2021

Written by Derek Wood, Open Raven“I can’t afford to not be data-smart.” - Doug Clendening, Principal Services Consultant at Open Raven (Previously Principal Cyber Incident Commander at Splunk) Blue teams aren’t quite the cape-wearing heroes featured in comics, but they aren't far off when it come...

The Importance of Properly Scoping Cloud Environments
Published: 08/05/2021

PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) recently released a joint industry threat bulletin highlighting the importance of properly scoping cloud environments. In this blog, the PCI SSC and CSA share guidance and best practices for properly scoping cloud envi...

SECtember 2021: Why I’ll Be There
Published: 08/03/2021

Written by Larry Hughes, Principal Compliance Consultant, LJH Compliance ConsultingI first got involved in the Seattle information security scene in 1996. I was busy building a security consulting practice for a startup. It wasn’t long before I met this affable fellow named Jim Reavis, who had al...

Can Web Browsers be “Secure” as Required by Federal Cybersecurity Guidelines?
Published: 07/28/2021

This blog was originally published by Ericom Software here.Written by Gerry Grealish, Ericom Software Chief Marketing Officer.The National Institute of Standards and Technology (NIST) issued its “Definition of Critical Software Under Executive Order,” one of the first items to be delivered in res...

Deep Dive into the NSA Funded MITRE D3FEND Framework
Published: 07/26/2021

This blog was originally published by Blue Hexagon here.Written by Saumitra Das, Blue Hexagon.MITRE released the D3FEND framework on 6/22/21, an effort funded by the National Security Agency to effectively create a knowledge graph of cybersecurity countermeasure techniques. The goal of this proje...

Certificate of Cloud Security Knowledge (CCSK) Modules for Non-Tech Staff
Published: 07/21/2021

The Certificate of Cloud Security Knowledge (CCSK) is a standard of expertise for cloud security. While this is a certificate that technical professionals typically strive to earn, the study materials can also offer valuable lessons to non-technical staff interested in gaining a general understan...

Building the Next Generation of Cybersecurity and Privacy Professionals
Published: 07/20/2021
Author: Daniele Catteddu

ContextIn the past two decades we have witnessed a dramatic evolution in the cyber domain; new technologies have revolutionized the world we live in, our habits, our behaviors and our way of thinking. Cloud Computing, Edge Computing, Internet of Things/Everything, Smart Environments, Artificial I...

2021 State of Cloud Security Posture Management Report
Published: 07/16/2021

This blog was originally published by OpsCompass here.We recently announced the results of a report we conducted on cloud security and management challenges. The “2021 State of Cloud Security Posture Management Report” is based on survey responses from 253 full-time, US-based, IT professionals wh...

Why Is Cybersecurity Critical in Protecting Infrastructure?
Published: 06/09/2021

Written by Angela Stone, Content Creator, Eleven Fifty AcademyCybersystems, assets, and physical infrastructure are vital to the economy of a country. Destroying or incapacitating infrastructure and cyber systems can have a devastating impact on the economy. Industries such as the oil and gas ind...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.