Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
The Future of Cloud
Published: 03/24/2023

Originally published by ManTech. Written by Sandeep Shilawat, Vice President, Cloud and Edge Computing, ManTech. Stock analysts and meteorologists are in the business of making predictions. IT professionals… not so much. But when we think about the cloud and the vast changes it has facilitated ac...

“Hi ChatGPT, please help Cybersecurity”
Published: 01/31/2023
Author: Jim Reavis

“Cloud is just a bunch of APIs,” said Mark Russinovich of Microsoft at CSA’s SECtember 2021 conference. Mark was simplifying the definition of cloud to get after the essential characteristic that has allowed it to flourish and conquer other forms of computing. The on-demand provisioning of comput...

Don’t Keep Us in the Dark: Addressing the Cloud Change Management Gap
Published: 12/14/2022

Sean Heide, Research Technical Director at CSA Jez Goldstone, Director of Security Architecture, Cloud & Innovation | CSO Cyber Security Assurance at Barclays Hillary Baron, Sr. Research Technical Director at CSA John Yeoh, Global VP of Research at CSA The innovation in cloud services and platfor...

How to Contain Breaches in the Cloud
Published: 11/02/2022

Written by PJ Kirner, CTO and Co-Founder, Illumio. Hyperconnectivity, hybrid work and an increasingly distributed enterprise have all caused the modern attack surface to explode. In the past 2 years alone, 76 percent of organizations have been attacked by ransomware and 66 percent have experien...

Pivoting from Infrastructure Resilience to True Data Resilience
Published: 10/05/2022

Originally published by ShardSecure here. Written by Julian Weinberger, ShardSecure Sales Engineering & Partner Lead. Traditionally, we achieved resilience by making systems redundant with a primary data center and a backup data center that consisted of all the same infrastructure, devices, and...

You Could Do Zero Trust the Old-Fashioned Way, but Why?
Published: 10/04/2022

Originally published by CXO REvolutionaries here. Written by Kevin Schwarz, Transformation Strategist, ZScaler. Many organizations are trapped in an outdated way of operating and simply do not realize it. People, businesses, and agencies regularly use antiquated processes or technology, never ant...

How to Solve Complex Cloud Security Problems with AI
Published: 09/16/2022

Written by Morey J. Haber, Chief Security Officer, BeyondTrust. Artificial intelligence (AI) and, to a lesser extent, machine learning (ML) have become increasingly prevalent as a solution to solve complex cybersecurity problems. While the cloud has made this more practical due to shared resource...

Comments on the Extensible Visibility Reference Framework (eVRF) Program Guidebook
Published: 08/23/2022

Originally published by Gigamon here. Written by Orlie Yaniv and Ian Farquhar, Gigamon. Editor’s note: Gigamon is very happy to see the CISA’s recent work on formalizing and structuring what visibility means and assessing its efficacy. As Zero Trust accelerates, visibility becomes a key focu...

Adapting the Cloud Service Model to Today's Needs
Published: 07/19/2022

This blog was originally published by CXO REvolutionaries here. Written by Brett James, Director, Transformation Strategy, Zscaler. You may have come across the diagram below, or a version of it if you’ve done any research into cloud services (and not from under a rock). Figure 1: Clou...

Financial Services Turn to Confidential Computing for Key Use Cases
Published: 07/15/2022

This blog was originally published by Anjuna here. Why do highly regulated industries need the protection of Confidential Computing to secure personal data, MPC, and other applications?The very mention of today’s cloud-related financial risks raises goose-bumps: intensified money laundering campa...

Web Protocol - Uses Finite State Machine
Published: 07/15/2022

Written by Gregory Machler, Cybersecurity Engineer, Daikin Applied. In an attempt to improve the cybersecurity of the communications between a browser and web server, I’ve been mulling over session protocols. In prior thoughts last year, I commented on the use of TLS 1.3 to encrypt traffic betwee...

With Multi-Device Fido Credentials, You Can Now Go All-in on Passwordless
Published: 07/13/2022

This blog was originally published by CXO REvolutionaries here. Written by Maneesh Sahu, Senior Director, OT and IIoT Product Management, Zscaler. In a previous post, The Passwordless future has arrived, here are your options, I enumerated some options for app developers and end-users to use inst...

Preparing for Web 3.0
Published: 07/08/2022

This blog was originally published by Schellman here. Written by Scott Perry, Schellman. Ernest Cline’s sci-fi novel, Ready Player One, centers on users’ experience within the OASIS—a highly advanced, fully immersive simulation. In the book, people prefer living in virtual reality rather than the...

What a More Holistic Approach to Cloud-Native Security and Observability Looks Like
Published: 06/27/2022

This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because clo...

For Fun – Aligning or Putting Music to the Varieties of Efforts, Tasks, Work Roles, and Functions in Cybersecurity
Published: 05/27/2022

Produced by: Stan Mierzwa, M.S., CISSP, CCSK, Cloud Security Alliance NJ Chapter President Contributions by: Eliot Perez, Assistant Director Security, Transportation Industry and Cloud Security Alliance NJ Chapter Board Member Todd Edison, Chapter Relations Manager, Cloud Security Alliance ...

How to Architect for Sustainability in a Cloud Native Environment
Published: 05/16/2022

This blog was originally published by Contino here. Written by Scott McCracken, Contino. Recognising the impact we have on the environment is more important than ever and ensuring our businesses are sustainable is now paramount. Over the last year, more and more organisations have signed up to Th...

Handling the Challenge of Model Drift in Data Lakes
Published: 03/30/2022

Written by Dr. Nathan Green, Marymount University and Oliver Forbes, NTT DATA One of the most constant and evolving characteristics of the sharing of information, is data in its readable form and its various models of consumption. Machine learning is an impactful tool of analysis that plays a...

7 Technology Innovations That Will Impact Cybersecurity in 2022 and Beyond
Published: 03/27/2022

Cloud has become the foundation for launching new technologies. As these new technologies are developed and adopted by enterprises, they will increasingly impact cybersecurity. Help our industry start preparing for the future by informing yourself of the top emerging technologies to watch for.Vie...

Are You Ready for the Great Cybersecurity RESET?
Published: 02/14/2022

This blog was originally published by CXO REvolutionaries here. Written by Phil Armstrong, EVP & Global CIO (former). Have you heard about the “great cybersecurity RESET” yet? The reset is a new wave of activity and an emerging global trend centered around cybersecurity planning. Businesses aroun...

The Cyber Defense Matrix
Published: 02/11/2022

This blog was originally published by JupiterOne here. Written by Sounil Yu, CISO & Head of Research, JupiterOne. In a world where cybersecurity threats evolve and proliferate at dizzying speed, a confusing and disordered cybersecurity landscape makes it all too difficult to ensure that our asset...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
Last »