Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
Becoming Cyber Resilient—Cybersecurity Trends to Watch in 2023
Published: 03/23/2023

Originally published by BARR Advisory. Written by Kyle Cohlmia. According to the 2022 IBM Cost of Data Breach report, 83% of organizations surveyed experienced more than one data breach with an average total cost of $4.35 million. This cost was an all-time high for 2022 and a 2.6% increase from t...

What is FIPS 140 and What Does it Mean to Be “FIPS Compliant”?
Published: 03/23/2023

Originally published by Titaniam. FIPS was developed by the Computer Security Division of the National Institute of Standards and Technology (NIST). It established a data security and computer system standard that businesses must follow in accordance with the Federal Information Security Manageme...

Could A Data Breach Land Your CISO In Prison?
Published: 03/03/2023

Originally published by F5. Written by Gail Coury. On November 9, 2022 Twitter CISO Lea Kissner resigned along with the company’s chief privacy officer and its chief compliance officer. The Washington Post and other media outlets reported that internal Slack messages at Twitter revealed serious c...

Why Making Ransomware Payments Illegal Could Backfire
Published: 02/28/2023

Originally published by CXO REvolutionaries. Written by Ben Corll, CISO - Americas, Zscaler. A debate swirling since at least last summer – about the wisdom of banning compromised companies from making payments to ransomware actors – was sparked again recently when Australia broached the possibil...

What Are the DoD Cloud Computing Security Assessment Requirements?
Published: 01/26/2023

Originally published by Schellman. Written by Jon Coffelt, Schellman. When you compare the two tallest mountains in the world—K2 and Everest—some of the facts might surprise you. For instance, did you know that K2’s climbing route is more technical than that of the tallest mountain in the world? ...

SANS 2022 Cloud Security Survey, Chapter 2: What Security and Compliance Worries Do IT Pros Have About the Cloud?
Published: 12/14/2022

Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 2 of the SANS 2022 Cloud Security Survey. Chapter 1 is available here. Check back for future posts covering Chapters 3 and 4.The cloud is sold more and more as the answer to what ails IT,...

CISOs of the World, Unite!
Published: 12/03/2022
Author: Jim Reavis

This article represents personal commentary from CSA’s Chief Executive Officer Jim Reavis. I have been in the industry long enough to have observed the creation of the Chief Information Security Officer role and the journey to making this person a crucial part of our ecosystem. For almost all ...

Is 3D Secure 2.0 Required in the US?
Published: 11/09/2022

Originally published by TokenEx. Written by Anni Burchfiel, TokenEx. Quick Hits: 3D Secure is a security protocol that requires an extra layer of authentication for online payments.3D Secure connects the three parties involved in a transaction (the card issuer, the acquirer, and the payment syste...

How Cybersecurity Insurance Can Work To Help An Organization
Published: 10/25/2022

Originally published by Thales here. Written by Anthony Dagostino, CEO and Co-Founder, Converge. For many years, organizations had limited options for addressing data protection risks. A company could never eliminate risk, but they could try to reduce or mitigate it. In the last 20+ years, cybers...

Comments on NIST Special Publication 1800-35B, ‘Implementing a Zero Trust Architecture’ Volume B
Published: 09/21/2022

Originally published by Gigamon here. Written by Ian Farquhar and Orlie Yaniv, Gigamon. Editor’s note: As a supplier of network software and hardware to multiple U.S. government agencies, Gigamon reviews and comments on many draft standards and documents issued by government agencies. This has ac...

Defending Your Enterprise Against a Sea of Increasingly Stringent Data Privacy Laws
Published: 08/25/2022

Originally published by Thales here.Written by Krishna Ksheerabdhi, VP, Product Marketing, Thales.While international privacy regulations are front and center in much of the press I’d like to turn your attention to a developing patchwork of US Federal and State privacy regulations in this post.Th...

Writing Good Legislation is Hard
Published: 08/22/2022
Author: Kurt Seifried

It’s hard to write good legislation. Recently H.R.7900 - National Defense Authorization Act for Fiscal Year 2023 came out. It includes the following text:At first glance, the intent seems reasonable. Vendors need to include an SBOM for their software and services, and any known vulnerabilities (a...

Conversation on Compliance: Q3 Insights
Published: 07/18/2022

This blog was originally published by IntelAgree here. Written by Lee Rone, General Counsel, IntelAgree. Regulatory compliance, particularly in the data privacy realm, is a delicate balancing act for general counsel. Not only does it require juggling international, domestic, and industry-specific...

CISO to CISO: 3 Practical Tips to Protect Your Data in the Cloud
Published: 05/20/2022

Written by Marc Blackmer, ShardSecure. The explosion of remote work over the last two years has driven the rapid adoption of cloud services and, with that, a rise in threats and risk to enterprise data. Now that we know a hybrid work model is here to stay, organizations need to better understand ...

Doing Business in Brazil? Get to Know the General Personal Data Protection Law (LGPD)
Published: 04/27/2022

Written by VGS. Did you know that Brazil is bigger than the 48 contiguous United States? The US is only bigger than Brazil if you add Alaska! São Paulo, with over 21 million residents, is more populous than New York. And Brazil’s 210 million citizens enjoy a thriving economy: Brazil’s Gross Domes...

Measuring up to CMMC Compliance with AppSec
Published: 11/01/2021

This blog was originally published by Checkmarx here. Written by Rebecca Spiegel, Checkmarx. Any organization with aspirations to do business with the U.S. Department of Defense will rapidly familiarize itself with the recently introduced Cybersecurity Maturity Model Certification (CMMC)....

A Guided Approach to Support Your Zero Trust Strategy
Published: 10/28/2021

As the world’s workforce sought to overcome the COVID-induced pandemic, a remote workforce suddenly became the new normal. At break-neck speed, information technology (IT) organizations were working to improve the security of millions of new endpoints that were accessing a network not optimized f...

Final Versions of Standard Contractual Clauses Adopted!
Published: 06/07/2021

Three years after the General Data Protection Regulation (GDPR) came into effect, the European Commission has issued the much-awaited final version of two new sets of Standard Contractual Clauses that are expected to enable data controllers and processors to address some of the thorny issues in t...

President Biden’s Cybersecurity Executive Order: What will it mean for you?
Published: 06/01/2021

This blog was originally published by OneTrust here.On May 12, US President Joe Biden issued an executive order on cybersecurity seeking to improve the state of national cybersecurity in the US and to increase protection of government networks following incidents involving SolarWinds and more rec...

PCI Compliance Checklist: Ensure Compliance
Published: 03/08/2021

Originally published on TokenEx's blog. You’ve heard about all of the breaches. You know no defense is impenetrable. And you’re likely aware of the risk that comes with storing payment card information.Still, you need to process cardholder data to run your business—that much is unavoidable. So, h...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
Last »