Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
What is Cloud Penetration Testing?
Published: 02/12/2022

Written by the CSA Top Threats Working Group. Also known as ethical hacking, cloud penetration testing evaluates security and discovers vulnerabilities by utilizing hacker tools and techniques. Security testing in general is crucial to the security assurance of cloud environments, systems and dev...

Sealing Security Supply Chain Gaps
Published: 02/09/2022

This blog was originally published by KPMG here. Written by Jonathan Dambrot, KPMG. With the current unrelenting pace of cyber-attacks, business leaders surveyed in KPMG’s 2021 CEO Outlook now recognize that cyber security is no longer a short sprint, but rather a long-distance marathon to keep u...

The End of Agent Technology in the Cloud
Published: 02/09/2022

Written by Morey J. Haber, Chief Security Officer at BeyondTrust One of the oppositions to new technology placed on an endpoint is the need for an agent. In fact, for years, one of the biggest objections by companies has been the need for agent technology at all. Time and time again, end users...

Key Questions for Cloud DLP Transformation
Published: 02/04/2022

Written by Amit Kandpal, Director - Customer Success at NetskopeBased on prior, documented deployments of many DLP transformation programs (as companies adjust to the new cloud-first security stack), there are some critical and fundamental aspects that are often not fully understood:How is DLP di...

Improving Security Posture Through the 4-Step Gap Analysis Process
Published: 02/01/2022

Written by Brad Fugitt, Chief Information Security Officer, Pax8 As we move into 2021, managed service providers (MSPs) will increase their focus on security as they work to keep their clients' data safe, protecting them from potential threats and loss. The move to a work from anywhere environmen...

Your Enterprise Cloud Risk Management Cheat Sheet
Published: 01/27/2022

Written by Fausto Lendeborg, Secberus Picture this: It’s 2022, and cloud risk is no longer the elusive threat it once was. It is tamed through better understanding, faster mitigation and bold, policy-first strategy. Read on for three starter tips. 01Understanding Comes First. Understanding ...

Application Security Best Practices
Published: 01/10/2022

This blog was originally published by Vulcan Cyber here. Written by Tal Morgenstern, Vulcan Cyber. Forget whatever business you think you’re in. As Microsoft CEO Satya Nadella announced in 2019, every company is a software company, creating digital assets like applications and websites. That mean...

Healthcare Cybersecurity: 8 Data Protection Best Practices
Published: 01/07/2022

This blog was originally published by BigID here. Written by Kimberly Steele, BigID. Healthcare organizations need to look beyond compliance to reduce risk, implement robust data management, and achieve a data protection program that balances safeguarding patient data with providing the highest q...

The Three Pillars of a CARTA-enabled CSPM Strategy
Published: 12/28/2021

This blog was originally published by Secberus here. Written by Fausto Lendeborg, Secberus. The cloud has changed how enterprises operate today. It has allowed companies to more easily store and share data. And with all this new data, it's increasingly important to make sure your security strat...

What Did We Learn About Cyber Risk Management in 2021?
Published: 12/17/2021

By Bob Maley, Chief Security Officer at Black Kite “The more things change, the more they stay the same.” Author Jean-Baptiste Alphonse Karr wrote this in 1849 and it still rings true today, especially in cybersecurity. The number of reported data breaches in 2021 have soared past the total for 2...

What’s Your Risk Appetite?
Published: 12/04/2021
Author: Kurt Seifried

Let’s get some dinnerIn European history, the first restaurant was opened in Paris in 1765 with a single dish (sheep’s feet simmered in a white sauce). In eastern history, the first restaurants opened in around 1100 A.D. in China in a number of different cities. Either way, we can all agree that ...

Why Now is the Time for Chaos (Engineering)
Published: 11/30/2021

Written by Morey J. Haber, BeyondTrust. If you are old enough to remember the television show Get Smart, you may be familiar with the concept of applying chaos to provide order. While this spy show spoof mocked political stereotypes of the time for control versus chaos, the slapstick humor was de...

Better Together: CMDB + CSPM = Cloud Native Cyber Asset Management
Published: 11/24/2021

This blog was originally published by JupiterOne here. Written by Tyler Shields, JupiterOne. There is a lot of confusion out there when it comes to cloud native IT and cloud security tools. Things have gotten rather complicated over the last few years as we migrate our security and technology sta...

The Fourth Dimension of Security Risk Management
Published: 11/24/2021

This blog was originally published by Orca Security here. Written by Andy Ellis, Advisory CISO for Orca Security. When security professionals talk about risk, especially with business executives, we often use metaphors rooted in the physical world. We might talk about coverage, and compare it to ...

Multi-Cloud Security: What You Need to Know
Published: 11/16/2021

This blog was originally published by Vulcan Cyber here. Written by Orani Amroussi, Vulcan Cyber. The multi-cloud approach is becoming increasingly popular among companies looking to take advantage of its agility, innovation, potential cost savings, and the flexibility to choose the best of what ...

Why Your Organization Needs Cyber Insurance
Published: 11/05/2021

This blog was originally published by SafeBase here. Written by Kevin Qiu, Director of Information Security at SafeBase. Security Incidents Are Becoming Increasingly Expensive Cyber security products and defensive techniques have come a long way over the past few years as cloud computing has t...

Why the Facebook Outage and Twitch Breach Matter to Business Leaders
Published: 11/02/2021

By Josh Stella, Fugue Co-Founder and CEO Originally Published at Fugue on October 14, 2021 This month, Facebook and Twitch both suffered serious damage at their own hands, and every executive needs to understand what happened and how these types of incidents are preventable. At Fac...

Business Continuity and Disaster Recovery in the Cloud
Published: 10/31/2021
Author: Megan Theimer

Business Continuity and Disaster Recovery (BC/DR) is just as important for cloud computing as it is for any other technology. However, specific considerations for the cloud need to be kept in mind. This blog will provide an overview of how to approach BC/DR in the cloud, including the overarching...

Runtime Protection, the Mindset Shift Cloud Security Needs
Published: 10/21/2021

This blog was originally published by Virsec here. Written by Satya Gupta, Co-Founder and CTO, Virsec. For years, companies have adopted cloud infrastructure for ease and speed in deploying applications. However, over the past 18 months the move to the cloud has accelerated dramatically as em...

Agents are Not Enough: Why Cloud Security Needs Agentless Deep Scanning
Published: 10/20/2021

This blog was originally published by Wiz here. Written by Josh Dreyfuss, Wiz. Cloud environments are characterized by their dynamic nature. It’s easier than ever before to spin up new resources and add new technologies, which leads to an ever-increasing number of people and teams deploying in th...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.