Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
With Great Power Comes Great Responsibility: The Challenge of Managing Healthcare Data in the Cloud
Published: 05/26/2021

By Jon Moore, MS, JD, HCISSP, Chief Risk Officer and Head of Consulting Services, Clearwater Seeking flexibility, scalability, and cost savings, an increasing number of healthcare organizations are moving systems and data to the Cloud. This trend is accelerating, fueled by increased adoption of ...

Incident Response and Knowing When to Automate
Published: 03/24/2021

This blog was originally published on Measuring and improving total time of response is easier said than done. The reality is many organizations do not know their existing state of readiness to be able to respond to a cybersecurity incident in a fast, effective manner. And most don’t...

​The Age of Collaborative Security
Published: 03/09/2021

Written by: Philippe Humeau, CEO, CrowdSecThe Cloud Security Alliance was born from a need, the need to collaborate, whether we are partners or competitors, for the greater good of our industry and its customers. That’s what alliances are made for, to become stronger together.Security wise, few a...

Transforming Your IT Risk Management from Reactive to Proactive in 5 Steps
Published: 03/04/2021

This blog was originally published on Hyperproof's blog.Written by Jingcong Zhao, Director of Content Strategy at HyperproofAs a seasoned IT risk management professional, you already know that staying on top of security is a constant battle. You probably also know that managing IT risks proactive...

NACHA Updates | Supplementing Data Security Requirements
Published: 01/19/2021

Written by TokenExIn late 2019, NACHA supplemented its existing Security Framework for the ACH Network with a new rule applying to all merchants, billers, businesses, governments, and third parties that send 2 million or more ACH payments per year. The rule was expected to roll out in two phases,...

SolarWinds - How Cybersecurity Teams Should Respond
Published: 12/16/2020

By Paul Kurtz Co-founder and Executive Chairman, TruSTAR Technology SolarWinds perhaps represents the most severe hack of the digital age. The playbook of our adversaries continues to evolve, but defenders are losing, and the gap is widening. Discussion of imposing consequences on adversaries see...

The Way You Protect Your Customers' Data Is Fundamentally Changing
Published: 11/10/2020

By WhisticAs an InfoSec professional, you’ve seen your fair share of growth and change in the industry. Information security presents an interesting challenge because the technology is actively solving for very real threats and risks. As the technology used by malicious forces grows and expands i...

Is your vendor platform future proof?
Published: 09/21/2020

Written by WhisticIn the last few years, the InfoSec and data privacy sectors have grown exponentially. From on-premise hardware and servers to fully adopting cloud-based, SaaS-focused security workflows, the InfoSec world of 2020 looks much different from ten years ago. If you’re like most InfoS...

What is Third Party Risk and Why Does It Matter?
Published: 09/14/2020

Written by WhisticIn the world of information security, third party risk is a topic that comes up often. As more and more organizations turn to SaaS-based vendors and move their operations to a cloud-driven environment, third party risk has become one of the most critical topics for an organizati...

Understanding the Complexities of Securing a Remote Workforce
Published: 09/09/2020

By Sean Gray, Sr. Director InfoSec at Paypal and Co-Chair of the CSA Financial Services Working GroupWe have all witnessed sudden and stunning changes in how companies – big and small – operate in response to the challenges necessitated by COVID-19. Many have pivoted successfully, however there ...

3 Ways to Overcome Challenges in Vendor Risk Management
Published: 08/25/2020

Written by WhisticOne of the most significant catalysts for the shift from reactive to proactive vendor security was the change in the way organizations do business and handle data and information.The Changing SaaS LandscapeInfoSec is one of the latest industries to hop on the SaaS train, but it ...

Cloud Risk Management
Published: 07/02/2020

By Ashwin Chaudhary with AccedereCloud Risk Management is an important aspect in today’s world where majority of the organizations have adopted the cloud in some form or the other. Cloud risks continue to remain high for a CISO or a CIO and is gaining more importance in today’s world where more o...

Cloud Penetration Testing the Capital One Breach
Published: 10/10/2019

By Alexander Getsin, Lead Author for Cloud Penetration Testing PlaybookAligning the Capital One breach with the CSA Cloud Penetration Testing PlaybookIn March 2019, Capital One suffered a unique cloud breach. 140,000 Social Security numbers and 80,000 linked bank account numbers were exposed, alo...

How to Improve the Accuracy and Completeness of Cloud Computing Risk Assessments?
Published: 06/24/2019

By Jim de Haas, cloud security expert, ABN AMRO BankThis paper aims to draw upon the security challenges in cloud computing environments and suggests a logical approach to dealing with the security aspects in a holistic way by introducing a Cloud Octagon model. This model makes it easier for orga...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.