Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Transitioning to the Cloud in 2022: Recommended Resources from CSA
Published: 01/11/2022

How can your organization improve how it approaches the cloud? In this blog we put together a list of research created by the Cloud Security Alliance’s working groups and other resources created by our community that will be helpful to you if you are considering transitioning your organization to...

The Pros and Cons of Using SaaS Security Services
Published: 12/11/2021

Written by the Security Guidance Working GroupIn this blog we discuss the benefits and concerns of security services delivered from the cloud. These services, which are typically SaaS or PaaS, aren’t necessarily used exclusively to protect cloud deployments; they are just as likely to help defend...

A North Star for the Industry: CSA Research Summit at RSA 2022
Published: 12/01/2021
Author: Jim Reavis

The RSA Conference will always have a special place in the history of the Cloud Security Alliance, as it does with many cybersecurity ventures. CSA was launched at the RSA Conference in 2009 with the first version of our best practices document. We followed that up with our first CSA Summit at RS...

How the Incident Response Lifecycle Changes for Cloud
Published: 11/13/2021

Incident Response (IR) is a critical facet of any information security system. Most organizations have some sort of IR plan to govern how they will investigate an attack, but as the cloud presents distinct differences in both access to forensic data and governance, organizations must consider how...

Business Continuity and Disaster Recovery in the Cloud
Published: 10/31/2021

Business Continuity and Disaster Recovery (BC/DR) is just as important for cloud computing as it is for any other technology. However, specific considerations for the cloud need to be kept in mind. This blog will provide an overview of how to approach BC/DR in the cloud, including the overarching...

The 6 Phases of Data Security
Published: 10/14/2021

The primary goal of information security is to protect the fundamental data that powers our systems and applications. As companies transition to cloud computing, the traditional methods of securing data are challenged by cloud-based architectures. You don’t have to lift and shift existing problem...

CCSK Success Stories: From a Cloud Technical Specialist
Published: 09/13/2021

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

How Security Changes With Cloud Networking
Published: 09/08/2021

Common on-premises network practices work differently for the cloud user and provider due to the lack of direct management of the underlying physical network. The most commonly used network security patterns rely on control of the physical communication paths and insertion of security appliances....

The Microservices Architecture Pattern: Expanding Security Assurance Ideas in Containers and Microservices
Published: 09/02/2021

After 137 rolling discussions on Circle and growing a library of input material to 42 unique documents, 2 co-chairs and 343 Application Containers and Microservices (ACM) working group members spanning 5 continents created a third installment further expanding the ideas of CSA security assurance ...

Five Recommendations for Securing Cloud Containers
Published: 08/19/2021

Written by the members of the Security Guidance Working Group. This blog came from Domain 8 of the CSA Security Guidance for Cloud Computing v4.Understanding the impacts of virtualization on security is fundamental to properly architecting and implementing cloud security. In this blog, we will be...

Cloud Network Virtualization: Benefits of SDN over VLAN
Published: 06/25/2021

Written by the members of the Security Guidance Working GroupAll clouds utilize some form of virtual networking to abstract the physical network and create a network resource pool. Typically the cloud user provisions desired networking resources from this pool, which can then be configured within...

What is cloud security? How is it different from traditional on-premises network security?
Published: 11/09/2020
Author: Ryan Bergsma

Cloud is also becoming the back end for all forms of computing, including the ubiquitous Internet of Things and is the foundation for the information security industry. New ways of organizing compute, such as containerization and DevOps are inseparable from cloud and accelerating the digital revo...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.