Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Governing the Organization
Published: 04/13/2022

This blog was originally published by Coalfire here. Written by Matt Klein, Field CISO, Coalfire. Security is the biggest risk to business today. Managing security has become one of the hardest jobs in the enterprise, and failing to do so effectively can create opportunities for severe operationa...

A Whole New World for PCI DSS
Published: 03/30/2022

This blog was originally published by PKWARE on November 23, 2021. As we know, the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 guidelines are coming out in Q1 of next year, with some predicting a March timeframe for its release based on previous releases. The last time PCI came...

When It Comes to SaaS Security, Ignorance is Not Bliss for Corporate Leadership
Published: 03/29/2022

Written by Brendan O’Connor, CEO and Co-Founder of AppOmni Organizations are increasingly moving their data to SaaS platforms. But while companies are racing to adopt SaaS, many haven’t yet put the tools and processes in place to protect their SaaS data, leaving it vulnerable in the cloud. It...

Hey You, Get Out of My Cloud!
Published: 03/25/2022

Written by Jim Mandelbaum, Gigamon Field CTO When we take a cloud solution to production how do we know who has access to that data? The process of deploying the production environment has certainly involved several groups and individuals. Who still has access and what can they do with it? Ho...

Five Cloud Security Traps (And How to Avoid Them)
Published: 03/21/2022

This blog was originally published by Vulcan Cyber here. Written by Gal Gonen, Vulcan Cyber. It’s no surprise that one of the biggest concerns for companies using the cloud – whether they were born in the cloud or migrated to one – is the attached security management, specifically when “operating...

App Patching is a No-Win Situation. First Principles Reveals a Better Approach.
Published: 02/03/2022

Written by Satya Gupta, Co-Founder and CTO, Virsec When organizations need to get applications up and running quickly, they turn to cloud infrastructure. The last two years accelerated this strategy as nearly everything went digital. But now cloud users are facing an existential threat. I...

What is Serverless? How Does it Impact Security?
Published: 01/25/2022

Written by the Serverless Working Group What is serverless?Serverless computing is a cloud computing execution model in which the cloud provider is responsible for allocating compute and infrastructure resources needed to serve Application Owners workloads. An Application Owner is no longer requi...

Why Cloud-Ready, Centralized AppSec Must Underpin State Government Cloud Adoption
Published: 11/17/2021

This blog was originally published by Checkmarx here. Written by Rebecca Spiegel, Checkmarx. State and local governments are accelerating their use of the cloud as they focus on delivering more digital services with fewer resources and continue responding to pandemic pressures. In a recent Fe...

SaaS Insecurity: How to Regain Control
Published: 10/20/2021

By Andrew Sweet, AppOmni. Is your SaaS environment running? Then you better go catch it! Or, better yet, secure it. Jokes aside, it’s common knowledge these days that SaaS environments are popular for their agility and scalability, helping businesses streamline operations, improve customer...

The Evolution of Private Cloud Computing and Shared Responsibility
Published: 09/15/2021
Author: Vishwas Manral

Summary: Cloud computing has changed over the last 10 years – the Private Cloud has undergone a big change too. This blog captures the evolution of the Private Cloud with a focus on the shared responsibility model. A previous blog talks about the different service models as they have evolved...

SaaS Security: Risks and Mitigation Methods
Published: 08/16/2021

Written by Dipen Rana and Pooja Patil, TCS As a pandemic-triggered hybrid work model settles in, many enterprises are moving onto the cloud for better agility and greater efficiency. With the cloud offering subscription-based models and eliminating infrastructure cost, organizations have the flex...

The Importance of Properly Scoping Cloud Environments
Published: 08/05/2021

PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) recently released a joint industry threat bulletin highlighting the importance of properly scoping cloud environments. In this blog, the PCI SSC and CSA share guidance and best practices for properly scoping cloud envi...

How to Enhance GRC Program Collaboration in Your Organization
Published: 06/10/2021

This blog was originally published by OneTrust GRC here. When it comes to Governance, Risk, and Compliance (GRC), understanding the integrated risk management responsibilities for each internal and external stakeholder isn’t just a best practice. It’s a critical component to preparing for and ...

Shared Responsibility Model Automation: Automating Your Share Part 2
Published: 09/30/2020

By CloudPassageIn Part 1 of our Shared Responsibility blog series, we provided a detailed overview to help you understand security in a public, hybrid or multi-cloud environment. We broke down the infrastructure stack, explained the responsibilities taken by the cloud service provider, and where ...

Shared Responsibility Model Automation: Automating Your Share
Published: 09/07/2020

By CloudPassageIn Part 1 of our Shared Responsibility blog series, we provided a detailed overview to help you understand security in a public, hybrid, or multi-cloud environment. We broke down the infrastructure stack, explained the responsibilities taken by the cloud service provider, and where...

Shared Responsibility Model Explained
Published: 08/26/2020

By CloudPassageCloud service providers adhere to a shared security responsibility model, which means your security team maintains some responsibilities for security as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all. D...

Cloud Security Roadmap for 2019 & Beyond
Published: 09/10/2019

By Amélie Darchicourt, Product Marketing Manager, ExtraHopHow to succeed under the shared responsibility modelCloud security is an evolving space where consumers and vendors must innovate quickly, not only to outpace attackers, but also to support rapid development while minimizing the risks pre...

How to Share the Security Responsibility Between the CSP and Customer
Published: 09/05/2019

By Dr. Kai Chen, Chief Security Technology Officer, Consumer BG, Huawei Technologies Co. Ltd. The behemoths of cloud service providers (CSPs) have released shared security responsibility related papers and articles, explaining their roles and responsibilities in cloud provisioning. Although they...

Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis
Published: 08/08/2019

By Greg Jensen, Sr. Principal Director - Security Cloud Business Group, OracleFor the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on how they can w...

Office 365 Security: It Takes Two to Tango
Published: 10/17/2018

Many cloud apps – including Office 365 – operate under a shared responsibility model. Here’s what that means for your company By Beth Stackpole, Feature Writer, Symantec Security concerns, once a long-standing hurdle to cloud deployment, may be on the wane, but the issue is still very much...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.