Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
Understanding Data Protection Needs in a Cloud-Enabled Hybrid Work World
Published: 03/24/2023

Originally published by Netskope. Written by Carmine Clementelli. Netskope partnered with the Cloud Security Alliance to release the Data Loss Prevention (DLP) and Data Security Survey Report, a survey focused on data protection needs in cloud and hybrid work environments. Unsurprisingly, the...

Doubled-up and Disorganized DLP Strategies Leave Organizations Desiring Simpler Management
Published: 03/17/2023
Author: Hillary Baron

With the reduction and elimination of many traditional perimeters, the popularization of zero trust security strategies, and an increased attention on data breaches, an even greater focus has been placed on data security in recent years. For many organizations, data loss prevention (DLP) solution...

5 Key Findings for Cloud Data Security Professionals from ESG's Survey
Published: 03/02/2023

Originally published by Sentra. Securing sensitive cloud data is a key challenge and priority for 2023 and there's increasing evidence that traditional data security approaches are not sufficient. Recently, Enterprise Strategy Group surveyed hundreds of IT, Cloud Security, and DevOps professional...

How Confident Are You in Your Security Posture?
Published: 01/30/2023

Originally published by Contino. Written by Marcus Maxwell, Security Practice Lead, Contino. Comparison might be the thief of joy, but it can also be a vital sign that you’re on the right (or wrong) track. Our customers often ask us how their security postures compare to those of other organisati...

Who Has Control: The SaaS App Admin Paradox
Published: 01/23/2023

Originally published by Adaptive Shield. Written by Eliana Vuijsje, Adaptive Shield. Imagine this: a company-wide lockout to the company CRM, like Salesforce, because the organization's external admin attempts to disable MFA for themselves. They don't think to consult with the security team and d...

SANS 2022 Cloud Security Survey, Chapter 3: How Do Enterprises Keep Their Cloud Infrastructure Secure?
Published: 01/18/2023

Originally published by Gigamon.Editor’s note: This post explores Chapter 3 of the SANS 2022 Cloud Security Survey. Read Chapter 1 and Chapter 2. And check back or future posts covering Chapter 4.There’s been a cloud land rush over the past few years as more and more organizations move compute an...

5 Key Takeaways from the 2022 Compliance Benchmark Report
Published: 12/28/2022

Originally published by A-LIGN. Written by Patrick Sullivan, A-LIGN. Our 2022 Compliance Benchmark Report detailed how organizations are navigating the current compliance landscape, as well as how they are preparing for the future. By surveying more than 200 cybersecurity, IT, quality assurance, ...

7 Significant Findings from the 2022 SaaS Security Survey Report
Published: 12/19/2022

Originally published by Adaptive Shield. Written by Eliana Vuijsje, Adaptive Shield. Last year, we spearhead our first annual SaaS Security Survey Report, where the findings illuminated the SSPM landscape and where the market was holding. In the 2022 SaaS Security Survey Report, in collaborat...

SANS 2022 Cloud Security Survey, Chapter 2: What Security and Compliance Worries Do IT Pros Have About the Cloud?
Published: 12/14/2022

Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 2 of the SANS 2022 Cloud Security Survey. Chapter 1 is available here. Check back for future posts covering Chapters 3 and 4.The cloud is sold more and more as the answer to what ails IT,...

The Latest PKI and IoT Trends Study from Ponemon is Out, and Here's What We Found
Published: 12/12/2022

Originally published by Entrust. Written by Samantha Mabey, Entrust. The 2022 PKI and IoT Trends Study conducted by the Ponemon Institute is out, and Entrust is pleased to be the sponsor for the 8th consecutive year. Just to recap, the survey collects feedback from over 2,500 IT professionals aro...

Data States Security Experts Unhappy With Traditional Tokenization
Published: 12/08/2022

Originally published by Titaniam. Titaniam’s 2022 State of Enterprise Tokenization Survey shows that the vast majority of cybersecurity experts are dissatisfied with their current tokenization tools. In fact, despite spending 1 million dollars annually on tokenization security tools, 99% of respo...

SANS 2022 Cloud Security Survey, Chapter 1: How Security Questions Are Affecting Cloud Usage Patterns
Published: 11/17/2022

Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 1 of the SANS 2022 Cloud Security Survey.More and more enterprises have been migrating data and compute power to the cloud — but security woes have followed them there. Over the past seve...

The Biggest Cloud and Web Security Concerns Today
Published: 09/24/2022
Author: Megan Theimer

With the continuation of remote work and newsworthy cyber attacks, organizations are struggling to adapt their overall security strategies to the changing landscape. To get a better understanding of the industry’s current attitudes regarding cloud and web security risks, Proofpoint commissioned C...

Survey: What Short Training Courses Most Interest You?
Published: 09/24/2022
Author: Megan Theimer

CSA is in the process of developing a series of 1 hour micro-training courses that provide potential CPE credits. These courses provide a high-level primer on some of the most critical cloud security topics. Based on research by CSA’s expert working groups, they build upon your cybersecurity know...

The State of Cloud Data Security
Published: 08/22/2022
Author: Megan Theimer

We know that the cloud is ever growing in popularity, with new organizations undergoing their digital transformations each day. However, when it comes to security, particularly the security of our most sensitive data, are organizations keeping up with the pace of cloud adoption?To answer this que...

The State of Remote Work Offboarding Security
Published: 08/01/2022

Written by Marie Prokopets, Co-founder and COO, Nira. As companies switch to remote, distributed, and hybrid workforces, security risks related to offboarding have grown. When employees leave or change roles, organizations must protect their sensitive data from accidental or malicious data ex...

The State of Data Security in 2022
Published: 05/02/2022

This blog was originally published by BigID here. Written by Neil Patel, BigID. Data is an organization’s single most valuable asset, relied upon to make critical strategic and operational decisions every day. Much of this information is highly sensitive or critical — and in some cases vulnerable...

Multi Cloud Security
Published: 02/17/2022

Written by Madhukeshwar Bhat, Director, Chapter Development, CSA Bangalore, and Rob Aragao, Chief Security Strategist, CyberRes “Computing may someday be organized as a public utility just as the telephone system is a public utility”- Prof. John McCarthy at MIT’s centennial celebration in 1961.T...

Evolution of Cloud Security and Privacy Technologies
Published: 02/03/2022

Written by Satyavathi Divadari of Micro Focus CyberRes Organizations accelerated digitization and cloud transformation rapidly in the last two years to offer customer digital services from anywhere while balancing Cyber Resilience requirements. Technologies for Security and Privacy evolved to a ...

DevSecOps and Misconfigurations: Key Facts to Know
Published: 11/21/2021
Author: Hillary Baron

Secure DevOps, DevSecOps, and “shifting left” have become increasingly popular terms in cybersecurity. With the rapid increase both in volume and speed to delivery of applications, attacks on applications have also increased in both volume and complexity. Combine this with the shortage of cyberse...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
Last »