Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Log4j Vulnerability: Threat Intelligence and Mitigation Strategies to Protect Your SAP Applications
Published: 03/30/2022

This blog was originally published by Onapsis on February 9, 2022. Written by Onapsis Research Labs. On Thursday, December 9, a critical vulnerability (CVE-2021-44228) in Apache log4j, a widely used Java logging library, was made public. Some are calling it “the most serious vulnerability they ...

Cyber Attacks in Russia’s Invasion of Ukraine
Published: 03/25/2022

This blog was originally published by Orca Security on March 11, 2022. Written by Bar Kaduri, Orca Security. The modern internet has drastically changed the landscape of threats. It created a new dimension where countries and individuals can affect, disrupt and demolish systems that comprise our ...

Adopting AI-based Attack Detection
Published: 03/24/2022

This blog was originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. The security industry is long-overdue for real innovation with the practical application of emerging technologies around automation, machine learning, and artificial intelligence for...

Scam and Circumstance
Published: 03/19/2022
Author: Olivia Rempe

If a burglar breaks into your home and steals your TV, the first thing you do is what was taught back in kindergarten: call 911. Within minutes the authorities will arrive at your doorstep and work tirelessly to resolve this. In the digital world, if someone hacks into your computer and steals yo...

Prioritizing Data Security in 2022: Where Should You Start?
Published: 03/15/2022

This blog was originally published by PKWARE here. Written by Chris Pin, VP, Security & Privacy, PKWARE. The start of a new year is always rife with resolutions, both personal and professional. Many of us begin to take stock of what we deem most important to focus on, and businesses are no exce...

Latest Security Vulnerabilities Breakdown: February 2022
Published: 03/14/2022

This blog was originally published by Schellman here. Written by Jacob Ansari, Chief Information Security Officer, Schellman. In his play Julius Caesar, Shakespeare famously portrays a soothsayer as warning Caesar to beware the Ides of March, forever giving the otherwise innocuous middle of the m...

Milliseconds Matter: Defending Against the Next Zero-Day Exploit
Published: 03/14/2022

Written by Jim Routh, Virsec Zero-day exploits have made headline news over the past two years, attracting newfound attention from regulators and increasing pressure on software manufacturers and security leaders. The most recent exploit comes from the Log4J vulnerabilities. However, zero-day...

An Analysis of the 2020 Zoom Breach
Published: 03/13/2022

This case study is based off of CSA’s Top Threats to Cloud Computing: Egregious Eleven Deep Dive. The Deep Dive connects the dots between CSA Top Threats by using nine real-world attacks and breaches. Pulling from one of the case studies, this article provides a security analysis overview of the ...

The Significance of PwnKit to Insider Threats
Published: 03/01/2022

This blog was originally published by Alert Logic here. Written by Josh Davies, Alert Logic. Alert Logic has been covering and tracking PwnKit since its initial discovery, and we’ve developed the appropriate detection and coverage to both determine exposure and identify compromises. PwnKit all...

CSA Summit Coming to Minneapolis, MN
Published: 02/19/2022

Written by Rachel Soanes, Director of Marketing and Communications for CSA MN Chapter BOD Cloud Security Alliance - Minnesota Chapter is excited to announce the first ever regional CSA Midwest Summit coming to Minneapolis, MN on April 5th, 2022. CSA MN is very excited to be co-hosting this event ...

Protecting People from Recent Cyberattacks
Published: 02/15/2022

This blog was originally published by Microsoft on December 6, 2021. Written by Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft. The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel. In documents tha...

ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention
Published: 02/14/2022

This blog was originally published by Onapsis on February 8, 2022. Written by JP Perez-Etchegoyen and the Onapsis Research Labs. Detailed research from the Onapsis Research Labs throughout 2021 around HTTP Response Smuggling led to the recent discovery of a set of extremely critical vulner...

What You Need to Know About Keeping Your Uber Business Account Safe
Published: 02/08/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. As a leading rideshare app, Uber is recognized worldwide. Today, this rideshare platform has 93 million riders and 3.5 million drivers. If your business uses Uber for work-related trips, food deliveries, or bicy...

Cyber Risks Haunt Energy and Natural Resource Sector
Published: 01/31/2022

This blog was originally published by KPMG here. Written by Ronald Heil, KPMG. Imagine connected sensors that dispatch a repair crew to a fraying pipeline, laser ‘guard rails’ that prevent tanker trucks from backing off piers, and smart systems that prompt the power company to recharge your elect...

A Look at the Top Cyber Attacks of 2021
Published: 01/27/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. Across the globe, recent cyberattacks have been occurring at an alarmingly high rate. Specifically, ransomware attacks are a major concern among today’s businesses, governments, schools, and individuals. Ransomw...

Why You Need Vulnerability Management for Business-Critical Applications
Published: 01/26/2022

This blog was originally published by Onapsis here. This blog is the fourth of a five-part series on the importance of protecting business-critical applications. In our first three blogs, we share how rapid digital transformation projects, cloud migration, and the rise of cybercrime have left org...

The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat
Published: 01/20/2022

This blog was originally published on 1/10/22 by Onapsis. Written by: Onapsis Research Labs and JP Perez-Etchegoyen, CTO, Onapsis. Last week, researchers from Sygnia’s Incident Response team released a report detailing the activities of a threat group they’ve named Elephant Beetle. Compiled f...

3 Key Security Threats Facing Retail Today
Published: 01/17/2022

This blog was originally published by BigID here. Written by Kimberly Steele, BigID. The retail space has always been on the front lines of security threats. Most shoppers need only consult their latest inbox notifications to find evidence of a recent breach that exposed their personal or sensiti...

Securing Data Lakes in a Data Centric World
Published: 01/14/2022

Written by Dr. Diane Murphy, Marymount University and Oliver Forbes, NTT DATA Data allows the business of today to optimize performance, investigate fraud and discover solutions to problems that we didn't even know the question to. At the heart of such are the inner workings of expansive data lak...

How SSO and SaaS Make Spear-phishing Attacks More Dangerous
Published: 01/05/2022

Written by Varonis If you watch in real-time the actual tools that hackers use to compromise services and leverage that access to devastating purpose much of the theoretical questions of “Could we really get hit by an attack?” and “How bad could it really be?” fly out the window. Reality hits par...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.