Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Milliseconds Matter: Defending Against the Next Zero-Day Exploit
Published: 03/14/2022

Written by Jim Routh, Virsec Zero-day exploits have made headline news over the past two years, attracting newfound attention from regulators and increasing pressure on software manufacturers and security leaders. The most recent exploit comes from the Log4J vulnerabilities. However, zero-day...

An Analysis of the 2020 Zoom Breach
Published: 03/13/2022

This case study is based off of CSA’s Top Threats to Cloud Computing: Egregious Eleven Deep Dive. The Deep Dive connects the dots between CSA Top Threats by using nine real-world attacks and breaches. Pulling from one of the case studies, this article provides a security analysis overview of the ...

DevSecOps: Mission-Critical to Enterprise Resilience
Published: 03/11/2022

This blog was originally published by Coalfire here. Written by Caitlin Johanson, Director, Application Security, Coalfire. Whatever tolerance we had for failure has been turned upside down in the cloud. The consequences, never greater. So, what’s the solution? Nothing is more important to en...

Predictions 2022: Five Threats That Will Impact Your Personal Data And Privacy
Published: 03/09/2022

This blog was originally published by Lookout here. Written by Firas Azmeh, General Manager, Personal Digital Safety & Carrier Partnerships, Lookout. It will be increasingly difficult to tell what is legitimate online‍ In Q1 of 2021, 4 in 10 people encountered an unsafe link while using their mob...

The Significance of PwnKit to Insider Threats
Published: 03/01/2022

This blog was originally published by Alert Logic here. Written by Josh Davies, Alert Logic. Alert Logic has been covering and tracking PwnKit since its initial discovery, and we’ve developed the appropriate detection and coverage to both determine exposure and identify compromises. PwnKit all...

CSA Summit Coming to Minneapolis, MN
Published: 02/19/2022

Written by Rachel Soanes, Director of Marketing and Communications for CSA MN Chapter BOD Cloud Security Alliance - Minnesota Chapter is excited to announce the first ever regional CSA Midwest Summit coming to Minneapolis, MN on April 5th, 2022. CSA MN is very excited to be co-hosting this event ...

Ransomware Remains a Dominant Threat to Enterprises in 2022
Published: 02/17/2022

This blog was originally published by BitSight here. Written by Marc Saltzman, Technology Journalist & Podcast Host of Tech It Out. What the disturbing trend means for your organization and third-party vendorsAs we start a new calendar year –nearly 24 months since the global pandemic started – ra...

Protecting People from Recent Cyberattacks
Published: 02/15/2022

This blog was originally published by Microsoft on December 6, 2021. Written by Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft. The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel. In documents tha...

What is Cloud Penetration Testing?
Published: 02/12/2022

Written by the CSA Top Threats Working Group. Also known as ethical hacking, cloud penetration testing evaluates security and discovers vulnerabilities by utilizing hacker tools and techniques. Security testing in general is crucial to the security assurance of cloud environments, systems and dev...

What Monsters are Lurking Around the Corner? 2022 Cybersecurity Watch List
Published: 02/02/2022

This blog was originally published on Anjuna.io, the Confidential Cloud company. One thing we’ve learned from the last few years is that the potential perils from cyber attacks are coming more frequently and in new and different guises. We’ve already experienced the SolarWinds supply chain brea...

A Look at the Top Cyber Attacks of 2021
Published: 01/27/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. Across the globe, recent cyberattacks have been occurring at an alarmingly high rate. Specifically, ransomware attacks are a major concern among today’s businesses, governments, schools, and individuals. Ransomw...

On the Cyber Horizon
Published: 01/20/2022

This blog was originally published by KPMG on December 16, 2021. Written by David Ferbrache, KPMG. As 2021 draws to a close, we see a world still challenged by COVID-19, necessitating new business models, new channels and a shift (perhaps for the long term) to remote and hybrid working. But one t...

The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat
Published: 01/20/2022

This blog was originally published on 1/10/22 by Onapsis. Written by: Onapsis Research Labs and JP Perez-Etchegoyen, CTO, Onapsis. Last week, researchers from Sygnia’s Incident Response team released a report detailing the activities of a threat group they’ve named Elephant Beetle. Compiled f...

3 Key Security Threats Facing Retail Today
Published: 01/17/2022

This blog was originally published by BigID here. Written by Kimberly Steele, BigID. The retail space has always been on the front lines of security threats. Most shoppers need only consult their latest inbox notifications to find evidence of a recent breach that exposed their personal or sensiti...

How SSO and SaaS Make Spear-phishing Attacks More Dangerous
Published: 01/05/2022

Written by Varonis If you watch in real-time the actual tools that hackers use to compromise services and leverage that access to devastating purpose much of the theoretical questions of “Could we really get hit by an attack?” and “How bad could it really be?” fly out the window. Reality hits par...

Data Security is Physical Security
Published: 12/21/2021

This blog was originally published by Authomize here. Written by Gabriel Avner, Authomize. Online streaming platform Twitch was hacked last week and the memes were fantastic.In case you missed it, a hacker reportedly stole 125 GB of valuable data from the Amazon-owned streaming service. The stole...

HTML Smuggling Evades Traditional Cybersecurity Solutions
Published: 12/13/2021

This blog was originally published by ZTEdge here. Written by Nick Kael, Chief Technology Officer, ZTEdge. Microsoft’s 365 Defender Threat Intelligence Team recently issued a warning about a worrying increase in HTML smuggling attacks, in which hackers “smuggle” encoded malicious script via ema...

DNS-Layer Security: The Ultimate Guide to What It Is and Why You Need It
Published: 12/09/2021

Originally Published by Cisco on March 10, 2020. Written by Lorraine Bellon, Cisco. If you’re like most people, you probably don’t pay much attention to the domain name system (DNS) or worry about investing in cloud-based DNS-layer security. After all, the hallmark of well-functioning DNS servers...

Does Your Supply Chain Have a Nasty Surprise for You?
Published: 12/07/2021

This blog was originally published by Avanade here. Written by Rajiv Sagar, Avanade. Only 14% of Japanese business and IT executives know how well their partners and suppliers are enhancing their own cybersecurity—and that’s less than half the global average of 29%, according to research from Acc...

Instant Messaging Could Take Down Your Network
Published: 12/03/2021

This blog was originally published by Ericom here. By Mendy Newman, Ericom. Individuals who value both convenience and privacy – which means almost all users – depend on instant messaging (IM) apps to communicate across all aspects of their personal lives. Every time we open a new chat, Whats...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.