Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Building A SaaS Security Program: A Quick Start Guide
Published: 09/28/2021

Written by Bryan Solari, AppOmni Every few years a new technology takes hold of businesses worldwide, expanding adoption at a speed that far outpaces our ability to secure it. Inevitably, the security shortfalls of this technology become known, and we build risk mitigation strategies that mel...

From CapEx to OpEx, and Greater Security
Published: 09/13/2021

This blog was originally published by CyberCrypt here.In the cloud, cloud service providers (CSPs) manage the infrastructure they control—where organizational data and applications are stored—and perform the patching and updates so that the applications they use remain current.These advantages ar...

Here are Five Key Takeaways to Build a Best-in-Breed Security Architecture for Your Enterprise
Published: 09/03/2021

Written by Fausto Lendeborg, CEO, Secberus.Secberus was invited to participate in Plug and Play’s (PnP) Partnerships Transforming Healthcare: Healthcare and the Cloud event. Our CEO, Fausto Lendeborg was accompanied by Edmond Mack, VP Security Architecture at GSK as well as Jennifer Thomas, Manag...

What are the Most Common Cloud Computing Service Delivery Models?
Published: 08/24/2021

This blog was originally published by Alert Logic here.Written by Angelica Torres-Corral, Alert Logic.Cloud computing has transformed the way companies use technology, and your organization stands to gain a lot from migrating to a cloud solution. But which service delivery model is right for you...

Security Agents Don’t Belong In Your Cloud!
Published: 08/18/2021

This blog was originally published by Blue Hexagon here. Written by Saumitra Das, Blue Hexagon. COVID-19 has significantly accelerated migration to the cloud as organizations enable an increasingly remote workforce and adopt cloud-native services to serve increasingly online customers. Unfortunat...

The Importance of Properly Scoping Cloud Environments
Published: 08/05/2021

PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) recently released a joint industry threat bulletin highlighting the importance of properly scoping cloud environments. In this blog, the PCI SSC and CSA share guidance and best practices for properly scoping cloud envi...

Will New Executive Order on Cybersecurity Fast Track Zero Trust?
Published: 07/13/2021

This blog was originally published by Bitglass hereWritten by Jonathan Andresen, BitglassOn May 12, US President Biden issued a landmark executive order on Improving the Nation’s Cybersecurity that signals the need for governments and enterprises alike to boost their cyber defenses around the pri...

Cloud Security: 5 Lessons I Learned the Hard Way
Published: 07/09/2021

This blog was originally published by OpsCompass hereWritten by John Grange, OpsCompassIt’s 2021, and it’s clear that cloud is a global IT trend relevant to every company, regardless of size or industry. The main cloud infrastructure providers (AWS, Azure, and GCP), as well as their local alterna...

​The Case for Identity Modernization
Published: 06/14/2021

Written by Eric Leach, Co-founder and Chief Product Officer of Strata Identity Companies have been deploying on-premises identity products for over two decades. It worked pretty well for the most part — managing accounts, provisioning, and authenticating users — when everything was inside the ...

How CSPs Can Make the Security and Compliance Evaluation Process Easier for Financial Institutions
Published: 06/02/2021

This blog was originally published by Oracle hereOracle author: Maywun Wong, Director, Product MarketingContributed by: Steven D'Alfonso, Research Director, IDC Financial InsightsSo, you have finally decided to move applications to the cloud. But your board's risk committee wants assurance that s...

Five Approaches for Securing Identity in Cloud Infrastructure
Published: 05/20/2021

Written by Shai MoragAs clouds have drifted into the mainstream of business, it has become clear that they offer numerous advantages. They streamline processes, cut costs and create new ways to work. In some cases, the benefits are transformative. However, there’s a dark side to the public cloud,...

Cloud Security for SaaS Startups Part 2: Application & Platform Security
Published: 05/03/2021

Based on the Cloud Security for Startups guidelines written by the CSA Israel ChapterAs a SaaS startup, how can your organization ensure you implement proper security for your applications and platforms? In this blog we provide a preview of the information and guidelines available in the Cloud Se...

How to Secure Cloud Non-Native Workloads
Published: 04/26/2021

This blog was originally published by Intezer here.Not All Applications are Cloud-NativeCompanies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional applications are simply “lifted and shifted” to the cloud as a first step in the cloud transformat...

Introduction to the NIST Cybersecurity Framework
Published: 04/21/2021

This blog was originally published by OpsCompass hereWritten by Kevin Hakanson, OpsCompassSecurity Framework Based on Standards, Guidelines, and PracticesThe NIST Cybersecurity Framework (NIST CSF) was created via a collaboration between the United States government and industry as a voluntary fr...

​Cloud-Native Security Starts with the Cloud
Published: 04/07/2021

Oracle author: Maywun Wong, Director, Product MarketingContributed by: Frank Dickson, IDC, Program Vice President, Security & Trust“Cloud-native security!” is the battle cry of the day. We all want it. But what is it? Everyone seems to define it differently. My suggestion is that any discussi...

Cloud Security for SaaS Startups Part 1: Requirements for Early Stages of a Startup
Published: 02/19/2021

Based on the Cloud Security for Startups guidelines written by the CSA Israel ChapterBackground Information security is a complicated subject even for mature enterprises, so it’s no wonder that startups find the area challenging. Planning, implementing and maintaining good-practice security are n...

How to avoid the biggest mistakes with your SaaS security
Published: 02/08/2021

This blog was originally published on Wandera.comWritten by Alex Powell at WanderaThe biggest mistakes in SaaS securityThe popularity of SaaS applications for businesses continues to grow with 95% of businesses hosting sensitive information in the cloud. Traditional security models and boundary-f...

The Evolution of Cloud Computing and the Updated Shared Responsibility
Published: 02/04/2021

Written by Vishwas Manral, Founder and CEO at NanoSec, CSA Silicon Valley Chapter.Cloud computing has changed over the last 10 years. This blog captures the reason why the original service models are no longer sufficient as a result of the changes in the cloud landscape with the growth of Contain...

Transitioning Traditional Apps into the Cloud
Published: 02/03/2021

Contributed by IntezerFor organizations, cloud adoption is the primary driver of digital transformation and modernizing traditional applications to cloud constructs is a major milestone. Cloud opens up a world of opportunities, with a choice of IaaS, PaaS, and SaaS as deployment models.Organizati...

CCSK Success Stories: from a Cybersecurity Engineer
Published: 01/31/2021

In this blog series we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage knowledge from the Certificate of Cloud Security Knowledge (CCSK) in their current roles. In this blog we'll be interviewing Lucas, a Cyb...

Browse by Topic
Write for the CSA blog
Submit your blog proposal