Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
Is Your Digital Transformation Secure? How to Tell if Your Team is on the Right Path
Published: 03/14/2023

Originally published by Google Cloud. Written by David Stone, Office of the CISO, and Anton Chuvakin, Security Solution Strategy, Google Cloud. In our Security Leaders Survival Guide, we answer the tough questions about how to weave security throughout your digital transformation Digital transfor...

CISO Survival Guide: Vital Questions to Help Guide Transformation Success
Published: 02/22/2023

Originally published by Google Cloud. Written by Anton Chuvakin, Security Solution Strategy, and David Stone, Office of the CISO, Google Cloud. Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how t...

Four Questions to Ask About Your Cloud Security Posture
Published: 02/15/2023

Originally published by Lookout. Written by David Richardson, Vice President, Product, Lookout. For most organizations, the decision to adopt cloud technologies is a simple one. Cloud apps streamline operations and costs while enabling users to access resources from anywhere and on any device...

Cloud First to Cloud Smart: A Strategic Shift
Published: 02/13/2023

Originally published by Tata Communications. Written by Rajesh Awasthi, Vice President & Global Head of Managed Hosting and Cloud Services, Tata Communications. The term ‘digital transformation’ has evolved for businesses, particularly in the last decade. What once meant a simple shift to virtual...

Overview of Digital Transformation Security: What, How, and Why?
Published: 02/06/2023

A version of this blog was originally published by ScaleSec. By Justin Travis, ScaleSec. Cloud Security Alliance and ScaleSec are pleased to co-publish this security deep dive into Digital Transformation as part of promoting the upcoming Virtual CSA FinCloud Security Summit. Cloud Security Al...

Enabling Secure Cloud Migration to Enterprise Cloud Environments
Published: 01/20/2023

Written by Andy Packham, Chief Architect and Senior Vice President, Microsoft Business Unit, and Syam Thommandru, Global Alliances and Product Management, Cybersecurity & GRC Services, HCLTech. Global enterprises are at an exciting new threshold of possibilities in the new normal. As remote work ...

Sealing Off Your Cloud’s Blast Radius
Published: 12/28/2022

Originally published by Ermetic. Migrating to the cloud? Cloud security requires a shift in mindset from traditional on-premises security. Implementing relevant principles and practices, like for permissions management, can mitigate vulnerabilities and significantly reduce the blast radius of an ...

AWS Security Groups Guide
Published: 12/15/2022

Originally published by Sysdig. Written by Brett Wolmarans, Sysdig. AWS Security Groups (and Network ACLs and VPCs) are some of the fundamental building blocks of security in your cloud environment. They are similar to firewalls, but are ultimately different. You have to understand this topic ve...

SANS 2022 Cloud Security Survey, Chapter 2: What Security and Compliance Worries Do IT Pros Have About the Cloud?
Published: 12/14/2022

Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 2 of the SANS 2022 Cloud Security Survey. Chapter 1 is available here. Check back for future posts covering Chapters 3 and 4.The cloud is sold more and more as the answer to what ails IT,...

Managing Operational Complexity in Multicloud Environments
Published: 11/29/2022

Written by Sandeep Shilawat, Cloud and IT Modernization Strategist, ManTech. Originally published on Forbes. With the benefits of cloud computing now clear, enterprises are racing to adopt cloud-based infrastructures.According to Synergy Research Group, spending on cloud computing exceeded spendi...

CSA Chapter Success Story: An Interview with the Japan Chapter Director
Published: 11/19/2022
Author: Megan Theimer

CSA’s chapters are made up of security professionals who volunteer to increase cloud security awareness in their local area and provide outreach for CSA research, education, and training resources. They work to solve cloud vulnerabilities and challenges by collaborating with other local experts i...

SANS 2022 Cloud Security Survey, Chapter 1: How Security Questions Are Affecting Cloud Usage Patterns
Published: 11/17/2022

Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 1 of the SANS 2022 Cloud Security Survey.More and more enterprises have been migrating data and compute power to the cloud — but security woes have followed them there. Over the past seve...

Information Security Management and the Connectivity Gap: Solving for the Missing Links in Enterprise Information Security
Published: 11/01/2022

Originally published by Tentacle. Written by Danielle Morgan, Tentacle. Let’s start with the basics: a foundational definition of Information Security management is the process of developing, maintaining, and continuously improving processes aligned with the main goal of ensuring sensitive data i...

Cybersecurity Awareness Month Doesn’t Have to Be Scary
Published: 10/24/2022

Originally published by Blue Lava here. Written by Veronica Wolf, Director of Product & Content Marketing, Blue Lava. In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors surrounding cybersecurity. We’ve also gathered up a few resource...

Using the CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) as a Procurement Tool
Published: 10/22/2022
Author: John DiMaria

IntroductionThe CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) is an industry-wide initiative to standardize security and risk management assessments of cloud computing vendors. The CAIQ was developed to provide a consistent way for cloud service providers (CSPs), customers, and th...

Higher Ed Campuses Have Digitized: Protecting Sensitive Data Requires a Unified Approach
Published: 10/21/2022

Originally published by Lookout here. Written by Tony D'Angelo, Vice President, Public Sector, Lookout. Higher education institutions have long been subjected to ransomware and other cyber attacks, which has had a huge impact on their operations. In 2020 alone, ransomware attacks affected nearly ...

Do You See Yourself in Cyber? | Protect Yourself During Cybersecurity Awareness Month
Published: 10/17/2022

Originally published by Alert Logic by HelpSystems on October 1, 2022. Written by Antonio Sanchez, Alert Logic. There’s more than ghosts and goblins to be on the lookout for in October. Phishers, hackers, and other nefarious characters are on the prowl – every day – trying to infiltrate your digi...

What is Cloud Data Security?
Published: 10/14/2022

Originally published by Laminar Security here. Written by Andy Smith, Laminar Security. Shifting to the cloud is a necessary step in the digital transformation required for businesses to get and stay ahead. The cloud allows employees to access resources from almost anywhere at any time, enhances ...

How to Detect Ransomware
Published: 10/08/2022
Author: Megan Theimer

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliOnce you know what ransomware is and how to protect your organization against it, it’s important to learn how to respond if a ransomware attack occurs. The first step: detecting the ransomware attack! The Detect Function of the National I...

Protecting Against Ransomware
Published: 10/07/2022
Author: Megan Theimer

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliRansomware is a form of malware used by an attacker to encrypt a victim’s data and demand a ransom for the encryption key, which allows the victim access to their data. Part 1 of this blog series further explains what ransomware is and th...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
3
4
5
Last »