Industry Insights
Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Is Your Digital Transformation Secure? How to Tell if Your Team is on the Right Path
Originally published by Google Cloud. Written by David Stone, Office of the CISO, and Anton Chuvakin, Security Solution Strategy, Google Cloud. In our Security Leaders Survival Guide, we answer the tough questions about how to weave security throughout your digital transformation Digital transfor...
CISO Survival Guide: Vital Questions to Help Guide Transformation Success
Originally published by Google Cloud. Written by Anton Chuvakin, Security Solution Strategy, and David Stone, Office of the CISO, Google Cloud. Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how t...
Four Questions to Ask About Your Cloud Security Posture
Originally published by Lookout. Written by David Richardson, Vice President, Product, Lookout. For most organizations, the decision to adopt cloud technologies is a simple one. Cloud apps streamline operations and costs while enabling users to access resources from anywhere and on any device...
Cloud First to Cloud Smart: A Strategic Shift
Originally published by Tata Communications. Written by Rajesh Awasthi, Vice President & Global Head of Managed Hosting and Cloud Services, Tata Communications. The term ‘digital transformation’ has evolved for businesses, particularly in the last decade. What once meant a simple shift to virtual...
Overview of Digital Transformation Security: What, How, and Why?
A version of this blog was originally published by ScaleSec. By Justin Travis, ScaleSec. Cloud Security Alliance and ScaleSec are pleased to co-publish this security deep dive into Digital Transformation as part of promoting the upcoming Virtual CSA FinCloud Security Summit. Cloud Security Al...
Enabling Secure Cloud Migration to Enterprise Cloud Environments
Written by Andy Packham, Chief Architect and Senior Vice President, Microsoft Business Unit, and Syam Thommandru, Global Alliances and Product Management, Cybersecurity & GRC Services, HCLTech. Global enterprises are at an exciting new threshold of possibilities in the new normal. As remote work ...
Sealing Off Your Cloud’s Blast Radius
Originally published by Ermetic. Migrating to the cloud? Cloud security requires a shift in mindset from traditional on-premises security. Implementing relevant principles and practices, like for permissions management, can mitigate vulnerabilities and significantly reduce the blast radius of an ...
AWS Security Groups Guide
Originally published by Sysdig. Written by Brett Wolmarans, Sysdig. AWS Security Groups (and Network ACLs and VPCs) are some of the fundamental building blocks of security in your cloud environment. They are similar to firewalls, but are ultimately different. You have to understand this topic ve...
SANS 2022 Cloud Security Survey, Chapter 2: What Security and Compliance Worries Do IT Pros Have About the Cloud?
Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 2 of the SANS 2022 Cloud Security Survey. Chapter 1 is available here. Check back for future posts covering Chapters 3 and 4.The cloud is sold more and more as the answer to what ails IT,...
Managing Operational Complexity in Multicloud Environments
Written by Sandeep Shilawat, Cloud and IT Modernization Strategist, ManTech. Originally published on Forbes. With the benefits of cloud computing now clear, enterprises are racing to adopt cloud-based infrastructures.According to Synergy Research Group, spending on cloud computing exceeded spendi...
CSA Chapter Success Story: An Interview with the Japan Chapter Director
CSA’s chapters are made up of security professionals who volunteer to increase cloud security awareness in their local area and provide outreach for CSA research, education, and training resources. They work to solve cloud vulnerabilities and challenges by collaborating with other local experts i...
SANS 2022 Cloud Security Survey, Chapter 1: How Security Questions Are Affecting Cloud Usage Patterns
Originally published by Gigamon. Written by Chris Borales, Gigamon. Editor’s note: This post explores Chapter 1 of the SANS 2022 Cloud Security Survey.More and more enterprises have been migrating data and compute power to the cloud — but security woes have followed them there. Over the past seve...
Information Security Management and the Connectivity Gap: Solving for the Missing Links in Enterprise Information Security
Originally published by Tentacle. Written by Danielle Morgan, Tentacle. Let’s start with the basics: a foundational definition of Information Security management is the process of developing, maintaining, and continuously improving processes aligned with the main goal of ensuring sensitive data i...
Cybersecurity Awareness Month Doesn’t Have to Be Scary
Originally published by Blue Lava here. Written by Veronica Wolf, Director of Product & Content Marketing, Blue Lava. In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors surrounding cybersecurity. We’ve also gathered up a few resource...
Using the CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) as a Procurement Tool
IntroductionThe CSA STAR Consensus Assessment Initiative Questionnaire (CAIQ) is an industry-wide initiative to standardize security and risk management assessments of cloud computing vendors. The CAIQ was developed to provide a consistent way for cloud service providers (CSPs), customers, and th...
Higher Ed Campuses Have Digitized: Protecting Sensitive Data Requires a Unified Approach
Originally published by Lookout here. Written by Tony D'Angelo, Vice President, Public Sector, Lookout. Higher education institutions have long been subjected to ransomware and other cyber attacks, which has had a huge impact on their operations. In 2020 alone, ransomware attacks affected nearly ...
Do You See Yourself in Cyber? | Protect Yourself During Cybersecurity Awareness Month
Originally published by Alert Logic by HelpSystems on October 1, 2022. Written by Antonio Sanchez, Alert Logic. There’s more than ghosts and goblins to be on the lookout for in October. Phishers, hackers, and other nefarious characters are on the prowl – every day – trying to infiltrate your digi...
What is Cloud Data Security?
Originally published by Laminar Security here. Written by Andy Smith, Laminar Security. Shifting to the cloud is a necessary step in the digital transformation required for businesses to get and stay ahead. The cloud allows employees to access resources from almost anywhere at any time, enhances ...
How to Detect Ransomware
Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliOnce you know what ransomware is and how to protect your organization against it, it’s important to learn how to respond if a ransomware attack occurs. The first step: detecting the ransomware attack! The Detect Function of the National I...
Protecting Against Ransomware
Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliRansomware is a form of malware used by an attacker to encrypt a victim’s data and demand a ransom for the encryption key, which allows the victim access to their data. Part 1 of this blog series further explains what ransomware is and th...
Browse by Topic
Write for the CSA blog
Submit your blog proposalSign up to receive CSA's latest blogs
This list receives 1-2 emails a month.