50 Essential Cloud Security Blogs for IT Professionals and Cloud Enthusiasts

With revenue from the cloud computing sector expected to hit $411 billion by 2020, it’s no wonder that more and more companies are shifting their services to the cloud where flexibility and speed make it attractive for organizations looking to leverage a strong competitive edge. But operating in the cloud also gives rise to a range of security concerns.

We’re doing our part with the Threat Stack Cloud Security Platform^® and our newly launched Threat Stack Cloud SecOps Program℠. And since we believe that informed people make better decisions, we’ve made it part of our mission since day one to pass on reliable security information through the Threat Stack blog. Given the rapid pace of change in cybersecurity — along with the growing need to deal with infrastructure in transition as organizations build and manage increasingly sophisticated tech stacks — current, expert content is essential to good security.

Now, as proud as we are of our own blog, there’s a huge amount of excellent information produced by other organizations. So in this post, we’ve compiled details on fifty leading blogs that help professionals stay abreast of the latest news, information, and technologies related to cloud security.

Whether you’re looking for information on security trends, answers to hard core technical issues, or advice that will help you shape your organization’s security strategy, dive in and start indulging your love of all things related to cloud security.

To guide you, we’ve divided the blogs into the following five categories:

• Blogs by Cloud Security News and Information Blogs
• Blogs by Cloud Security Experts
• Blogs by IT Vendors
• Blogs by Cloud Vendor
• Cloud Security Education and Training Blogs

Note: There’s no implied ranking or preference in the lists that follow. All of these blogs provide great information and show a real commitment to excellence.

News and Information Blogs

These blogs bring insights from various industries on cloud security topics.

1. Infosecurity Magazine

@InfosecurityMag

There’s no need to leave your house if you want to attend a security conference. Just attend one of the virtual events hosted by the magazine and endorsed by leading security specialists. Infosecurity also frequently posts articles detailing cloud security concerns among different industries.

Three posts we like from Infosecurity Magazine:

• Cloud Security Concerns Surge
• Rush to the Cloud Risks Security Breaches
• Only Half of UK Firms Have Cloud Security Policy

2. CSO

@CSOonline

Security professionals in charge of managing cybersecurity receive valuable insight on some best practices to use in that fight. The blog receives contributions from some of the top security minds in the world.

Three posts we like from CSO:

• The future of computer security is machine vs machine
• Driving cybersecurity and digital transformation with cloud technologies
• Palo Alto Networks extends security to the big 3 public clouds

3. Security Week

@SecurityWeek

This respected publication is a go-to for leading IT leaders and security professionals. They provide in-depth analysis of the battle constantly being waged against threats to cloud platforms.

Three posts we like from Security Week:

• Malware is Pervasive Across Cloud Platforms: Report
• Seagate Patches Flaws in Personal Cloud
• GoFlex Products, Gozi Banking Trojan Uses “Dark Cloud” Botnet for Distribution

4. Cloud Computing News

@cloud_comp_news

Over 200,000 subscribers rely on Cloud Computing News to keep them up to date on the latest trends and best practices relating to cloud computing. The digital magazine often focuses on different aspects of cloud security.

Three posts we like from Cloud Computing News:

• Data centres and cloud networks: Security in the modern context
• Hybrid cloud security strategies analysed in new research
• How should businesses respond to the security challenges of multi-cloud?

5. Computerworld

@Computerworld

Computerworld touches on a wide range of cloud security topics ranging from using the cloud with cryptocurrency and managing technology from different cloud vendors.

Three posts we like from Computerworld:

• Blockchain and cryptocurrency may soon underpin cloud storage
• IT leaders say it’s hard to keep the cloud safe
• How to use iCloud Keychain: The guide

6. Computer Weekly

@ComputerWeekly

Get insights from over 750 contributors knowledgeable about all aspects of cybersecurity. Find out how CIOs and CTOs manage the challenges of protecting cloud assets.

Three posts we like from Computer Weekly:

• Network security in the digital transformation era
• The road to hybrid cloud
• Meltdown and Spectre: Making a case for greater public cloud use

7. SC Magazine

@SCMagazine

SC Magazine highlights the sobering reality of the type of headlines generated by failures in data security protection. They show why its important for adoptees of cloud architecture to have proper security protocols in place.

Three posts we like from SC Magazine:

• Multiple vulnerabilities including remote execution spotted in WDMyCloud products
• Cloud-based docs the new frontier for phishing attacks
• Unsecured AWS server exposed classified military intel

8. eSecurity Planet

@eSecurityP

eSecurity Planet brings readers access to everything from tutorials to analysis of the latest cloud security trends. It’s another great resource for security enthusiasts and professionals.

Three posts we like from eSecurity Planet:

• Redefining Cybersecurity to Protect Next-Generation Digital Transformation
• Types of Firewalls: What IT Security Pros Need to Know
• How Google Encrypts Data in the Cloud

9. Cloud Pro

@Cloudpro

CloudPro focuses on the business intelligence aspect of cloud architecture. The UK-based blog provides articles from the perspective of businesses transitioning to or looking into moving onto a cloud platform.

Three posts we like from Cloud Pro:

• Research dampens claims cloud providers are GDPR-ready
• What to look for in a secure cloud system
• The identity crisis: Password managers and your business

10. ZDnet

@ZDNet

ZDNet provides 24–7 coverage of news related to the technology industry. They often highlight important topics related to protecting data housed on cloud platforms.

Three posts we like from ZDNet:

• AWS traffic hijack: Users sent to phishing site in two-hour cryptocurrency heist
• Microsoft introduces Azure Sphere for securing IoT devices
• Enterprise cloud adoption outstrips cybersecurity capabilities

11. Dark Reading

@DarkReading

Get news on the latest threats being faced by businesses all over the world trying to protect assets and keep up trust in users. Find out how cloud vendors and security personnel fight against botnets, malware, and other threats trying to work their way through cloud platforms.

Three posts we like from Dark Reading:

• New Survey Shows Hybrid Cloud Confidence
• Microsoft to Roll Out Azure Sphere for IoT Security
• On-Premise Security Tools Struggle to Survive in the Cloud

12. CIO

@CIOonline

Get news and analysis on the continued efforts to bring public and private cloud platforms up to the security standards needed to fight against hackers. Get insight on the different approaches being taken by different providers.

Three posts we like from CIO:

• Only a safe cloud can fuel digital transformation
• How VMware is re-thinking security for the cloud era
• Stay out of security breach headlines: 3 things that must be addressed in your cloud agreement

13. Compare The Cloud

@comparethecloud

Get news, videos, and live broadcasts of discussions concerning what’s current in the world of cybersecurity. Find out about the various tools being employed by leading industry pros.

Three posts we like from Compare The Cloud:

• Open-source security: Can OpenStack really protect your cloud data?
• 8 Public Cloud Security Threats to Enterprises in 2018
• (Cloud + Security + Monitoring) – Challenges = Opportunity

14. Channel Pro

@channel_pro

Keep up with the struggles of enterprises as they transition from traditional infrastructure to the world of cloud architecture. Get an inside view of the strategies being employed to protect data and keep the trust of users.

Three posts we like from Channel Pro:

• The identity crisis: Password managers and your business
• 83% of organizations prioritize a high level of security in a cloud solution
• How to scale the cyber security spending summit

15. Help Net Security

@helpnetsecurity

Help Net Security gives you an independent view on different aspects of cloud and cybersecurity. Find out about the latest issues plaguing security pros and what they’re doing to combat theft of personal information.

Three posts we like from Help Net Security:

• 1-in-4 orgs using public cloud has had data stolen
• Experiences and attitudes towards cloud-specific security capabilities
• The driving force of cloud security investments

16. Data Center Journal

@DataCtrJournal

The Data Center Journal covers a number of topics of interest to IT industry professionals. They frequently write articles touching on the concerns of those managing security on cloud architecture.

Three posts we like from Data Center Journal:

• Cloud Security Trends
• Software Defined Security for Cloud-Based Architectures: The New Security Imperative
• Combating Cloud Security Threats: Tools and Best Practices

17. Health IT Security

@SecurityHIT

The healthcare industry faces its own unique challenges trying to meet federal requirements to protect the personal health information of patients. Consume information from webcasts, in-depth articles, and industry white papers.

Three posts we like from Health IT Security:

• How Compliance, Data Security Needs Shift with Big Data Push
• 45% of Orgs Claim Employees Biggest Cloud Security Risk
• Overcoming File Sharing, Healthcare Cloud Security Concerns

18. InfoWorld

@infoworld

InfoWorld hails from the IDG family of computing blogs. This one highlights different aspects of cybersecurity and the way it’s applied to cloud structures.

Three posts we like from InfoWorld:

• Enterprise IoT threatens to undermine cloud and IT security
• 5 key observations on cloud-native security
• A better model for cloud security

19. Krebs on Security

@briankrebs

Brian Krebs is an independent investigative journalist who writes about cybercrime. With thousands of articles under his belt, both at the Washington Post from 1995 to 2009 and now at Krebs on Security, his blog is a leading news source for both cloud security professionals and anyone with an interest in cybercrime.

Three posts we like from Krebs on Security:

• When Your Employees Post Passwords Online
• Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K
• Transcription Service Leaked Medical Records

20. Tech Republic

@TechRepublic

Learn more about the latest in cloud technology from top cloud vendors like Amazon, Microsoft, and IBM. Be one of the first in the know about the newest advances in cloud security.

Three posts we like from Tech Republic:

• Russian hackers take down Amazon DNS, steal $160K in cryptocurrency
• New Amazon class certifies cloud pros in securing data on AWS
• How Puresec aims to safeguard serverless applications from cyberattacks

21. Info Security Buzz

@Info_Sec_Buzz

ISBuzzNews is an independent source of news and analysis about what’s currently happening in the world of information security. Keep up with the latest in how various industries handle new regulations and threats to cloud platforms.

Three posts we like from Info Security Buzz:

• 2018 Cloud Security Report Released Today
• Cloud Security Alliance Issues New Code Of Conduct For GDPR Compliance
• Making The Cloud Security Experience As Safe, Sound, And Secure As Possible

22. Securosis

@securosis

Securosis researches the challenges faced by companies trying to maintain sound security protocols in the face of cyber threats from around the globe. Founded by the former Research Vice President of the Gartner security team, the company hopes to help businesses find ways to manage processes faster and more securely while saving money.

Three posts we like from Securosis:

• Wrangling Backoffice Security in the Cloud Age
• Wrangling Backoffice Security in the Cloud Age: Part 2
• How Cloud Security Managers Should Respond to Meltdown and Spectre

23. Bank Info Security

@BnkInfoSecurity

This multi-media website helps point companies toward the best tools available for risk management and keeping information safe. They frequently post interviews with insiders offering a unique perspective on the security challenges they face every day.

Three posts we like from Bank Info Security:

• Cloud Applications: The Challenges of Identity and Access
• Achieving Granular Visibility in the Cloud
• Managing Business Risks in the Cloud

24. CloudTweaks

@cloudtweaks

Read about cloud security from the perspective of security enthusiasts who’ve followed the advances of the cloud over the past decade. You’ll also get the scoop on the latest trends to watch for in cybersecurity.

Three posts we like from CloudTweaks:

• Cloud migration strategies and their impact on security and governance
• Helping G Suite customers stay secure with new proactive phishing protections and management controls
• Cisco’s Cloud Security Strategy is Driving Innovation and Growth

Cloud Security Expert Blogs

These blogs are from leading experts in security and cloud technology.

25. Rick’s Cloud

@RickBlaisdell

Rick spent 20 years overseeing product development and technology strategies for Fortune 500 companies. He uses that experience to clarify technology topics including cloud security.

Three posts we like from Rick’s Cloud:

• Cloud computing usage and security concerns – infographic
• 3 Cloud security threats
• Specific Reasons To Prioritize Digital Security

26. The Last Watchdog

@byronacohido

Bryan Acohido is a Pulitzer-winning journalist with a long career bringing important security topics to the forefront. He provides you with his own insight and often brings in other experts for a different take on different subjects.

Three posts we like from The Last Watchdog:

• MY TAKE: Epiphany strikes Amazon, Google, Microsoft about who bears burden for cloud security
• PODCAST: ‘Homomorphic encryption’ emerges as the Holy Grail of cloud computing
• GUEST ESSAY: Google study details how 9 million account logons get stolen every 24 hours

27. Graham Cluley

@gcluley

Graham Cluley’s been at the forefront of security challenges since the early 90s. He’s now an independent analyst looking to provide his own blunt take on security breaches and how consumers can best protect themselves.

Three posts we like from Graham Cluley:

• Locked out? Don’t worry, here’s the hardcoded password for your WD My Cloud NAS device
• Viacom cloud config goof exposed Paramount Pictures, Comedy Central, MTV, and more
• New cloud-based keylogger gaining momentum among criminals

28. Security Affairs

@securityaffairs

Founded by hacker and security analyst Pierluigi Paganini, this blog brings to light the ways cyber criminals go about trying to steal information. The grim headlines shore up the importance of putting strong security protocols in action.

Three posts we like from Security Affairs:

• Western Digital My Cloud flaws allows local attacker to gain root access to the devices
• Fappening – A fourth man has been charged with hacking into over 250 Apple iCloud accounts belonging to celebrities
• Cisco addresses a critical vulnerability in Cloud Services Platform (CSP)

29. Channel Futures

@ChannelFutures

Get all the news and insights you can handle from this independent technology network. They get answers from the top minds in the field on topics related to cloud security.

Three posts we like from Channel Futures:

• NexentaCloud Links On-Premises Customers to AWS Cloud
• Biggest Threats to Cloud Security
• Microsoft Reveals Secure End-to-End IoT Solution from Edge to Cloud

30. The New Stack

@thenewstack

The New Stack looks at the impact of tools built by developers and start-ups on the world. They focus on future-thinking technology and exciting new prospects.

Three posts we The New Stack:

• Containers and Compliance: Building Secure, Automated Systems on Amazon Web Services
• How to Scale Security with a Hardware Chain of Trust
• CPX 2018: Sizing Up Cloud Security Fallout from Spectre and Meltdown

IT Vendors

These blogs come from organizations that are creating technology to maximize the benefits of the cloud.

31. SumoLogic

@SumoLogic

SumoLogic provides machine data analytics to companies from around the globe. Their network of professionals often provides analysis and suggestions on best practices for cybersecurity.

Three posts we like from SumoLogic:

• Challenges to Traditional Cloud Computing: Security, Data, Resiliency
• Common AWS Security Threats and How to Mitigate Them
• Three Dragons to Slay in Threat Discovery and Investigation for the Cloud

32. Zettaset

@Zettaset

Zettaset helps companies by providing encrypted solutions for data center and cloud deployments. They aim their services at industries like healthcare, finance, and e-commerce.

Three posts we like from Zettaset:

• Top Challenges in Cloud Security for 2018
• IoT Security Challenges With Data and the Cloud
• AWS Encryption Keys Compromised in OneLogin Data Breach

33. Cipher Cloud

@ciphercloud

Cipher Cloud helps companies enact high-level security controls as they move their infrastructure to the cloud. Businesses from over 25 countries rely on their services.

Three posts we like from Cipher Cloud:

• The 4 Critical Ways to Get the Best Cloud Data Protection
• Why Cloud Security is Important
• Multi-Cloud Data Protection – A Cloud Security Must Practice

34. Equinix Blog

@Equinix

Equinix brings businesses together with their partners and customers within data centers located around the world. They often focus on the importance of maintaining a high security standard for cloud infrastructure.

Three posts we like from Equinix Blog:

• Can You Achieve HSM Security with Cloud Flexibility?
• 5 Things We Learned From Our Customers About Multicloud Security
• 5 Cloud Security Revelations From 2017

35. DoubleHorn

@DoubleHorn

DoubleHorn developed a cloud brokerage and management platform giving clients the freedom to manage every aspect of their cloud account for any provider. Find out how they feel about the need to enable strict cloud security standards.

Three posts we like from DoubleHorn:

• Four Emerging Cloud Security Challenges
• How Brokers Can Guide You To A More Secure Cloud Solution
• Securing A Small Business With Smart Cameras

36. Formtek

@Formtek_Inc

Formtek provides its content management software to industries like manufacturing, engineering, and aerospace. They believe strongly in the importance of building a solid cloud security base for any services or tools deployed to the cloud.

Three posts we like from Formtek:

• Cloud Computing Security: Multi-Cloud Infrastructure Provides Diversification but with Added Security Complexity
• Cloud Security: Balancing the Risk with the Benefits of Innovation
• Cloud Security: Market for Specialized Cloud Security Tools Grows Rapidly

37. Skyhigh

@McAfeeSkyhigh

Skyhigh helps businesses control the flow of data over the different cloud platforms they use. Now owned by McAfee, the technical professionals there often provide guidance on using different tools and some best practices for managing services for different cloud vendors.

Three posts we like from Skyhigh:

• 73 Azure Security Best Practices Everyone Must Follow
• New eBook – Definitive Guide to Azure Security
• Eight Security Capabilities You Need to Protect Your Amazon Web Services Infrastructure

38. Cisco Blog

@Cisco

Gain knowledge and insights from top minds currently employed by networking giant Cisco. Learn about their different approaches to cloud security.

Three posts we like from Cisco Blog:

• Cisco’s Cloud Security Strategy is Driving Innovation and Growth
• Stealthwatch Cloud: Securing the public cloud, without undercutting it
• The Apparent ‘Cloud Security Paradox’

39. Security Intelligence

@IBMSecurity

Read and learn from IBM’s top security resources. Find out what’s going on in the world of cybersecurity and what different vendors are doing to combat the threat of data theft.

Three posts we like from Security Intelligence:

• Nearly 4 in 10 IT Professionals Struggle to Detect and Respond to Cloud Security Incidents
• It’s Time to Bring Cloud Environments Out of the Shadows
• Cloud Security Is a Moving Target

Cloud Vendor Blogs

These blogs offer advice and best practices from various cloud providers.

40. Google Cloud

@googlecloud

Google’s Cloud Platform provides hosting, storage, networking, big data, and machine learning services to developers. Those who love the platform should be following this blog to get the latest on the most recent development advances.

Three posts we like from Google Cloud:

• Exploring container security: Digging into Grafeas container image metadata
• Introducing new ways to protect and control your GCP services and data
• Expanding our Google Cloud security partnerships

41. AWS Security Blog

@AWSSecurityInfo

Amazon’s security blog helps technical professionals and enthusiasts understand different aspects of the platform. Come here for detailed explanations on current and new features.

Three posts we like from AWS Security Blog:

• Understanding AWS CloudHSM Cluster Synchronization
• Classify sensitive data in your environment using Amazon Macie
• How to Use New Advanced Security Features for Amazon Cognito User Pools

42. Alibaba Cloud

@alibaba_cloud

Alibaba Cloud provides a suite of cloud hosting services to international companies as well as the Alibaba Group, a well-known e-commerce international giant. Get their insight on how enterprises should handle cloud security concerns.

Three posts we like from Alibaba Cloud:

• Why Public Cloud is Not a Security Concern
• Developing Secure Applications for the Cloud
• Web Application Firewall Cloud Options: Alibaba Cloud WAF & AWS WAF

43. IBM Cloud Security Blog

@IBMcloud

Hear directly from IBM Cloud professionals as they walk you through the best ways to approach security management for their cloud infrastructure.

Three posts we like from IBM Cloud Security Blog:

• Accelerating continuous security for apps on IBM Cloud
• IAmI prevents cyberattacks in real time with IBM Cloud
• 3 questions to ask your cloud provider about security for your SAP environment

Cloud Security Education and Training Blogs

These blogs bring you opportunities to receive more education on cloud security practices.

44. Cloud Academy

@CloudRank

Cloud Academy focuses on the business intelligence aspect of cloud architecture. The UK-based blog provides articles from the perspective of businesses transitioning to or looking into moving onto a cloud platform.

Three posts we like from Cloud Academy:

• New Whitepaper: Architecting ‘Security-First’ Into Cloud Strategy
• AWS Shared Responsibility Model: Cloud Security
• Cloud security, evaluating cloud platforms, and more with Cloud Academy’s Stuart Scott

45. Cloud Security Alliance

@cloudsa

Dive into content covering everything from Security to Big Data. Get certified in all aspects of managing cloud platforms by taking courses for Azure, Google Cloud, or AWS.

Three posts we like from Cloud Security Alliance:

• 34 Cloud Security Terms You Should Know
• Zero-Day in the Cloud – Say It Ain’t So
• Cloud Security and Compliance Is a Shared Responsibility

46. ISC2

@ISC2

ISC2 works to promote a culture of professionals who fully understand what’s needed to face down security threats. You’ll find tons of content and explanations of the different certifications you might be interested in pursuing.

Three posts we like from ISC2:

• CCSP Spotlight: David Schneider
• Security Practices for a More Secure Cloud
• Rideshare to the Cloud: Cloud Security & the Shared Responsibility Model

47. Intrisec

@IntrinsecTech

Take a leap into the field of security by signing up for one of the courses offered by the site. There’s also a blog with frequent updates on cyber and cloud security topics.

Three posts we like from Intrisec:

• CCSK vs CCSP: An Unbiased Comparison
• Cloud Disaster Recovery Rule 1: Downtime is an Option
• Cloud Disaster Recovery and Business Continuity

48. DZone

@DZone

Join over 1,000,000 developers looking to find out everything they can about building applications with cloud technology. There’s an abundance of free documentation available to everyone interested in creating a strong cloud infrastructure.

Three posts we like from DZone:

• Five Features of Information Security Every Cloud Platform Should Provide
• Want Data Security in the Public Cloud? Bring Your Own Encryption Keys
• Data Security Basics for Cloud and Big Data Landscapes

49. Azure Security

@AzureTeamSec

There’s nothing better than going to the source when it comes to learning about properly securing different aspects of Azure. Get whitepapers, learn about best practices, and start going through the proper check downs as you learn to manage the platform.

Three posts we like from Azure Security:

• Azure storage security overview
• Azure Network Security Best Practices
• Azure Data Encryption-at-Rest

50. Infosec Institute

@InfosecEdu

The institute allows you to take classes online or in a classroom setting. They provide you with a wealth of documentation on different certification paths and boast a 95% pass rate for their courses.

Three posts we like from Infosec Institute:

• Test your Cloud knowledge with these CCSP Sample Questions
• Five Reasons Why Security Professionals Need the Cloud
• Insider threats within the cloud

*** This is a Security Bloggers Network syndicated blog from Blog – Threat Stack authored by Bob Allin. Read the original post at: https://www.threatstack.com/blog/50-essential-cloud-security-blogs-for-it-professionals-and-cloud-enthusiasts