Tuesday, May 16, 2023
Native data protection in the cloud: A step-by-step journey

Protecting your cloud-native data is a multi-stage effort. A thorough data discovery and classification exercise, is the starting point on this odyssey. An understanding of cloud host- or product-provided protective capabilities is another critical step. This journey will require iterations that involve multiple and most likely disparate engineering teams – but the end result is a truly stronger security posture. This session will take us through these steps and how to optimally implement them.

Andres Andreu
A CSPM, CWP, and a SIEM walk into a bar…

In the evolving landscape of cloud threats, oftentimes the simple things get overlooked and being able to tie together disparate events becomes more difficult. In this session we will walk through how you can combine events from your posture management tools, cloud runtime tools, and various cloud logs to be able to create a complete picture of events that have unfolded in your cloud environments. We will re-create an attack scenario and walk through how to both detect and prevent the attack.

Scott Holt
The Security Leader’s Guide to Detecting and Responding to Threats in the Cloud

Challenges continue to grow for security leaders as the organizations they support rapidly adopt and expand services across different cloud environments. As leaders grapple with how to detect and respond to threats, misconfigurations and policy violations across multi-cloud environments, containers and Kubernetes, they are faced with limited visibility, a rapidly evolving threat landscape and a lack of staffing with the necessary skill sets in cloud security.

In this session, James Hastings, Sr. Cloud Product Manager, at eSentire and Tim Chase, Field CISO at Lacework, will break down some of the top cloud security challenges backed by new security research and share insights on:
•    The top security challenges security leaders face when it comes to cloud platforms, workloads and staffing.
•    Best practices and recommendations on how Cloud Security Posture Management (CSPM) + Workload and Application Protection (CWPP/CNAPP) with 24/7 Response can solve these challenges with 24/7 response can solve these challenges.
•    Cloud security use cases we are seeing across our global customer base of 2000 organizations, and what you can learn from them.
•    What to consider when thinking about 24/7 threat detection and response beyond the cloud.    

James Hastings Tim Chase
Dodging the cloud's and DevOps' deadliest sins

We’re still living in a world where a universal level of minimum viable security is still out of reach for many organizations. It’s time to get past any finger pointing and discuss root causes of why organizations continue to commit so many cloud and DevOps “sins.” Join CompTIA’s Chief Technology Evangelist, Dr. James Stanger, in a fireside chat about why this happens. We’ll investigate some of the cultural, industry, and business best (and worst) practices. Then, we’ll discuss some of the steps organizations large and small can take to create different procedures and build more secure solutions. We’ve all heard about the OWASP Top 10, the MITRE ATT&CK model, and various (cloud) security frameworks. In this session, we’ll talk about how to create a better cybersecurity muscle memory and change behaviors to increase effective security.

James Stanger
Key strategies to securing application journeys across the cloud— Hybrid cloud security challenges and solutions

Many organizations have rapidly migrated to the cloud to achieve their digital acceleration efforts. But moving to the cloud too quickly has left many dealing with increased operational and deployment complexities, loss of visibility, and increased security risks, particularly in light of skills and resource gaps.

Join Vince Hwang, VP of Product and Solutions at Fortinet, to learn about:

•    Application journey challenges  
•    How edge compute is an emerging necessity 
•    Key considerations for robust and secure digital acceleration  
•    Consistent, secured, and optimized tools to build, deploy, and run cloud applications across all deployments wherever your applications live

Vince Hwang,
Artificial intelligence machine learning Cloud Security for DevOps

DevOps and continuous delivery models result in faster time-to-market.  Operations teams face challenges when it comes to incorporating security into the product life-cycle. They are afraid of slowing things down, necessitating integrated DevSecOps best practices. Explore how the Check Point's CNAPP solution coupled with industry leading AI/ML deliver prevention first cloud security. 

Mark Ostrowski
Your hybrid cloud is under attack: Protect it with zero trust!

Over 45% of organizations have suffered a cloud-based breach, are your application journeys to hybrid cloud in danger? With over 87% of businesses taking a hybrid cloud strategy, protecting your applications’ communications, interconnection, and data transaction traffic from modern sophisticated cyberthreats is more challenging than ever in a mobile and remote work environments.
Now is the time to build your Zero Trust expertise in protecting your application lift-and-shift or direct modern cloud-native security strategies. As modern cyberthreats continue to grow in complexity and volume, you must deliver security with DevOps agility. Palo Alto Networks Software Firewalls deploy quickly with familiar cloud orchestration tools delivering world class zero trust protection for all your cloud applications.

Dennis Payton,
Insights into the Cloud Threat Landscape

The recently published CrowdStrike 2023 Global Threat Report revealed new insight into cloud threat adversary tactics exploiting cloud security vulnerabilities from nation-state and eCrime adversaries. This session will highlight the key observations from the report and trends in the cloud threat landscape, including: 
•    How adversary motivations changed in the past year
•    95% increase in cloud exploitation
•    New benchmarks on breakout times
•    Observations on cloud adversary sophistication and breakout times

Maulik Limbachiya
You have the right to audit cloud providers. Don't waste it!

A quality audit of your third-party cloud vendors and partners is important to ensure that you are working with organizations that you can trust with your data and assets. This session will review the central principles and processes behind an effective audit, including key contractual terms, shared responsibility negotiations, what issues to look for, and how to interpret and report findings.

Dr. Lisa McKee
Wednesday, May 17, 2023
Synching zero trust with your cloud deployments

Cloud is becoming increasingly central to companies who are building out and scaling their network architecture. For those actively migrating to the cloud or greatly expanding their cloud presence, zero trust is likely to be part of that digital transformation. For companies that find themselves on this journey, this session will examine the key decisions and implementations you have to tackle along the way. This discussion will cover how to establish a uniform zero trust approach across multiple disparate cloud environments; how to settle on a reference architecture that jibes with your deployments; and how to educate your architecture, engineering and operations teams on how to effectively deploy your architecture.

Bryan Willett
Leading Edge of SASE

What are the top factors that move businesses from the bottom 10% to the top 10% of SASE deployments? In this session, Advisory CISO Wolfgang Goerlich will look at the latest data from Cisco’s Security Outcomes Report to analyze current trends in SASE strategy. From access management to data protection to how to manage it all, Wolfgang will discuss where to focus first in your strategies and how to build strong relationships that position your SASE pivot a success!

J. Wolfgang Goerlich
The Journey Towards Security through Identity

With business needs outpacing security, and new and greater risks continuously arising, the task of securing your organization against threats has never been more challenging. While there is no one path to success, one thing is clear - Identity is the control plane of the modern organization and is a central component to establishing a strong security posture. Join this session to learn how Identity can support your organizations’ cybersecurity goals, improve operations, and drive topline impact; and leave with a clear structured framework to help you along your Identity maturity journey.

Alexandria Hodgson
Unraveling the encryption enigma: Overcoming challenges of encoding in the cloud

Mastering encryption in the cloud, ironically, can be its own puzzle of sorts that can be difficult to decipher. This session will attempt to give you an answer key to some of cloud-based encryption's biggest challenges and sources of confusion, such as cloud key management; accounting for differences in cloud platform deployment models; and implementing end-to-end encryption vs client-side encryption vs server-side encryption.

Kayne McGladrey Parthasarathi Chakraborty Richard Tychansky
Rubrik: Cloud tools, products, and services

Cloud products and services opportunities allow organizations to reach new heights of scalable growth and goals in 2023. The flexibility and agility of cloud environments is exciting for business development, but the amount of choice available to IT practitioners can also be overwhelming.

If you are feeling indecisive when dealing with choice overload, not to worry.

This webinar covers all the trendiest insights into cloud tools, trends and solutions. Hear from our expert, Leo Vela, on how to empower your organization’s cloud success!

What You’ll Learn:
•    Find the proper tools and products to strengthen your Cloud environment.
•    Explore tips and tricks for best practices.
•    Avoid decision fatigue, and get all your cloud info in one place.

Leo Vela
3 new ways cybercriminals are outwitting you

New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.

Join us for this session where Mike Britton, CISO at Abnormal Security, will discuss:
•    How threat actors are shifting away from the CEO fraud of the past
•    Why tools like ChatGPT could be incredibly dangerous
•    What new threats are on the horizon
•    And how you can better protect your organization from all of it

Mike Britton
Cloud vulnerability? I don’t think it means what you think it means

The cloud is not without its share of vulnerabilities. These vulnerabilities come in many shapes and sizes, and simply scanning for them is not enough to ensure security. 
In this session we will explore the latest trends and challenges in cloud vulnerability risk management. We will discuss the convergence of cyber asset and attack surface management (CAASM) and vulnerability risk management (VRM) and how many organizations are using an integrated approach to help mitigate critical, prioritized risk across the cloud-native application surfaces that matter most. 
We will also highlight the importance of a full lifecycle approach to vulnerability management. From detection to remediation, organizations can better manage their risk exposure and maintain the security of their cloud environments. 
Join us for this session and learn: 
•    The different types of cloud vulnerabilities and how they can impact your organization; 
•    Best practices for reducing cloud risk; 
•    The importance of integrating vulnerability risk management (VRM) into cloud asset and attack surface management strategies; 
•    The benefits of a full lifecycle approach to vulnerability management including risk aggregation, correlation, prioritization, remediation orchestration, and verification. 

Tal Morgenstern Yitzy Tannenbaum
Compliance watch: Cloud security regulations now and in the near future

Under the Biden administration, both the White House and the SEC have proposed new regulations seeking to better define responsibilities as they pertain to cloud security and privacy. And industry observers are watching closely to see how both cloud-based services providers and their users will be affected by these new rules, which could clarify expectations around supply chain security, breach notification, vulnerability testing and disaster recovery testing. This session will look at the current and future regulatory outlook surrounding the cloud.

Catherine Castaldo