Tuesday, October 24, 2023
AI and the cloud: Security considerations

With advancements in AI, there is much to consider when it comes to cloud security. AI can be used to enhance security in myriad ways. It can also be used by criminal actors to compromise assets in the cloud. In this session, SecurityWeekly Co-Host Joshua Marpet and CRA's Bill Brenner will outline the risks and benefits while offering a roadmap to make AI a cloud security enabler.

Josh Marpet
Cloud Security Quandaries - Navigating, Optimizing, and Adapting Techniques for Robust Cloud Protection

Join John McDonough, leading cloud architect at Fortinet, as he unravels the silver linings and critical lessons learned from past missteps in the rush to migrate assets, services, and applications to the cloud. His collective experience will help illuminate the path to a more secure cloud operation.
In this event, we’ll explore pivotal aspects of cloud security, aligning with the ongoing journey of organizations such as:
•    Incorporating security seamlessly into your cloud migration plan's core.
•    Comparing and contrasting the security landscape of public and private clouds.
•    Upholding the shared responsibility model to ensure robust security, where both cloud providers and users play a vital role.

John McDonough
Research Session | Cloud security: Gaps in skillsets, lack of visibility leaves organizations flying blind

Security practitioners participated in a September 2023 study about their challenges, strategies, and successes with cloud security. In this session, CRA’s Bill Brenner and Daniel Thomas discuss the key takeaways.

Daniel Thomas Dana Jackson
The CISO Playbook: How security, Dev/DevOps teams can collaborate successfully in 2023

With the increasing threat to cloud security, it's crucial for companies to take proactive measures to safeguard their data. However, many organizations are facing difficulties in managing risk across their operations. The solution? Breaking down silos, bridging knowledge gaps and establishing strong, trustworthy bonds between security teams and their Dev counterparts to minimize risk and maximize peace of mind.

In this all-star CISO webinar, we’ll discuss how security teams can do exactly that.  Learn from our expert panel including Martin Bally, CISO of Campbell Soup Company and Alex Schuchman, CISO of Colgate-Palmolive on how they’ve successfully connected security and dev teams across the cloud development lifecycle and walk away with best practices that you can implement at your own organization.

Raaz Herzberg
Detecting and Responding to Threats in the Cloud

Security leaders face numerous challenges as organizations rapidly adopt and expand services across rapidly growing cloud environments. Equipped with limited visibility, a rapidly evolving threat landscape, and a lack of skilled staff, they are grappling with detecting and responding to threats, misconfigurations, and policy violations across multi-cloud environments, containers, and Kubernetes. 

In this session, James Hastings, Sr. Cloud Product Manager at eSentire, will explore security challenges in the cloud and discuss how to overcome them by exploring:  

•  The top cloud security challenges that security leaders encounter, backed by new research 
•  The anatomy of an attack in the cloud - learn how attackers exploit vulnerabilities and gain unauthorized access to cloud resources and understand how to detect and respond  
•  Best practices, recommendations, and solutions for enhancing your cloud security posture with MDR for Cloud, Cloud Security Posture Management (CSPM), and Workload and Application Protection (CWPP/CNAPP) with 24/7 Response 
•  Cloud security use cases we are seeing across our global customer base of 2000+ organizations, and what you can learn from them 
•  What to consider when thinking about 24/7 threat detection and response beyond the cloud and how endpoint, log, network and identity can be leveraged across hybrid and on-prem 

James Hastings
Wednesday, October 25, 2023
Avoiding Cloud Mayhem: The 3 Most Common Misconfigurations and How to Eliminate Them

Cloud misconfigurations are one of the most common hazards organizations encounter in the pursuit of the shared services approach. In this session, we look at the 3 most common types of misconfigurations, their impacts across the business, and what steps organizations can take to make these avoidable errors a thing of the past.

Ryan Leirvik
A CSPM, CWP, and a SIEM walk into a bar…

In the evolving landscape of cloud threats, oftentimes the simple things get overlooked and being able to tie together disparate events becomes more difficult. In this session we will walk through how you can combine events from your posture management tools, cloud runtime tools, and various cloud logs to be able to create a complete picture of events that have unfolded in your cloud environments. We will re-create an attack scenario and walk through how to both detect and prevent the attack.

Scott Holt
Don’t Learn the Hard Way: 3 Security Mistakes (and 3 Best Practices) for Migrating to the Cloud

As enterprises work to migrate applications, services, and assets to the cloud, the complexity of their security operations grows dramatically — as does their enterprise attack surface. In this session, we’ll discuss three fundamental security mistakes that can leave organizations vulnerable to cyber threats, as they migrate to the cloud. Then, we’ll explore three best practices that can help enterprises solve for these challenges, simplify their security operations, and protect their data, assets, and users spread across heterogeneous cloud environments. 

Join Will Seaton, Senior Product Marketing Manager at Zscaler, to learn:

•    How attackers discover and exploit infrastructure and routable resources across cloud environments
•    3 common (and fundamental) missteps that can leave enterprises vulnerable to many varieties of attack
•    3 best practices to solve for these challenges, shrink the enterprise attack surface, and harden their defenses against cyber threats
•    How to assess your current exposed attack surface (with a free tool!)

Will Seaton
CIEM Chat: How to reduce cloud identity risk

Lacework hosts Phil Bues, Cloud Research Manager at IDC, for a fireside chat to discuss the challenges and best practices for cybersecurity leaders managing cloud identities. Phil will also share industry trends and IDC research about zero trust, automation, and more.

Phil Bues
Cloud security: 2024 outlook

Chahak Mittal, Cybersecurity Governance Risk and Compliance Manager at Universal Logistics Holdings and an esteemed member of Cybersecurity Collaborative’s Detroit chapter, joins CRA’s Bill Brenner to discuss the 2024 threat landscape as it relates to cloud, including security best practices to follow going forward.

Chahak Mittal