Archived: Multi-cloud Security: Confronting the expanding dilemma of cloud architecture
(Aired on June 8-9)
Earn up to 6.5 CPEs for participating in this virtual conference.
As more organizations embrace multi-cloud strategies, the architecture of choice has increasingly become a private / public hybrid. While such solutions offer flexibility and scalability — and support innovation — they bring complexity to IT security — including new challenges in authentication, data governance and security visibility, and new requirements for the skills to address these issues.
This virtual conference brings together industry leaders who will share their insights and experiences on the fast-changing world of cloud security. Topics covered include:
• Determining whether native or third-party security solutions are the right approach for your environment
• Key compliance challenges you can expect and how to handle them
• What an effective defense looks like in a hybrid cloud environment
To evaluate the implications of your cloud architecture, register now.
AGENDA
DAY 1
11:00 AM ET
Keynote: Rethink cloud definitions to enable an adaptive security strategy
Jim Reavis, CEO, Cloud Security Alliance
This session will explore how cloud computing is growing and evolving, and why a renewed emphasis on understanding the taxonomy of cloud and its differing implementations is essential to managing risks and security program agility. Join Jim Reavis, Cloud Security Alliance CEO, to learn about the following:
- Evolution of cloud definitions from the edge to the multi-cloud cores
- Emergence of cloud supply chains
- Key security architectures, models and frameworks to enable agility
11:40 AM ET
The future of network security: Zero trust, SASE, automation & more!
Tim Woods, VP of Technology Alliances, Firemon
In a survey of 500 global security leaders, the top three security priorities facing enterprises today were automation, zero trust and implementing SASE. Attend this session to learn how to enforce consistent security and policy compliance across heterogeneous hybrid-cloud networks that span data centers, multiple clouds and SASE architectures.
12:20 PM ET
The state of cloud security
Jorn Lutters, Sr. Security Architect Team Lead, Public Cloud, Sophos
More than two-thirds (70%) of organizations suffered a public cloud security breach in the past 12 months. Join this webcast for an in-depth discussion about the top security challenges facing customers when moving to the cloud and how to address them. During this presentation, you will learn:
- The top security challenges for customers moving to the cloud
- How to identify these challenges and address them using platform tools and third-party solutions
- How Sophos can help solve these challenges
1:00 PM ET
5 Steps to a data-first SASE architecture
Jim Fulton, Sr. Director, Product Marketing, Data-First SASE & Zero Trust Data Protection, Forcepoint
In a hybrid, unbound enterprise, the working models of protecting the edge are no longer enough. Users and apps are everywhere, so it’s essential to protect your data. Secure Service Access Edge (SASE) makes it possible for people to work safely from anywhere and, with zero trust principles applied, you can ensure explicit permissions for the user. A data-first SASE architecture with ZTNA built in makes it possible to ensure the right person has access to the right data and understand the usage of data so you can apply appropriate control points where needed. Forcepoint’s data-first SASE approach is customizable, allowing you to apply the capabilities you need based on the challenges you have. In this presentation, you will learn the five steps to creating an integrated cloud and network security strategy:
- Protect remote workers on web and cloud
- Control access to cloud and private apps without a VPN
- Connect and protect branch offices
- Safeguard the usage of data everywhere
- Continuously monitor user risk
1:40 PM ET
Getting hybrid clouds, security and networking right
Jonathan Nguyen-Duy, Vice President, Field CISO Team, Fortinet
Rapid adoption of hybrid clouds means networks are now more distributed than ever before and business values are shifting toward agility, innovation and software, leading to the rise of the software-defined enterprise.
Hybrid cloud adoption is also driving three strategic technology trends: zero trust, SD-WAN and SASE. Going forward, IT teams must grapple with these key trends, while managing a combination of in house and service-provider solutions and balancing risk management with business objectives and customer experiences. How should we think about computing, networking, and security when enterprises own less infrastructure, platform and software?
In this session, you’ll learn:
- Strategies to deploy adaptive cloud security, zero trust, SD-WAN and SASE in an integrated fashion
- Practical strategies to secure hybrid clouds
- How to deliver better outcomes and experiences
2:20 PM ET
And the clouds break: Continuity in the 21st century
J. Wolfgang Goerlich, Advisory CISO, Duo Security at Cisco
The promise of cloud computing was a utility; always up, always on, just a click away. But we've seen many outages. It's clearly time to blow the dust off the continuity handbook, and revisit recovery for the twenty-first century.
This talk provides an overview of business impact analysis, business continuity, and disaster recovery. We then revisit these concepts in the day and age of utility computing and cloud services. After all, the cloud breaks — so what do you do when it does?
DAY 2
11:00 AM ET
Keynote: Caution in the cloud
Joseph South, Senior Cloud Security Engineer, Grainger
Many businesses have been forced to speed up digital transformation plans and move to the cloud to stay alive in a pandemic economy. Many others are already there and dealing with the security complications that come with managing a hybrid or multi-cloud environment. These challenges are particularly tricky for companies that rely on multiple cloud providers or use a mix of on- and off-premises environments.
In this keynote, attendees will learn:
- Common security mistakes or insights for both new and established cloud users
- How to translate (or rebuild) your security stack to fit a multi-cloud environment
- How planning ahead can make the next step on your cloud journey that much safer
11:40 AM ET
How moving to the cloud changed security strategy forever
Nathan Wenzler, Chief Security Strategist, Tenable
Organizations have been moving to the cloud for several years now, but in the last year, our world has forced nearly everyone to leverage the scalability and speed of cloud platforms to support a remote workforce. With so many critical business functions running from these providers, it's imperative to protect our data, systems and assets. But traditional strategies struggle to keep up with the scope and scale of the modern cloud environment, which is forcing a change in how we approach our security assessments and mitigation techniques.
In this presentation, we'll discuss the benefits and challenges presented to many organizations by the sudden move to cloud-based services and a newly remote workforce focused on business continuity, not security. We'll also talk about some of the new ways we must evolve how we approach security and our internal programs to better align with the fast-paced and ever-changing nature of cloud services and assets and protect our organizations effectively, efficiently and at the speed required by today's modern attack surface.
12:20 PM ET
Going multi-cloud: Take an identity-first approach to securing AWS and Azure
Or Priel, VP Product Management, Ermetic
With 75% of cloud security breaches expected to result from inadequate management of identities, access, and privileges by 2023 [Gartner], how do you protect your multi cloud infrastructure? The process can be daunting. To put things into perspective, today, there are 258 services and 9286 total permissions for AWS alone. The challenge is compounded by different approaches to managing permissions and privileges from one public cloud to the next.
Join Ermetic’s VP of Product Management, Or Priel, for insight into how AWS and Azure handle identities, permissions and resources and how to manage identities and privileges risk in both environments. We will cover:
- Azure’s RBAC vs AWS’s IAM roles and policies
- Strategies for enforcing least privilege
- Governing access and protecting sensitive resources
- Using automation and analytics to mitigate risks across clouds
1:00 PM ET
Protect against ransomware: Lessons from colonial pipeline
Sundaram Lakshmanan, CTO & Head of Engineering, SASE Products, Lookout
Hank Schless, Senior Manager of Security Solutions, Lookout
Some of the largest organizations worldwide have been hit by ransomware during the pandemic. The latest victim being Colonial Pipeline, the largest pipeline operator in the United States. Join this session to learn how the work-from-anywhere environment has made it easier for threat actors to deploy ransomware and how you can protect your organization against ransomware.
1:40 PM ET
Securing public cloud usage by default
Mohit Kalra, Director of Cloud Operations Security, Adobe
As more and more of us migrate their business to the cloud, nothing is more important than safeguarding that infrastructure, especially with the steadily increasing number of threats. For example, one recent study notes that hackers attack every 39 seconds, on average 2,244 times a day. In addition to the potential security issues, not having clear visibility into your public cloud usage by development and other teams can cause servicing costs to needlessly explode. This is especially true as more and more of us invest in multi-cloud, multi-platform environments.
At Adobe, one of the primary ways we scale our efforts is through automation. This is an effective way to monitor our infrastructure and detect security drift. We term our approach here as ‘securing the public cloud by default. Our approach is designed to detect security gaps during provisioning and help prevent teams from creating insecure cloud resources. This effort has also helped us get more visibility into how we are using public cloud resources across the company so that we can optimize our usage costs.
In this session, our Director of Cloud Operations Security, Mohit Kalra, will talk about the security and visibility issues possible as public cloud usage continues to increase, best practices you can use to develop your own strategy for tackling these issues, and examples from our own approach that may be helpful as you work to address the issues.