Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting from the seamless protection it offers, whether on-premises or in the cloud. SDP can better protect IaaS services for Enterprise usage, and deliver uniform and seamless protection of on-premises and IaaS resources, enabling cost savings and agility, and a more dynamic infrastructure.
In this webinar, the leaders of the SDP-for-IaaS initiative will provide a preview of the forthcoming research and use cases that this working group has developed. This research focuses on how SDP can uniquely address security, compliance, IT administration and management challenges for cloud service providers and enterprises alike. If you’d like to hear more about securing your IaaS workloads, you’ll want to attend!
RecordedNov 15 201647 mins
Your place is confirmed, we'll send you email reminders
Wong Onn Chee, CTO, Resolvo & Co-Chair, CSA APAC Research Advisory Council
As organisations increasingly move to the cloud, so do the attackers. Come and listen to Onn Chee on how the cloud was used to attack a security conference's websites on the cloud, the profile of the attackers from cloud and how did the conference organisers defend against them. In addition, Onn Chee will share on lessons learnt and a new pro-active approach to cloud defense by looking at IoR - Indicators of Reconnaissance - which is the first step in the Cyber Kill Chain, instead of IoC - Indicators of Compromise - to achieve faster and pre-emptive disruption to the Cyber Kill Chain.
Moderator : Jim LIM, Panelists: Raju CHELLAM | Nigel LIM | Steve NG
With cloud becoming the preferred IT infrastructure, understanding the emerging security threats is important. A recent CSA study showed that traditional cloud security issues (such as DDoS, shared technology vulnerabilities, CSP data loss and system vulnerabilities) that are under the responsibility of CSPs are now overshadowed by the need to address security issues that are situated higher up the technology stack which are the result of senior management decisions (such as misconfiguration, inadequate change control, and a lack of cloud security architecture and strategy). Please join our panel of industry experts to appreciate the shifts in cloud security issues.
While Mimecast is a significant cloud security services provider to more than 38K organizations, we also rely heavily on cloud-based IT and security services to run our own business. Like all global organizations this digital transformation of our organization, with nearly 2K employees, didn’t happen overnight, didn’t happen without a plan, or without some bumps in the road. In this session Mimecast’s CISO for the last 9 years, Mark O’Hare, will review and discuss Mimecast’s transition to the cloud, how it eased our rush to completely work from home in mid-March, and what challenges we came across and how we overcame them.
Archie Agarwall of ThreatModeler, Yeukai Sachikonye of AWS & Reef D'Souza of AWS
Moderator: Ty Sbano, Chief Security & Trust Officer, Sisense
Learn how to easily build an accurate architecture diagram for AWS services in under an hour, driving security fixes for threats quickly. DevSecOps can achieve consistent deployments of complete, security vetted design patterns, while reducing time-cost expenditures on threat modeling by 85%. Understand how this proactive approach reduces security efforts in infrastructure and application designs, increases efficiency in security control decision making and reduces overall risk.
In this webinar, AWS Security Epics Automated and Threatmodeler will cover how to...
- Identify latent security risks
- Prioritize security backlog for Infrastructure-as-Code (IAC) development
- Automatically generate secure CloudFormation
- Highlight threat model drift from the live environment
- Keep threat models synchronized with AWS environments using real-time updates
- Increase sprint and epic velocity with prescriptive guidance from AWS knowledge-bases
In today’s connected era, a comprehensive incident response is an integral aspect of any organization aiming to manage and lower their risk profile. A good incident response needs to be useful not only when dealing with incidents caused by malicious threat actors, but should also be applicable in a variety of other situations such as downtime caused by an unexpected power outage or cut internet fiberfra due to roadworks. There are, however, different considerations when it comes to incident response for cloud-based infrastructure and systems, due in part to the nature of its shared responsibility.
Additionally, with a number of incident response standards, frameworks and guidelines available, it could be confusing for cloud providers and users to make sense of them for their cloud incident response (CIR) procedure. CSA’s CIR Framework will serve as a go-to guide for cloud users to effectively prepare for and manage the aftermath of cloud incidents, along with serving as a transparent and common framework for CSPs to share cloud incident response practices with their customers.
This talk will cover key contributions of the CIR Framework to the cloud community, and also make available a Quick Guide that distils the main objectives and overview of the CIR Framework.
Large enterprises moving to the cloud do so in a phased manner. Consequently, at least for a while, they have a mix of on-premises and cloud environments (and very often, multiple cloud environments). These environments, combined with the many ways you can move an application to the cloud, create new considerations for application security:
- Rehost (lift and shift): threat landscape increased because of network exposure
- Replatform (lift and reshape): new attack vectors via buckets, databases, message queues
- Repurchase (drop and shop): third-party data exposure, noisy neighbor attacks, data retention
- Rearchitect (rewriting and decoupling apps): serverless, container based, container orchestration
Thomas Martin, Founder, NephōSec & Chris Hertz, VP Cloud Security Sales, Rapid7
Appropriate use of native security controls in Amazon Web Services, Microsoft Azure, and Google Cloud Platform is essential to managing cloud risk (and avoiding a costly breach). However, many organizations struggle with determining when and how to use these native security controls, doing so in a consistent fashion, and also understanding how and when to augment these to ensure continuous security and compliance. Join Thomas Martin (former GE CIO and founder of NephōSec) and Christopher Hertz (VP Cloud Security Sales at Rapid7) for a discussion on:
- How and when to use native cloud security controls
- Why and when you may want to augment these controls
- How to leverage automation to gain continuous security and compliance in public cloud
Duo has been part of the passwordless authentication conversation from the start, as early adopters of the WebAuthn protocol and one of the first strategic partners of the FIDO Alliance. Advances like WebAuthn enable faster, easier, and more secure authentications, such as utilizing fingerprint readers already embedded in many of today's latest laptops. This fits our long term goal to simplify and reduce the number of authentication prompts while keeping logins secure and easy to use.
Join Nick Steele, Senior R&D Engineer at Duo Labs, for a discussion of recent advancements in the passwordless evolution, why vendors are starting to embrace a passwordless experience, and how tools available today can help move us closer to a post-password world.
Aaron Brown, Cloud Security Engineer, Sisense | Sounil Yu, CISO-in-Residence, YL Ventures | Avi Shua CEO Orca Security
Learn modern AWS security best practices with Sisense, Orca Security, and Special Guest Sounil Yu, Former Chief Security Scientist, Bank of America
We’ll start off with Sounil Yu, the former Chief Security Scientist at Bank of America, who will explain how to use his Cyber Defense Matrix to gain a thorough understanding of cloud security.
Then we’ll dive into the practitioner’s perspective with Sisense Cloud Security Engineer Aaron Brown, who will speak to the challenges around rapidly scaling cloud infrastructure, while still maintaining security and visibility into your assets.
Aaron and Sounil will be joined by Avi Shua, CEO and co-founder of Orca Security, former chief technologist at Check Point Software Technologies. It’s going to be a fast-paced hour as we start with the theoretical and quickly dive all the way down into Aaron’s “notes from the field”.
Get ready to ask your toughest AWS security questions as we discuss:
- How to use the Cyber Defense Matrix to gain a thorough understanding of cloud security
- The 6 risks hiding inside every large AWS environment
- Technical takeaways, advice, and pitfalls to avoid from Sisense
- Pros and cons of different cloud security tools: AWS GuardDuty, traditional agent-based tools and scanners, and CSPM (cloud security posture management)
- New approach to quickly eliminating hidden risks
Internet of Things (IoT) and connected devices promise tremendous benefits and a new wave of business opportunities. This hype is best balanced with caution especially with respect to security. Along with new revenue opportunities, IoT introduces points of vulnerability for data thefts and loss of device control. Such data breaches and loss create negative impact on a large scale. With devices connected to the Internet, the large attack surface offers numerous points of peril. Come and learn from our panel of experts on the risks and how to manage the perils effectively before you embark your IoT journey.
The use of application control (also known as whitelisting) is considered to be a robust and essential Cloud Workload Protection strategy largely due to the high predictability of cloud environments.
But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent—referred to as “Living off the Land.” App control also presents some operational headaches, requiring strict and often unrealistic policies.
This webinar explains how to build a robust application control strategy that is informed by these challenges. Learn what capabilities you should consider when evaluating a Cloud Workload Protection Platform (CWPP).
Jyoti Ponnapalli, DLT Lead, DTCC and Kurt Seifried, Chief Blockchain Officer, Cloud Secur
DLT introduces a multitude of value propositions for the financial services industry. The pace of innovation is aggressively picking up in use cases pertaining to finance such as digital assets, tokenization and cryptocurrency. However, the security measures are significantly inadequate to support innovation. There is a growing need for increased vigilance and an industry-standard security framework. Please join us as DTCC & CSA speak about the current state of security in the DLT world and announce the launch of the Blockchain working group to address the needs of industrywide DLT Security Framework.
A successful digital transformation requires a lot of moving parts. Even greenfield opportunities challenge organizations in catching all business, IT, DevOps, and security tactics in the effort. The Cloud Security Alliance's Enterprise Architecture, Cloud Controls Matrix, and Security Guidance products help create innovative, manageable, repeatable, and measurable processes. In this session, Jon-Michael C. Brook will discuss how the CSA toolset, a sprinkling of open source or third-party products, and a little elbow grease can bring a positive transition to the cloud for your business.
Kevin Fielder, CISO, Just Eat and Peter Blanks, Chief Product Officer & Head of Engineering, Synack
IDC predicts that by 2022, over 90% of enterprises worldwide will be relying on a cloud solution to meet their infrastructure needs, in large part driven by the COVID-19 remote working environments. This rapid migration to the cloud has created new attack surfaces and opportunities for cybercriminals to gain access to sensitive data and wreak havoc to organizations. Join us as we share how organizations are rapidly deploying dynamic security testing to future proof the connected world from the perspective of a CISO, ethical hackers from the Synack Red Team (SRT), and a solutions architect.
o Kevin Fielder, CISO of leading food delivery app Just Eat, shares his approach for creating a more secure cloud environment as they scale up to address an uptick in food deliveries during the pandemic and a recent merger.
o Ethical hackers from the Synack Red Team (SRT) share their perspective on the attacks in the cloud environment and ways to harden cloud-deployed resources.
o A technical expert from Synack’s Solutions Architect team shares his insights from the frontline helping customers deploy rapid crowdsourced security testing to harden their cloud assets against cybercriminals.
Tune in to learn how organizations have embraced rapid, easily deployable crowdsourced security testing solutions for the cloud and why the future of cloud security is linked to the future of trusted crowdsourced security intelligence.
Randy Ferree, Third-Party Risk Consultant, OneTrust Vendorpedia
Your vendors often handle your most sensitive data. This presents significant challenges as security, procurement, sourcing, IT, and privacy teams struggle to vet and manage vendor risks and performance in real time. So, how can organizations proactively monitor vendors to protect against emerging issues? Additionally, how can cyber risk exchanges help organizations manage the third-party risk management lifecycle with more efficiency? In this session, we'll answer these questions and breakdown how cyber risk exchanges offer a more streamlined approach to vendor risk monitoring.
Juanita Koilpillai Founder and CEO Waverley Labs LLC
Today’s network security architectures, tools and platforms fall short of meeting the challenges presented by current security threats. Zero Trust is emerging as a popular anti-hack strategy and, as the concept implies, requires that users are not allowed any access to anything until they are authenticated. Attaching the moniker “Zero Trust” to solutions, while popular, misleads one into a false sense of security (no pun intended).
In this webinar, you’ll learn how a Zero Trust implementation using SDP is applied to network connectivity, meaning it is agnostic of the underlying untrusted IP-based infrastructure, and hones in on securing connections. The webinar will delve into the steps to implement SDP and facilitate organizations to defend from new variations of old attack methods that are constantly surfacing in existing perimeter-centric networking and infrastructure models.
Separating the control plane where trust is established, from the data plane where actual data is transferred.
Hiding the infrastructure using a dynamic deny-all firewall - the point where all unauthorized packets are dropped for logging and analyzing traffic.
Using single packet authorization to authenticate and authorize users and validate devices for access to protected services and least privilege is implicit.
Itir Clarke Sr. Product Marketing Manager, Proofpoint and Dan "Hackerman", National Health Organization
The move to the cloud and a mobile workforce has brought new security and compliance risks. Cloud account takeover, data loss and usage of unapproved cloud applications present big challenges to security teams. Protecting IT-approved applications - Microsoft Office 365, Google G Suite, Box, Dropbox, Salesforce, Slack, AWS, ServiceNow and more – is top of mind.
Join Proofpoint and a healthcare customer as we discuss how CASB enhanced security and operational efficiency for this physician practice management company. We will cover:
Why do you need a CASB?
How to protect users from cloud account compromise
How to defend your data and ensure compliance in the cloud
How to manage third-party apps and risks of cloud to cloud access
While the cloud may be a force multiplier for DevOps and IT Ops, for security teams, it can be a vulnerability. With SecOps taking the blame for stalled migration efforts, enterprises are recognizing the need to take a cloud-native approach to securing data and workloads rather than trying to retrofit old technology to new cloud security best practices. The cloud is proven to spur innovation and efficiency, but the speed at which new devices can be added—and new instances spun up—increases risk to data and applications. Traditional security tools focused on prevention, or those that rely on agents or logs for analysis, can’t keep up with the speed and scale of the cloud. They leave too many blind spots, add friction to development cycles, and slow down incident response. Without visibility into network traffic and the ability to analyze full packets, organizations are vulnerable to new and evolving threats, and security teams are forced to slow the pace of cloud migration.
Christopher Bontempo VP Security Marketing, Routes and Offerings, North America IBM Security |Patrick Vowles Team Lead for No
As organization utilize the cloud for innovation and growth, security teams are challenged with ensuring those business initiatives and missions are successful. We need to drive change and integrate security into the business at many levels, from strategy to technology and incident response. We also need to extract as much value as possible from the tools and data sources we already have in place.
Join us to see how what IBM has learned from thousands of engagements and how the industry is moving towards a true, open, interoperable platform for securing hybrid multicloud environments.
Please feel free to reach out to Patrick and or Chris with any questions or requests at email@example.com and firstname.lastname@example.org
Wherever we turn it feels like the news is all COVID-19 all the time. Many of us are feeling stressed and overwhelmed and attackers know it. At Microsoft, we've seen an increase in the success of phishing attacks, one of the common vectors for malware and ransomware infections. Rather than inventing entirely new exploits, attackers are pivoting their existing infrastructure for ransomware and other malware delivery tools to COVID-19 focused lures to get us to click. In this talk, we'll share insights into how the attackers have shifted their lures and provide recommendations for improving detect and response times to reduce the likelihood these attacks will work.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. It also allows audience members the opportunity to earn (ISC)2 CPE Credits.
Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa, @CSAResearchGuy