Hi [[ session.user.profile.firstName ]]

Managing security in the cloud today VS networks "back in my day"

In our increasingly interconnected world, the cloud is the answer. Services like Microsoft Office 365, Google Drive and AWS have embraced its ability to store data online and have created services to capitalize on its potential. Data access is never a problem if you have an internet connection. But before the dawn of the Internet, cloud computing didn’t exist. It simply couldn’t. The panel on this session was certainly around before the dawn! That’s why they don’t sweat the challenges that come with the cloud today, because they lived through the early days when solutions to IT Security problems had to be invented as you go “and they liked it”!

Join us as this distinct panel that represents the “grumpy old people” of security today discuss the evolution of compute and how being in the trenches of the “old days” has allowed them to make significant contributions to better security solutions today.
Recorded Apr 28 2020 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jim Reavis, CEO, CSA | Karen F. Worstell, CEO, W Risk Group | John DiMaria, CSA | Vincent Campitelli, CSA
Presentation preview: Managing security in the cloud today VS networks "back in my day"
  • Channel
  • Channel profile
  • Human Factor in Cybersecurity Challenges Jul 30 2021 2:30 am UTC 30 mins
    GP CAPT Amorn CHOMCHOEY (Acting Deputy Secretary General, National Cybersecurity Agency, Thailand)
    The Covid-19 pandemic caused major changes in the ways we work and co-operate. We are now relied heavily on Cyber related technology, however cyber threats are also on the rise in alarming rate.

    This presentation will focus on the human factor related to cybersecurity issues, and the proposal to overcome those challenges.​
  • Security Incidents Landscape of Thailand during COVID-19 Jul 30 2021 1:45 am UTC 30 mins
    Pornprom PRAPAKITTIKUL (Head, ThaiCert)​
    Host Country Keynote - CSA ASEAN Summit 2021

    The presentation will cover an introduction to ThaiCERT and Cybersecurity situation in Thailand, observed trends and issues during COVID-19 and response to cybersecurity incidents with GMS (Government Monitoring System).
  • Cloud Security Post-COVID & CSA CxO Trust Jul 30 2021 1:00 am UTC 30 mins
    Dr. Hing Yan LEE, Dr. Sak SEGKHOODTHOD & Illena ARMSTRONG
    Welcome Remarks
    Dr. Hing Yan LEE (EVP APAC, CSA)

    Opening Address
    Dr. Sak SEGKHOODTHOD (Chairman, CSA Thailand Chapter)

    ​Welcome Address - Cloud Security Post-COVID & CSA CxO Trust
    Illena ARMSTRONG (President, CSA)
  • How Can We Grow the Pool of Cloud Security Professionals Jul 29 2021 9:15 am UTC 45 mins
    Dr. Hing-Yan LEE, Dietrich BENJES, Ferdinand FONG, Sai HONIG, Stephanie King-Chung HUNG, Sheralynn TJIOE
    Panel Discussion

    According to one source, there are about 3 million cybersecurity professionals worldwide. And there we need an additional 4 million cybersecurity professionals. The question for the panelists today is what we can do to address the shortfall in such expertise. With the greater cloud usage and increased cloud adoption during the pandemic period, many enterprises have pivoted to the cloud, creating a dire demand for cloud security professionals. The job is definitely cut out for our panelists. The panel hopes to address the challenge of having enough cybersecurity professionals and discuss what employers can do to build necessary working experience for the individuals.

    Moderator: Dr. Hing-Yan LEE (EVP APAC, CSA)

    - Dietrich BENJES (VP & GM APAC, Qualys)
    - Ferdinand FONG (Chair, Protem Committee, CSA Sarawak Chapter)
    - Sai HONIG (Co - founder, New Zealand Network for Women in Security)
    - Stephanie King-Chung HUNG (SVP Cloud Business, Mission Software and Services, Digital Systems, ST Engineering, Singapore)
    - Sheralynn TJIOE (Team Manager – Cyber Security & Big Data, HAYS)
  • Securing the Hybrid Multi Cloud Jul 29 2021 8:45 am UTC 15 mins
    Ian LOE (CTO, NE Digital, Singapore)
    With the improvement of private cloud technologies and the increased adoption of hyper-converged infrastructure, there is an increase in the use of hybrid cloud architecture in many organizations. With this new world of hybrid multi cloud world, there is a need to understand what we should look at to improve the security posture of such deployments. This session aims to highlight the various areas of concerns and some recommendations on how to enhance the security of the hybrid multi-cloud environment.
  • Smart Vehicle Ecosystem - Security Challenges IoT Cloud & Mobility Jul 29 2021 8:00 am UTC 30 mins
    ​Dr. Lopa Muddra BASU (APRAC Member, CSA, India)
    IoT Cloud Convergence elevated the Smart Vehicle Ecosystem boosted by Mobility. With enhanced experience, Security challenges increased manifold. Striking a balance between risks & user experience became the most challenging ball game. Secure Cloud capabilities can be strategically used to address technology risks.
  • Cloud Native Security Guidelines from Singapore TR 82:2020, NIST and CSA Jul 29 2021 7:15 am UTC 30 mins
    WONG Onn Chee (CTO, Resolvo, Singapore)
    Cloud native computing is a new software development approach, not an infrastructure approach as commonly miscontrued. Come and hear what constitutes cloud native and learn more about the various security guidelines from Singapore, NIST and CSA, which can guide you to adopt cloud native computing in a secure manner.
  • An Overview of Recent Updates to Data Protection & Cybersecurity Laws Jul 29 2021 6:30 am UTC 30 mins
    Riwzi WUN (Partner, RHTLaw Asia, Singapore)
    in Asia in Selected Jurisdictions
  • Data Sovereignty in APAC – Impact and Implications Jul 29 2021 5:45 am UTC 30 mins
    May-Ann LIM (ED, Asia Cloud Computing Association, Singapore)
    The term “data sovereignty” has been used to cover a multitude of policy approaches, but what exactly does it mean? Join Executive Director of the Asia Cloud Computing Association (ACCA) Lim May-Ann as she unpacks the various facets of the term, and examines the impact it has on cloud consumers.
  • MTCS: The New Edition (SS584:2020): What's New Jul 29 2021 5:00 am UTC 30 mins
    Sanjeev GUPTA (Director, Certification Partners Global)
    The Multi-Tier Cloud Security Standard was revised in 2020, and some changes have been made to reflect user concerns and changing technology. We look at what is new, and what is unchanged, and what (in the speaker's biased view) remains undone.
  • Securing IoT Ecosystem leveraging CSA's IoT Framework Jul 29 2021 4:00 am UTC 30 mins
    Renu BEDI (IT Security Manager, PwC, India)
    The internet of Things (IoT) brings increased connectivity to all industries and business markets, enabling a wide range of services for customers, stakeholders, and service providers. IoT security risks could result in loss of business or life. Device manufacturers and organizations can leverage CSA's IoT framework to reduce risk to an acceptable level by implementing end-to-end security controls. ​
  • Introduction to the Cloud Controls Matrix v4.0 Jul 29 2021 3:15 am UTC 30 mins
    Lefteris SKOUTARIS (Program Manager, CSA)
    The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4, a greater insight into its development and new components, the current activities of the CCM WG (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0.
  • Data Provenance and Cloud Security: Challenges & Opportunities Jul 29 2021 2:30 am UTC 30 mins
    Prof. Ryan KO (Chair & Director, UQ Cyber Security, University of Queensland, Australia)
    At the heart of all cyber and cloud security attribution challenges is the problem of data provenance tracking and its reconstruction. In this talk, I will cover past, present and developing provenance research in computer science, and cover its relation and usefulness to accountability, traceability, trust, forensics and proactive cloud and cyber security. It will feature some of the cloud data provenance research I have conducted in the past decade, discussed unsolved (or seemingly unsolvable) problems, and will discuss some of the recent developments in academia, industry, and international standards.
  • The Key Role of Training and Education for a Secure Approach to Cloud Computing Jul 29 2021 1:45 am UTC 30 mins
    Daniele CATTEDDU (CTO, CSA)
    Keynote - Introducing the CCAK

    Developed by CSA and ISACA to meet the unique demands of evaluating and auditing cloud based environments, the Certificate of Cloud Auditing Knowledge (CCAK) is the first credential that industry professionals can obtain to demonstrate their expertise in understanding the essential principles of auditing and assessment cloud computing systems.
    In his presentation Daniele Catteddu will describe the rationales behind the creation of the CCAK and offer an overview of the CCAK body of knowledge, including cloud security components based on CSA’s Security, Trust, Assurance & Risk (STAR) and Cloud Controls Matrix (CCM), as well as highlight key differentiators from other IT audit certification programs and illustrate the benefits of earning your CCAK.
  • Welcome Remarks & Opening Address Jul 29 2021 1:00 am UTC 30 mins
    Dr. Hing-Yan LEE (EVP APAC, CSA) & Jim Reavis (CEO & Co-Founder, CSA)
    ​Welcome Remarks
    ​Dr. Hing-Yan LEE (EVP APAC, CSA)

    Opening Address
    Jim REAVIS (CEO & Co-Founder, CSA)
  • Best Practices for Managing Secrets in Multi-cloud Environments Recorded: Jul 27 2021 47 mins
    Shikha Chawla and Scott Webster, Adobe
    The need to properly manage secrets is an essential part of the software development lifecycle. It can also be a tedious and time-consuming, not to mention error-prone, effort. Having a strong, enforced policy on secret rotation is essential. But it can also be complicated. First, you need to determine where all of your secrets are used, then you need to generate new ones, document this happened and why, put new secrets wherever they are supposed to be used, and also document the entire process in the end — preferably without breaking everything.

    You are likely wondering with all of this complication if it is even possible to come up with a way to properly manage secrets, especially in diverse, multi-cloud environments. The key is to look at this as a coding problem with a coding solution. Join Shikha Chawla, lead architect for Adobe I/O, and Scott Webster, cloud engineer, for insight into best practices for implementing an automated approach to secrets management. They will discuss what we have learned here at Adobe that works best for our application development and security teams that we hope will provide solid guidance you can use to implement your own automation program for secrets management.
  • Moving from Cyber Security to Cyber Resiliency in the Cloud Recorded: Jul 22 2021 48 mins
    Yuval Shchory, Head of Product Management, Cloud Security
    How can cybersecurity catch up to the business, while still maintaining a dynamic, resilient, and secure operation? Transitioning and operating in the cloud is no longer just about moving from your on-premises data centers. It’s about optimizing connections between branch offices to home offices, and accelerating the development and deployment of applications – all while remaining secure and compliant!

    Join us and find ways to squeeze the full business benefits out of the cloud through consolidation, visibility, automation, and intelligence.
  • Publicly Exposed Databases: The #1 Cloud Security Risk Today Recorded: Jul 21 2021 52 mins
    Alon Shindel, Product Architect, Wiz
    The most common cloud security issue facing organizations today is a database containing sensitive data that’s inadvertently accessible to the internet. It seems every week another brand is in the headlines because attackers exploited this situation to steal data. So why is it so hard for security teams to answer the simple question, “do we have a publicly exposed database?” In this session, we’ll dive into the complexity of cloud and Kubernetes networking that gives rise to this problem and what security teams can do to break through this complexity and discover the at-risk database in their own cloud environments.
  • The Rise of Ransomware: Time to Expand Your Defense Beyond Data Backups Recorded: Jul 13 2021 55 mins
    Yotam Katz and Andrey Yakovlev, IntSights
    Join IntSights to see first hand, recent intelligence on how threat actors deploy ransomware against various industry targets, as well as how the sophistication of ransomware continues to evolve.

    Attend this session to hear IntSights Yotam Katz and Andrey Yakovlev review:

    • The latest trends in ransomware
    • Best practices and practical steps for considering and countering threats
    • How threat intelligence can be used to contextualize indicators of compromise
    • Insights into threats beyond the horizon...
  • Building a Data Visibility and Control Framework for The MultiCloud Recorded: Jun 30 2021 49 mins
    Dimitri Sirota, Gary Patterson, and Sarah Hospelhorn of BigID
    Modern multi-cloud environments are complex, noisy, and full of sensitive data. It’s critical to gain visibility and control for data in the cloud - to reduce risk, get more value from your data, and take a strategic and scalable approach to data management.

    Join Dimitri Sirota, Co-founder, and CEO of BigID, to explore how to build a data visibility and control framework for the cloud. You’ll learn:
    - Challenges to data visibility and control across data centers in the cloud
    - How ML and automation will fuel next-generation data management that extends to privacy, security, and governance
    - Key steps to building a sustainable and scalable framework for cloud data management
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Managing security in the cloud today VS networks "back in my day"
  • Live at: Apr 28 2020 5:00 pm
  • Presented by: Jim Reavis, CEO, CSA | Karen F. Worstell, CEO, W Risk Group | John DiMaria, CSA | Vincent Campitelli, CSA
  • From:
Your email has been sent.
or close