Kat Traxler Senior Security Researcher and Joe Malenfant, VP of Product Marketing, Vectra AI
The rapid shift to remote work in 2020 saw adoption of public cloud skyrocket. Organizations quickly saw the benefits of public cloud from SaaS based applications, to the agility that PaaS provides. While the pandemic dominated the headlines last year, 2021 will likely go down as the year of ransomware. While the economics of ransomware have been a proven, profitable business, the shift to the cloud opens new possibilities.
Join security researcher Kat Traxler and Vectra AI VP of Product Marketing Joe Malenfant, as we step through a scenario using real-world examples on how criminal organizations are targeting cloud deployments and gaining initial access to cloud platforms. You’ll learn about:
- The telltale signs of ransomware behavior before encryption
- How ransomware can target IaaS environments, specifically against AWS
- 4 ways attackers can compromise availability of S3
- Strategies for threat detection and risk mitigation of your AWS environment
Rob McLeod VP, Threat Response Unit (TRU), eSentire and George Gerchow, Chief Security Officer, Sumo Logic
Join us for this webinar where eSentire and Sumo Logic threat intelligence experts will brief CSA members on cutting edge threat intelligence developed from threat reports and first-hand detections our threat hunting teams have encountered in cloud environments.
This briefing will bring CSA members up to date on the latest threats, risks, and vulnerabilities in cloud environments.
- We will share the top cloud threats and vulnerabilities eSentire is seeing as we respond to threats in customer environments and from the latest cloud threat reports.
- We will review examples of critical cloud-specific event data, relevant types of indicators of compromise (IoCs), and adversarial tactics, techniques, and procedures (TTPs).
- Our threat response unit will lead 2 real cloud threat detections we’ve responded to in the wild to demonstrate how our threat hunters search for compromised assets based on indicators, events generated on workloads and within the cloud environments, or communications with known malicious IP addresses and domains.
- We will look at how the Sumo Logic research team tracks the threat landscape and enhances the detection of advanced threats and give better context to threat investigations in cloud and multi-cloud environments.
Register today to be among the first to receive the latest eSentire Threat Intelligence Report Dissecting Today's Ransomware Ecosystem: Ransomware-As-A-Service, Targeted Intrusions and Opportunistic Attacks
This presentation will review what certification means, why is it the most important criterion for a business, sales. How does a Certification Program achieve this? And what are the costs, not just direct. How should an organisation begin this process, what to look out for, and what do you get at the end? We also review the differences of the CSA STAR with other Cloud Security programs.
Narudom ROONSIRIWONG (Co-chair, CSA Hybrid Cloud Security Working Group)
As businesses are developing rapidly, many cloud consumers find that a single public/private cloud or traditional on-premises data center is no longer able to meet service requirements. Organizations are increasingly choosing hybrid cloud environments and services to meet their needs. However, hybrid clouds pose different risks and thus bring on a different set of challenges to security.This presentation will provide the overview of Hybrid Cloud, demonstrate its risk
Cloud computing brings with it many benefits such as cost savings, disaster recovery, resiliency, automatic software update just to name a few. And these benefits are driving adoption, it is estimated that by 2024 cloud services market will be worth US$661 billion with 59% of enterprises expecting usages to exceed prior pre-Covid19 numbers. As you start your journey to the Cloud, what are the preparations you will need to do? What is the #1 impediment today and how would you address it? Find out how you can address the #1 impediment when it comes to taking the first step in your journey to the Cloud, the tools that are available for you to begin the journey. As well as the type of migration which you can consider depending on your business, operational and IT needs.
Join Ashish Rajan, CISO and host of the popular Cloud Security Podcast and Nathan Burke, CMO at Axonius as they discuss the cloud security challenges facing a CISO in a new role, how to prioritize the fundamentals, and how to optimize and foster a symbiotic relationship with vendors (or at the very minimum how to tolerate them).
- Ashish’s background in cloud security, his world-famous podcast, being a fashion model, and a lion-tamer (only one of these is false).
- Nate’s background and promise that this won’t just be a full-on product infomercial.
- The big challenge: controlling cloud complexity and the confidence to grow.
- How to prioritize cloud security initiatives when joining as the new CISO.
- What are the fundamentals when getting started?
- Cloud security vs. Multi-cloud security - one of these is a fictional character.
- How to set cloud security goals and measure progress.
- The one and only slide about Axonius.
Are You Using Push Notifications? Mobile Push Messaging is a powerful communication channel that allows mobile app developers to draw their user's attention with the right information at the right time. This feature can offer things as simple as reminders of meetings & appointments, location details, as well as the intent of your visit. Given the sensitivity of these types of information, just how secure is this popular user communication channel? How does it impact your important user privacy expectations? In this talk we will go through the various stages of message flow that are vulnerable to loss of data privacy and discuss techniques that can help address these challenges. Attendees to this webcast will come away with knowledge they can use today to help better secure mobile apps.
Nabeel Saeed, Senior Product Marketing, Security and Ian Hassard, Senior Manager, Product Management, Auth0
The burden of proving a customer’s identity today rests mostly on the end user. Companies and services do not trust end users by default, and those end users--their customers--do not trust a service with their information. This leads to unnecessary friction that hurts conversions, harms UX, and can have a lasting impact on your brand and growth.
In this session we’ll go over best practices to:
- Shift the burden of proof away from the customer
- Leverage identity solutions to establish customer trust
- Build login systems that use intelligence and contextual signals to remove friction
Alexei Rubinstein, Vice President of Sales Engineering at IntSights
The rapid-fire of cybersecurity threats hitting today’s businesses cause many security teams to “live in the moment.” It’s equally important, however, to receive and understand the early indicators cyber threat intelligence (CTI) provides. With these indicators in hand, your team can remediate issues before they become full-blown incidents.
For example, consider what your team could do if it learned that a bot was installed on a single corporate machine, and it was exfiltrating credentials from that machine including those for Citrix and Slack. This is a real-world story of a compromised UK company whose network access was for sale for just $8 USD.
In this session, we will explore the current dark web activity that reveals network compromises and sets the stage for future cyberattacks:
• How CTI provides clues about your company’s vulnerabilities
• What can be done when CTI shows that access to your network is up for sale
• Techniques for integrating CTI into your SecOps processes
Justin Somaini, Unity, Christopher Johnson, Google, and Alaap Pandit, Orca Security
Meet Justin Somaini, Chief Security Officer at Unity. Somaini is an expert in securing large environments having done stints as the CISO of Yahoo! and SAP. The scale of operations at Unity is even bigger as their games and experiences reach billions of devices a year, powered in large part by a massive Google Cloud Platform estate as well as multi-cloud.
Upon arriving at Unity, Somaini had a decision to make. Should he focus his initial efforts on preventative controls or on deep asset management with continuous risk assessments?
Somaini will be joined by Google’s Christopher Johnson and Orca Security’s Alaap Pandit as they invite you into a lively discussion on:
- How to reduce time-to-remediation by coupling continuous cloud risk assessments with automation
- How deep cloud asset inventory and configuration management can unlock rich enterprise-wide capabilities
- How to eliminate friction between Security and DevOps teams and empower DevOps with ownership of and accountability for security issues
- Selection criteria for choosing a cloud security vendor, including the pros and cons of agent-based tools and scanners, CSPM (cloud security posture management), as well as a new category Gartner is calling Cloud-Native Application Protection Platform (CNAPP)
Dr. LEE Hing-Yan, Stephanie King-Chung HUNG, May-Ann LIM, Ian LIM
There will be a live Q&A after the panel discussion.
The term “data sovereignty” has often been used by stakeholders (including cloud service consumers, cloud service providers, sectoral regulators) to mean different things. Just like the term "cloud computing" in the initial years, there are no widely agreed definitions; so the question "What do you understand by this term ?" naturally arises. Is it about: (a) data residency; (b) data localization; (c) data protection; (d) ... etc. What do these other terms mean anyway? Some parties commented that the above measures are too prescriptive and hide the real motivations, there are indeed innovative solutions to address those motivations. The panel discussion will identify the real motivations for data sovereignty. Some regulated sectors (e.g., finance, healthcare & healthcare) seem most paranoid about data sovereignty; they must have good reasons. Join us as the panelists endeavour to help us to understand the downsides and upsides to data sovereignty.
Moderator: Dr. LEE Hing-Yan (EVP APAC, CSA)
- Stephanie King-Chung HUNG (SVP Cloud Business, Mission Software and Services, Digital Systems, ST Engineering)
- May-Ann LIM (ED, Asia Cloud Computing Association)
- Ian LIM (Field Chief Security Officer, Palo Alto Networks)
WONG Onn Chee (Co-chair, CSA APAC Research Advisory Council & CTO, Resolvo)
Cloud native computing is a new software development approach, not an infrastructure approach as commonly miscontrued. Come and hear what constitutes cloud native and learn more about the various security guidelines from Singapore, NIST and CSA, which can guide you to adopt cloud native computing in a secure manner.
The Multi-Tier Cloud Security (MTCS) Singapore Standard was revised in 2020, and some changes have been made to reflect user concerns and changing technology. We look at what is new, and what is unchanged, and what (in the speaker's biased view) remains undone.
Presented by - Arun Vivek IYER (Head of Cloud & Container Security – Cyber Security Services, Standard Chartered Bank & Co-chair, CCM ABS Mapping WG, CSA)
In the technology space, there are also multiple frameworks and guidelines available, such as the above-mentioned TRM, ISO/IEC 27001 & 27002 and ISACA COBIT. There are also ISO/IEC 27018, the recently published ISO/IEC 21878, FedRAMP and the Cloud Computing Implementation Guide (CCIG) v2.0 issued by the Association of Banks in Singapore (ABS) that are specific to cloud computing and its related technologies. Because of this complex landscape, cross-mapping of frameworks is a useful and popular tool for FIs looking to seek compliance to multiple standards and best practices. This presentation will cover the mapping exercise the CSA WG did to evaluate the similarities and gaps between CCIG and the numerous frameworks mapped in the Cloud Controls Matrix (CCM). Singapore FIs who are already in line with CCIG will benefit through being able to easily identify and fulfill additional controls (gaps) on top of the CCIG to achieve adherence to another targeted framework within CCM, which is useful when expanding to other markets.
Ferdinand FONG, Brendan LAWS, Narudom ROONGSIRIWONG, Faisal YAHYA
There will be a live Q&A after the panel discussion.
Timothy Grance (NIST) shared that no hybrid cloud existed when he co-authored the landmark NIST definition of different clouds. He has never expected hybrid clouds to become so pervasive and popular. This panel of experts will endeavor to address the following issues: What are the differences between hybrid and multi clouds? What are the risks in a hybrid cloud environment compared to on-prem and how does one go about mitigating each of these risks. How does one assess the effectiveness of these mitigation measures? And finally how would these mitigation measures benefit organizations/businesses?
Moderator: Ferdinand FONG (Chair, Protem Committee, CSA Sarawak Chapter)
William HO (Co-chair, Industrial Control System Security WG, CSA)
Operational Technology (OT) systems, especially Industrial Control Systems (ICS), are an increasingly attractive target for highly-sophisticate cyber actors around the world. A more worrying trend has developed with the increased connectivity between IT and ICS (IT-OT convergent). This creates a potential opportunity for adversaries who are now able to compromise IT systems connected to the Internet, secure their footholds, and move to the ICS to disrupt industrial processes if not enough attention directed to secure the IT-OT convergent endeavor.
The COVID-19 situation further challenged the convergent journey, just to name a few emerging challenges such as resources contention, supply chain cyber breaches, prevalent remote connections, etc are things seems to become the new normal. Leveraging Cloud Computing may be one of the strategies to help alleviate the challenges ahead.
In cloud incidents, it is necessary to coordinate and share information with stakeholders and other organizations which will be discussed. This presentation is for all cloud customers as well as cloud service providers who need a clear framework for sharing incident response practices with customers.
Debashish JYOTIPRAKASH (CTSO - APAC Managing Director – India & SAARC, Qualys, Inc.)
The speaker will be available for live Q&A.
As we celebrate the Workers aren’t going to be returning to the office in 2021. Work from home is going to be in place until there is a full vaccine rollout, and maybe even longer. That means whatever cybersecurity systems that are incorporated now are going to have to stay in effect or be modified for workers who are in a hybrid model of home/office work weeks. Cybercriminals know this, so they will target remote workers with phishing and other targeted attacks. This topic will also cover devices that went home permanently and challenges now and when they begin to come back to office again.
The recent economic situation showed that companies that used cloud technologies to serve the customers anywhere anytime thrived better than companies whose businesses rely on customers visiting their shops physically. Companies that used cloud technologies also allowed their staff to work from home effectively and safely. Thus, the Cloud will definitely be a factor in your post-Covid recovery plan since the Covid virus will not be disappearing anytime soon. How can you fulfil your side of the ‘shared responsibility’ of using Cloud platforms and services when attackers have made Cloud one of their favourite hunting-grounds? Cyber Security Agency of Singapore is implementing a “Zero Trust” solution to help you especially the small and medium enterprises which have many constrains due to the Covid pandemic.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa