It is said that the bad guys follow the money (why do thief's rob banks? . . .). As valuable assets increasingly migrate to cloud infrastructure, there is a need for diligent protection of these assets. Malicious actors are less likely to attack the well-fortified back-end infrastructure of cloud app vendors, but rather pray on the human element to get in through the "front door". Compromised credentials via phishing attacks or other means or malware that highjacks a valid user session are some of the key threats that must be addressed in this new cloud landscape. This session will examine these and other threats, along with new approaches to address these at scale.