Name: DevOps Teams: Why the Cloud Risk Encyclopedia Should Be Your New Best Friend
Start: 2022-07-13T17:00:00Z
End: 2022-07-13T17:25:45.000Z
Location: BrightTALK
Rating: 4.5

Learn how to achieve 100% cloud security coverage and visibility across AWS, Azure, GCP, Alibaba Cloud, and Kubernetes. Content covers topics including attack path analysis, vulnerability management, API security, and more.

Gartner® predicts that “by 2025, nearly half of cybersecurity leaders will change jobs.” Is a new role in your future? Whether you are ramping up at a new role or you want to re-evaluate your existing cloud security program, this webinar is for you!

Andy Ellis, Advisory CISO, and Christina Shannon, CIO, KIK Consumer Products, will help you assess your cloud security program and score some quick wins, including how to:
- Evaluate your security risks by function
- Understand the gaps in your security programs
- Make clear decisions on which initiatives are most important
- Soothe organizational friction and create a successful path forward

Make the most of the next 91 days, register today! 

(1) Gartner, Gartner Unveils Top Eight Cybersecurity Predictions for 2023-2024, 28 March 2023

Mind the Gaps: How to Assess Your Cloud Security Program in 91 Days

With the acceleration of cloud adoption and cloud consumption in Media and Entertainment sector enterprises, cloud security becomes vital to protecting your media investments and cloud infrastructure. The Orca Cloud Security Platform delivers comprehensive coverage and visibility of risks across every layer of your Google Cloud estate, enabling TMEG organizations to quickly prioritize risk, achieve compliance, and keep their businesses secure. 

Join us to learn:
- About the threat landscape impacting the media & entertainment sector
- How to protect your media assets and infrastructure in the cloud   
- How to achieve industry-standard compliance and content security guidelines

As a Google Cloud ISV Accelerate Partner, Orca is committed to working closely with you and Google Cloud to secure your cloud estate with our single unified platform. Find out more: https://orca.security/partners/technology/google-cloud-gcp/

Cloud Security and Compliance for the Media & Entertainment Sector

In this webinar, we will present new research from Orca Security that highlights the top 5 cloud security risks of 2023, from insecure secrets and vulnerabilities to overly permissive identities. Analyzing billions of real-world production cloud assets across AWS, Azure, Google Cloud, Kubernetes, and serverless functions, we will present essential insights on cloud risks that are surprisingly common in the cloud environments we analyzed, along with recommendations on how to fix them with minimal effort.

In this webinar, cloud security practitioners and DevSecOps will learn:
 • The most common and critical cloud security risks that organizations are facing today
 • Why these particular cloud security risks need to be on your radar
 • Practical steps on how you can easily reduce your cloud attack surface and mitigate risk

How To Fix 5 Critical & Common Cloud Security Risks in 2023

Industry reports show that organizations waste as much as one-third of their cloud spend. Often, that wasted spend lines up with risky, unmanaged, or unused assets. As cloud usage grows, this problem is only going to get worse: many organizations don’t have a full grasp of all the assets they are running in the cloud and what they are being used for, let alone what they are paying for them. 

In this webinar, we will explore the various strategies and best practices for optimizing cloud costs and reducing cloud waste on AWS, Azure, GCP, and Alibaba cloud. We will also demonstrate, in real-time, how the Orca Cloud Security Platform continually detects unused, underutilized, and unattached compute resources to help you reduce unnecessary cloud spend and decommission those risky unused systems.

In this session, you’ll learn:
 • How cloud resources are billed by each provider, and what you may not be aware of.
 • How Orca can alert you to unnecessary cloud resources that can be removed
 • How security can be improved by removing unnecessary assets

Cloud Cost Optimization: Improve Security and Reduce Costs

Security flaws, hackers and data breaches are the new normal. It’s not just those of us in the industry facing these foes every single day; it’s everyone. Whether you’re online or offline, you simply cannot exist today without your personal information being digitized in systems which are often left vulnerable and exploited at the whim of attackers. But who are these people — the ones who seek to break through our defenses and exploit our data? And how are they continually so effective at doing so, despite our best efforts?

Hear from the creator of “Have I Been Pwned” about the lessons he’s learned after processing more than 12B records of breached data. You’ll get a glimpse behind the scenes of what caused some of these devastating incidents and how they continue to wreak havoc today, despite how much more aware the industry is becoming. It’s a frightening, eye-opening and entertaining look at infosec and data breaches.

Speakers:
Troy Hunt, Founder and CEO of Have I Been Pwned, Microsoft Regional Director & MVP
Bar Kaduri, Threat Research Team Lead, Orca Security

Lessons From Billions of Breached Records

Does visibility into your AWS environment rank at the top of your priorities? Join Paul Vixie, VP/DE, Amazon Web Services (AWS) and Gil Geron, CEO and Co-Founder, Orca Security, to learn what customers are doing to achieve comprehensive visibility across their AWS Cloud while building a security-focused culture. Paul and Gil will discuss the increasing accessibility of cloud security; the role of community tooling and collaboration; and the evolving shared responsibility model. Don’t miss the chance to hear from two of cloud security’s leading innovators!

Speakers:
Paul Vixie, VP/DE, Amazon Web Services
Gil Geron, CEO and Co-Founder, Orca Security

Better Together: How AWS and Orca Are Making Cloud Security More Accessible

It’s no secret that security teams are overworked and understaffed in 2023. So how can you create a cloud security plan that’s simple to execute but comprehensive enough to protect your organization’s unique risks? We asked a panel of security experts, “What are the most important steps you can take now to keep your cloud environment safe in the future?” Join our session to hear their answers. From industry-specific risks to auto-generated attack paths, this discussion will provide you with the information you need to tackle your plan and increase the security of your own cloud environment.

Speakers: 
Rich Friedberg, CISO, Live Oak Bank
Omer Singer, Head of Cybersecurity Strategy, Snowflake
Justin Somaini, Chief Security Officer, Unity Technologies
Andy Ellis, Advisory CISO, Orca Security

What Security Leaders Are Doing Now to Keep Their Cloud Environments Safe

It’s been a busy year in cloud security. We’ve seen data breaches, tens of thousands of new vulnerabilities, ambitious attacks, and a shortage of cybersecurity talent. Google Cloud’s Chief Information Security Officer Phil Venables will join Orca’s Chief Innovation Officer and Co-Founder Avi Shua for a deep dive into how these cloud security trends are evolving in 2023. They’ll discuss exciting new capabilities and integrations, megatrends, in-demand security skill sets, and recent innovations to help you keep your cloud environment secure.

Speakers:
Phil Venables, CISO, Google Cloud
Avi Shua, Chief Innovation Officer and Co-Founder, Orca Security
Deborah Galea, Director of Product Marketing, Orca Security

Cloud Security: Where We Are Headed in 2023

Learn more about how AI and ChatGPT can significantly enhance cloud security remediation in multi-cloud environments and reduce the daily workloads of security practitioners and DevOps teams.

We’ll demonstrate how the Orca Cloud Security Platform leverages GPT-4 to automatically generate high-quality cloud security remediation steps while ensuring that requests are anonymous and that any sensitive information is masked. We’ll also show how Orca’s AI-powered IAM Policy Optimizer analyzes usage data to recommend the optimal AWS policy configurations that ensure adherence to the least-privilege principle.

In this webinar, you will learn:
 •  Best practices for utilizing ChatGPT to accelerate remediation
 •  What’s new in GPT-4 and what this means for cloud security
 •  How Orca leverages AI and GPT-4 in the platform
 •  What’s in store for further AI, ML, and GPT applications in the Orca platform

How To Use ChatGPT & AI in Multi-Cloud Security

With many organizations deploying multiple cloud accounts and providers, new opportunities arise for bad actors to exploit the increased attack surface and security loopholes.

In this webinar, we explore the phenomenon of cross-account and cross-provider cloud attacks, how multi-cloud attack path analysis can detect these security gaps, and how teams can prioritize attack paths, remediating the most critical ones first.

In this session, you’ll learn:
 • How bad actors can ‘hop’ from one cloud provider to another to reach their end target
• The role of multi-cloud attack path analysis in detecting these threats
• How Orca can help teams prioritize attack paths and remediate strategically

Defending Against Multi-Cloud Attack Paths

According to Gartner, “more than half of enterprise IT spending in key market segments will shift to the cloud by 2025.” Odds are, you already have a number of cloud security tools in place. How can you create an actionable strategy that makes the most out of your existing tools? 

Andy Ellis, Advisory CISO, and Kathy Wang, CSO/ Advisor/ Investor, will share tips for creating a solid cloud security strategy. You’ll learn how to:
- Work with your finance team to make procurement and renewals easier
- Get more out of your relationships with managed service providers, auditors, and assessors
- Evaluate tools in relation to your organization’s specific risks factors
- Create an actionable cloud security strategy without reinventing the wheel

It’s not too late to tackle your 2023 cloud security plan. Register today!

Create a Cloud Security Strategy Without Reinventing the Wheel

Master Cloud Cost Optimization: Improve Security and Reduce Costs

Securing sensitive data is one of the main focal points of cloud security. Data is scattered across multiple cloud service providers and data stores, which can result in weak and incomplete visibility into where sensitive data resides, who has access, and which data is at risk. 

To address these challenges, Data Security Posture Management (DSPM) capabilities focus on automating data discovery—including sensitive data such as PII—and data risk analysis.

In this Orca Security webinar, we’ll examine
 • The top 5 mistakes to avoid when managing sensitive data in the cloud.
 • Strategies and best practices for visibility and posture management of cloud data.
 • How Orca’s DSPM capabilities increase visibility across the cloud estate and help security teams mitigate data security risks, maintain compliance, and prevent breaches.

Understanding DSPM to Manage Your Cloud Data Risk

Whether you’re a first time CISO, or this is your tenth CISO gig, any cybersecurity pro can benefit from creating– or updating– an actionable plan to tackle cloud security risks. But where to begin?

Our veteran panel of security professionals, including Andy Ellis, Advisory CISO, Orca Security; as well as Kathryn Kun, Director of Architecture and Assurance, Forter; and George Werbacher, Director of Information Security, Blackbaud, will discuss strategies to help CISOs old and new stay ahead of the ever-evolving world of the cyber threat landscape. Topics include:
- The current state of cloud security risks
- Considerations to inform your strategic decisions
- How to uncover hidden risks within your specific cloud environment
- Mapping unique risks with attack paths

Don’t miss the chance to learn from some of the leading voices in cybersecurity, save your spot today.

Uncovering Hidden Risks in Your Cloud Environment

Are you using a cloud security platform that’s been stitched together from years of acquisitions? Does your team complain about a messy U/I and complicated agent-based deployments or alerts that don’t tell the whole story? 

Find out how security leaders are simplifying their security stacks, trading in the headache of agent-based deployments and multiple redundant dashboards for a clean and cohesive security experience.

Neil Carpenter, Principal Technical Evangelist, Orca Security, and Jonathan Jaffe, CISO, Lemonade, discuss how a purpose-built cloud security platform can help you:
- Reduce complexity and operational overhead
- See risks and threats that span your whole cloud environment
- Bring all of your data into a unified, easily queryable location

Simplify Your Cloud Security Stack

Join our expert CISOs as they discuss key findings from Orca Security's State of Public Cloud Security Report, a collection of findings and recommendations from our research team after analyzing billions of real-world cloud assets.

Moderated by Andy Ellis, our panelists will share:
• Which statistics from the report stood out to them
• How the report findings compare to what they are seeing in the field
• The biggest cloud security challenges facing security leaders today
• Recommendations on how to improve cloud security postures with limited resources

CISO Roundtable: State of Public Cloud Security

Establishing a Zero-Trust program is a critical strategy to help security teams govern security across cloud and on-premise environments. As an AWS Software Partner, Orca is committed to working closely with you and AWS to secure your AWS cloud estate. Aligning with the NIST Cyber Security Framework, there are 5 primary categories of protection in the cloud – Data, Infrastructure, Applications, Identities and Entitlements, and the Networks connected between them – which the Orca Cloud Security Platform addresses from a single unified platform.

Join us to learn:
- 5 areas you can address to reduce your overall security risk and establish Zero-Trust in your cloud environment
- How to secure your AWS cloud estate
- How Orca and AWS are better together

5 Ways to Establish Zero Trust in the Cloud with Orca Security and AWS

The power of artificial intelligence (AI) has recently taken center stage in the media with the availability of new tools like Open AI's ChatGPT. In this webinar, you'll hear the benefits of utilizing AI and machine learning in cloud security to alleviate the daily workloads of security practitioners and DevOps teams.

We'll demonstrate, in real-time, how the Orca Cloud Security Platform leverages GPT-3 to automatically generate cloud security remediation steps. We'll also show how Orca’s AI-powered AWS Policy Optimizer analyzes actual usage data to recommend the optimal AWS policy configurations that ensure adherence to the least-privilege principle.

In this webinar, you'll learn
 • The possibilities that AI and machine learning bring to cloud security 
 • How Orca leverages AI and GPT-3 in the platform
 • The impact that AI and machine learning have on cloud security efficiency and effectiveness

Improve Cloud Security Using ChatGPT & AI

The Cloud Risk Encyclopedia (CRE), a free and open resource, includes a collection of common cloud security risks pulled directly from the Orca Cloud Security Platform. From IAM best practices, to data protection risks, to control plane misconfigurations, the Encyclopedia helps DevOps and security teams stay up to date with the latest and most prevalent cloud risks.

In this webinar, presented by Orca Security, we will explain the motivation behind the CRE, demonstrate how to navigate the various risk categories and compliance frameworks, and show how DevOps teams can leverage the CRE strategically to gain valuable insight into production risks and create or enhance useful checklists. 

In this webinar, learn:
 • How DevOps teams can stay up to date with prevalent cloud risks
 • How production checklists can help avoid common misconfigurations and security loopholes
 • How the CRE can provide answers to common DevOps questions

DevOps Teams: Why the Cloud Risk Encyclopedia Should Be Your New Best Friend

Cloud Security

Threat Detection

DevOps

Cyber Attacks

Vulnerability Management

Cyber Security

Security Breach

Security Risk

Threat Analysis

Cloud

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

DevOps Teams: Why the Cloud Risk Encyclopedia Should Be Your New Best Friend

Presented by

About this talk

More from this channel