Cloud Security Summit

Cloud Security Summit - Virtual Event

July 21, 2021 | Immersive Virtual Event

All Sessions Now On Demand

As enterprises adopt cloud-based services to leverage benefits such as scalability, increased efficiency, and as cost savings, security has remained a top concern. SecurityWeek’s Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Attendees, will be able to interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

2021 Diamond Sponsor

Ermetic

Platinum Sponsor

Lacework - Cloud Security

Gold Sponsors

Orca Security

Blumira

 
  • July 21, 2021 11:00 AM ET
    Fireside Chat - Investments and Innovation in Cybersecurity

    In this fireside chat, SecurityWeek editor-at-large Ryan Naraine chats with Forgepoint Capital managing director William Lin about investments and innovation in the cybersecurity ecosystem. Lin will discuss the trends worth watching, the state of play with venture capital investments, and his own tips for finding successful entrepreneurs.

  • July 21, 2021 11:30 AM ET
    Where We’re Going, We Don’t Need Rules: Anomaly-Based Threat Detection

    Most security tools battle cyber threats using the tried-and-true method of rules-based detection. But this industry standard has its limitations. What if, instead of endlessly writing (and maintaining) rules to identify bad actors and irregularities, we could base security on the normal, healthy operations of an environment? This session will explore how a new approach to anomaly-based threat detection is driving fundamentally better security outcomes while streamlining investigations.

  • July 21, 2021 12:00 PM ET
    Break - Visit Expo Hall and Networking Lounge

    Please visit our sponsor booths and explore the virtual conference center to compete for great prizes!

  • July 21, 2021 12:15 PM ET
    If You Can’t Visualize it, You Can’t Fix it: Who Can Access Your Cloud Data?

    An astonishing 98% of 200 organizations recently reported a cloud data breach in the past 18 months... and 63% had their sensitive data exposed in the cloud [IDC 2021]. What’s the cause -- and who needs to fix it?

    Sorry folks, but Gartner puts responsibility for cloud infrastructure security squarely at your feet, citing mismanaged identities, access and privileges as the root cause of failure.

    The most effective way to reduce such risk is through an identity-first approach. We will cover:
    • Shared responsibility and CSP native security tools
    • Managing asset inventory with deep context
    • Managing cloud security posture
    • Automating risk mitigation and least privilege
    • Anomaly detection across multi-cloud and more

  • July 21, 2021 1:00 PM ET
    Crafting Comprehensive Cloud Compliance

    Whether you are formally regulated or are simply looking to demonstrate your commitment to security and governance with best practice guidance, infrastructure and platform as a service offerings provide unique governance challenges. These platforms offer a wide array of services each with their own security controls that must be continuously tested against a trusted standard. At the same time public cloud platforms also host more traditional services like virtual machines, containers, and storage buckets. Here risks like old unpatched software (and hence vulnerabilities), sloppy credentials embedded in a test script, misplaced PII, or keys that facilitate lateral movement are hiding within your workloads.

    Join this session as we discuss how to build fully-functional compliance guardrails at both the deep workload and broad cloud services levels with a single, simple approach.

  • July 21, 2021 1:30 PM ET
    Tips for Simplified Cloud Security Monitoring

    Cloud means more services to monitor, a wider attack surface, and more tools, leading to blindspots. In fact, lack of visibility in a cloud environment is what contributed to the infamous Capital One AWS breach in 2019.

    You’ll learn practical tips you can apply to your cloud security strategy to combat rising threats, including:

    • What log sources are most important to monitor to identify indicators of attacker techniques early and respond quickly to contain a breach
    • Why misconfigurations occur, how they can lead to data breaches, and what you should do to detect them
    • How cloud monitoring differs from monitoring on-premises environments like Microsoft Active Directory

  • July 21, 2021 2:00 PM ET
    Break - Visit Expo Hall and Networking Lounge

    Please visit our sponsor booths and explore the virtual conference center to compete for great prizes!

  • July 21, 2021 2:15 PM ET
    Security For The Cloud Generation

    We invite you to join Lacework's Field CTO Chris Pedigo as he discusses security in the cloud and how Lacework solves some of the cybersecurity challenges facing companies today.

  • July 21, 2021 2:45 PM ET
    Minding the Multi-cloud: An Identity-First Approach to Securing AWS and Azure

    Everyone is moving to the cloud, faster than planned. Most organizations have their sights on adopting a multi and/or hybrid cloud strategy this year. Yet, 75% of cloud security breaches are expected to result from inadequate management of identities, access, and privileges by 2023, according to Gartner.

    So how do you protect your growing multi cloud infrastructure? AWS alone currently offers some 258 services and involves 9,286 total permissions. Remote work is adding to identities and permissions explosion -- increasing access risk. Securing and governing access is further compounded by the fact that each public cloud has its own way of managing permissions and privileges.

    Join Ermetic’s Or Priel, VP Product Management, for a better understanding of managing identities, permissions and privileges in AWS and Azure.

    We will explore:
    • AWS IAM roles and policies and Azure RBAC
    • Strategies for enforcing least privilege with confidence
    • Governing access and protecting sensitive resources
    • Mitigating multi cloud risk using automation and analytics

  • July 21, 2021 3:15 PM
    [Panel] When Cloud Deployments Expand Attack Surfaces

    While the modern security program is framed through the lens of the NIST (National Institute of Standards and Technology) framework -- Identify, Protect, Detect, Respond and Recover -- the dramatic migration to the cloud has greatly expanded attack surfaces and introduced a new set of priorities for enterprise CISOs.

    In this session, a distinguished panel of enterprise defenders will look closely at how digital transformation (work-from home during the pandemic) introduced new risks and forced significant changes to budgets and resources to manage multi-cloud deployments at scale.

    The panel will examine a broad range of topics, including cloud asset discovery and management, identity management and multi-factor authentication, the ‘shift-left’ world of DevSecOps, expanding zero-trust concepts for cloud data, and managing things like alert and dashboard fatigue.

    Attendees can expect an engaging conversation with actionable guidance for modernizing the enterprise security program.

  • July 21, 2021 4:00 PM ET
    Networking and Expo

Diamond Sponsor

Ermetic offers a new cloud security solution that gives enterprises deep visibility and control over access to critical data and infrastructure, along with policy enforcement, asset management, risk analysis and automated remediation — in single or multi cloud environments. (www.ermetic.com)

Platinum Sponsor

Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance across AWS, Azure, and GCP, providing a comprehensive view of risks across cloud workloads and containers. (www.lacework.com)

<

Gold Sponsors

Orca Security provides instant-on security and compliance for AWS, Azure, and GCP – without the gaps in coverage, alert fatigue, and operational costs of agents or sidecars. With Orca Security, no code runs within your cloud environment. Orca SideScanning™ reads your cloud configuration and workloads’ runtime block storage out-of-band, detecting vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and unsecured PII. There are no overlooked assets, no DevOps headaches, and no performance hits on live environments. (www.orca.security)

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively. Our platform integrates broadly to provide cloud infrastructure, identity and access management, cloud collaboration and endpoint security monitoring and response. (www.blumira.com)

Event Details
Sponsors