Cloud & Data Security Summit

Cloud Security Summit

July 17, 2024 – Register

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs. Expect high-quality discussions and presentations on a variety of cloud security topics, including a surge in attacks targeting the identity ecosystem.

SecurityWeek editors will curate an agenda exploring the latest trends in the world of SaaS security, case studies of cyberattacks against cloud infrastructure, vendor patch management responsibilities, data security posture management (DSPM), and the hype and promise of AI and LLM technologies.

Register for Virtual Cloud Security Summit

Sponsorship Information

2023 Sponsors

Diamond Sponsor

Bishop Fox

 

Gold Sponsors

Lacework

As enterprises adopt cloud-based services to leverage benefits such as scalability, increased efficiency, and as cost savings, security has remained a top concern. SecurityWeek’s 2024 Cloud & Data Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Attendees will be able to interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure. Expect high-quality discussions and presentations on a variety of cloud security topics, including a surge in attacks targeting the identity ecosystem.

Key topics for discussion:

  • Innovations in cloud security and exploring next-generation technologies.
  • Best practices around data security posture management (DSPM) and cloud attack surface reduction.
  • Compliance and regulatory challenges in the cloud.
  • Third-party vendor responsibilities and the cascading supply chain risks.
  • Mitigating risks in multi-cloud and hybrid environments.
  • Ransomware in the cloud: Understanding the threat landscape.

Agenda

July 19, 2023 11:00

Securing the Cloud: Offensive Security Strategies for Risk Mitigation

Jessica Stinson
Bishop Fox, Security Consultant III

According to recent statistics, 81% of organizations experienced a cloud-related security incident over the last 12 months, with almost half (45%) suffering at least four incidents during the same period. These incidents often culminate in data leakage, privacy violations, and unintentional exposure, posing a serious threat to businesses. There’s no shortage of cloud security testing options designed to mitigate these risks; however, many only scratch the surface without accurately assessing how controls stand up against real-world cyber-attacks. Adversaries are experts at finding and exploiting cloud defense blind spots. Beating them to their targets requires preparing against the same sophisticated and precise methods that they use. Join Jessica Stinson, Security Consultant III at Bishop Fox, as she provides a glimpse into your cloud environment through a hacker’s eyes – depicting how they can access restricted portions of your environment, locate sensitive data, and compromise your trophy targets. Importantly, she will also discuss offensive security strategies that go beyond misconfiguration reviews with realistic and targeted cloud attack simulations to identify likely attack pathways and help you prioritize remediation where it matters most.

July 19, 2023 11:25

Five Keys for Creating a Successful Disaster Recovery Plan

Jack Bailey
11:11 Systems, VP, Channel & Sales Enablement

One of the most important keys to security is having an effective disaster recovery (DR) plan. Preventive risk controls are incredibly important, but there is absolutely no world where you can keep catastrophes from ever happening to your organization. Which is why you absolutely, positively must have a DR plan. But if you’ve never created one, where do you start? During our presentation, we’ll walk you through the steps you and your team need to formulate an effective DR plan. Whether you’re a seasoned IT pro or a novice, we’ll share best practices that you can tailor to your needs. We’ll discuss:

  • A step-by-step approach to building your plan
  • The technology available and whether or not it addresses your unique business needs
  • Things you can do to get buy-in from key stakeholders
  • The best ways to build, implement, and test your disaster recovery plan

July 19, 2023 12:00

Security is as Critical as Quality

Galen Emery
Lacework, Senior Manager, Sales Engineering

This session dives into the fundamental link between quality and security, and challenges the perception that security is an addition rather than a key building block. Galen will also explore the impact of migrating to the cloud, how to align security to larger business goals, and how to select the right tools and processes.

July 19, 2023 12:00

The Journey to Security Through Identity

Alexandria Hodgson
Okta, Sr. Solutions Product Marketing Manager

With business needs outpacing security, and an ever-changing macroeconomic environment driving the need to do more with less, it's never been more challenging to keep your organization moving in the right direction - efficient and secure. While there is no one clear path to success, one thing is clear - Identity is the control plane of the modern organization and is a central component to driving valuable business outcomes. Join this session to learn how Identity can support your organizations’ cybersecurity goals, improve operations, and drive topline impact; and leave with a clear structured framework to help you along your Identity maturity journey.

July 19, 2023 12:30

BREAK

Please visit our sponsors in the Exhibit Hall and explore their resources. They're standing by to answer your questions.

July 19, 2023 12:45

Penetrating the Cloud: Uncovering Unknown Vulnerabilities

Seth Art
Bishop Fox, Principal Security Consultant

Nate Robb
Bishop Fox, Operator

As cloud infrastructure grows, so do vulnerabilities and misconfigurations. While many organizations spend a lot of time fixing issues they can easily identify with tools, those tools have limitations and don't operate the way a real-world attacker does. Luckily, an offensive security approach can help surface high-value attack paths so you can proactively identify, understand, and mitigate the most impactful vulnerabilities lurking in your cloud environment. Join offensive security experts Seth Art and Nate Robb as they explore:

  • How hackers gain access to cloud environments (even when they aren’t targeting them)
  • Methodologies for exploiting vulnerabilities through cloud penetration testing with an assumed breach mindset
  • Actual Bishop Fox findings and real-world examples that will help you sharpen your cloud security strategy
  • Recommendations for reducing risk in your cloud environment

July 19, 2023 13:10

Inside the Microsoft 365 Zero-Day Attack and the Cost of Cloud Visibility

Ryan Naraine
SecurityWeek, Editor-at-Large

Steven Adair
Volexity, Founder & President

In June 2023, a U.S. government agency noticed suspicious activity in their Microsoft 365 (M365) cloud environment and reported the activity to Microsoft and the CISA. After an investigation, Microsoft determined that an APT group with roots in China had forged authentication tokens to steal Exchange Online Outlook data from government agencies. In this fireside chat with SecurityWeek editor-at-large Ryan Naraine, Volexity president Steven Adair discusses the intricacies of the M365 zero-day attack, the "head-scratching" dead-end when investigating a confirmed hack against an organization, the controversy over Microsoft licensing and the cost of logs, and the many blind spots that make it difficult to mitigation cloud attacks.

July 19, 2023 13:45

Editorial Fireside Chat: Mick Baccio, Global Security Advisor, Splunk

Ryan Naraine
SecurityWeek, Editor-at-Large

Mick Baccio
Splunk, Global Security Advisor

In this editorial fireside chat, SecurityWeek editor-at-large Ryan Naraine is joined by veteran cybersecurity leader Mick Baccio for an honest conversation about why security problems seem to be escalating with each passing day. Baccio is expected to discuss his time as the first ever CISO for a political campaign, his time as a threat intelligence practitioner in the White House, ongoing zero-day attacks in the cloud and why it's becoming near impossible to do reliable forensics after cloud data breaches.

July 19, 2023 14:15

Cloud Penetration Testing: Cloud Testing Should Go Beyond the Baseline

Fortify your cloud defenses with a complete testing methodology that extends beyond configuration reviews to illuminate high-risk entry points, overprivileged access, and susceptible internal pathways that are commonly targeted by attackers.

July 19, 2023 14:30

Lacework: Data-Driven Security at Scale

See Lacework in action. Discover how you can automate security and compliance across AWS, Azure, Google Cloud, and private clouds with Lacework.

July 19, 2023 14:40

Defend Your Workforce with Phishing Resistant MFA

Large organizations continue to fall for credential-based phishing attacks, which often lead to costly breaches. Traditional multi-factor authentication (MFA) methods are increasingly under attack and are especially prone to phishing. Join us to learn about the journey Okta and its customers are taking to phishing resistant authentication.

July 19, 2023 15:00

Take 30 with a Techie: Disaster Recovery

Go beyond protecting your business. Make it resilient. 11:11 Disaster Recovery for Zerto offers customized runbook functionality, optimized RTOs, near-zero RPOs, and automated recovery. Built on 11:11’s award-winning cloud platform with direct integration into Zerto’s industry-leading replication software, our solution gives you complete control of your disaster recovery plan. So when you need it most, it’ll be ready.

Solutions Theater (On-demand)

[On-Demand] Lacework: Data-Driven Security at Scale

See Lacework in action. Discover how you can automate security and compliance across AWS, Azure, Google Cloud, and private clouds with Lacework.

[On-Demand] Cloud Penetration Testing: Cloud Testing Should Go Beyond the Baseline

Fortify your cloud defenses with a complete testing methodology that extends beyond configuration reviews to illuminate high-risk entry points, overprivileged access, and susceptible internal pathways that are commonly targeted by attackers.

[On-Demand] Defend Your Workforce with Phishing Resistant MFA

Large organizations continue to fall for credential-based phishing attacks, which often lead to costly breaches. Traditional multi-factor authentication (MFA) methods are increasingly under attack and are especially prone to phishing. Join us to learn about the journey Okta and its customers are taking to phishing resistant authentication.

[On-Demand] Take 30 with a Techie: Disaster Recovery

Go beyond protecting your business. Make it resilient. 11:11 Disaster Recovery for Zerto offers customized runbook functionality, optimized RTOs, near-zero RPOs, and automated recovery. Built on 11:11’s award-winning cloud platform with direct integration into Zerto’s industry-leading replication software, our solution gives you complete control of your disaster recovery plan. So when you need it most, it’ll be ready.

SecurityWeek’s Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments and be compliant with data protection regulations.

Event Details