Navigating the Path to Cloud Security Maturity

Tuesday, January 15, 2019 – 10:00am to 3:00pm at Courtyard Marriott Seattle Downtown/Pioneer Square

#IANSSeattle #IANSEvents

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

The urgency is clear. Cloud is happening in your organization, whether you know it or not. Given the intractable skills gap and the move towards business-driven technology innovation (implemented by Shadow IT), the future is now. And you can either get on the cloud security bus or find yourself under it.

In this fun and enlightening 5-hour symposium, you will learn to build secure and resilient cloud-based applications and infrastructure that blow away what you can do in traditional environments. We will map out a three phased approach for maturing your cloud security operations and leave with very clear objectives and milestones to implement in your cloud. We also will discuss cutting-edge secure cloud design patterns, and understand how to leverage native cloud features, from networking and identity management through application security and serverless architectures.

Points for discussion include:

  • The Securosis/IANS Cloud Security Maturity Model
  • Being cloud native versus a cloud tourist
  • Best practices to set up a secure cloud environment
  • How serverless functions enable continuous cloud security
  • Implementing Guardrails around your Cloud
  • Securing the Continuous Deployment Pipeline
  • Practical Automation (DevSecOps)
  • Market tested design patterns for logging/monitoring
  • Consistent multi-cloud visibility and control

Objective

Participants will leave with a clear understanding of how to mature their cloud security capabilities, implementing best practices and equipped with tactics and patterns to their secure cloud environments. They will also leave with new and renewed peer connections. Our hope is that this symposium’s value brings IANS to mind when participants face infosec opportunities and challenges in the future.

Audience

This symposium is designed with CISOs, security architects and SecOps leaders in mind, but security practitioners and risk managers of all types are welcome.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.


*This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.


Speaker

Mike Rothman

Mike Rothman

IANS Faculty

President and Analyst at Securosis