CISOs find it almost humorous when their corporate execs ask “Doesn’t all the security get taken care of by the cloud provider?” Sadly we know this is not the case and that the cloud brings with it a level of BYOS- bring your own security. In this series we discuss the security impacts of moving to the cloud so that we can clearly delineate between what security controls are there and what we have to provide.

As more of our business moves to the cloud and other third parties, we still must maintain the appropriate security controls. While cloud providers do offer security controls, it is incumbent upon us to implement them correctly. That is becoming increasingly difficult as we spread our applications and data over multiple cloud providers. In this series we will discuss how to enable Digital Transformation which includes our move into a multi-cloud environment and our ability to cover all the application development occurring in our organizations.

  • Ensuring security is part of the Digital Transformation revolution driving the move to cloud and DevOps
  • Injecting security into the DevOps cycle
  • Securing cloud migrations and deployments
  • Controls provided by the cloud vendors – what is the line and where does Bring Your Own Security kick in (BYOS)
  • Monitoring of cloud configuration and security
  • Application security and security as code
  • Giving security tools to the developers
  • The role of configuration management in DevOps and cloud management
  • Bridging the gap between Dev, Ops, and Security (security champions on development teams)
  • Container security
  • CASB and cloud DLP
  • Using IAM as a critical control point for the move to the cloud

Sponsored by CyberArk, Okta, IBM