Cloudy with a Chance of Breaches: Where Company Crown Jewels May Be Hiding and At Risk

Wednesday, October 16, 2024

10:30am – 11:30am PT

Location: Milano V - VI

CPE Credits 1

Speaker(s)

Anton Abaya

Professional Services Manager
Converge Technology Solutions, United States
Chris Bullock, Master of Science - Cybercrime

Senior Consutant - Virtual CISO
Converge Technology Solutions, United States

Cloud adoption and migration is moving at light speed, faster than traditional IT/Infosec/Compliance teams can support. With that comes risk, and "shadow systems/privileges/cardholder data environments" being spawned and insecurely exposed. As organizations rapidly expand their cloud presence, be it public, hybrid, or multi-cloud, this session will provide real-world examples showcasing some of the common pitfalls, twists and turns, and surprising issues identified by our Cloud Security Assessments that could have led to a data breach both in Azure and AWS. The presentation will also detail how to successfully perform holistic Cloud Security Assessments, involving combination of GRC, penetration testing, and auditor/assessor techniques.

This session is ideal for CyberSecurity Management and Practitioners, IT/Infosec Auditors, Qualified Security Assessors, DevSecOps, and Cloud Architects / Cloud Security professionals.

Learning Objectives:

At the end of this sessions participants will walk away with the most common pitfalls and challenges faced by all organizations in their cloud environments.
At the end of this sessions participants will walk away with strategic and tactical actions that they can perform today, including how report to the Board of Directors, the exponentially growing threat of unmitigated and insecure cloud deployments.
At the end of this sessions participants will walk away with technology solutions (vendor agnostic), as well as people/process/organizational changes, to mitigate and better manage risk associated with highly complex cloud deployments.