Lessons From the Cloud: The Evolution of Cloud Environments

Cyber Criminals are increasingly exploiting the Internet services to build agile and resilient infrastructures, and consequently to protect themselves from being exposed and taken over. This session will explain how the correlation of Internet data on multiple levels (DNS, BGP, ASN, Prefixes/IPs) can be used to build and deliver a new model of security that is pervasive and predictive, and that allows us to expose the attackers’ infrastructure. Learn how detection models that can be built and applied (such as co-occurrences, NLPRank, and Spike Detectors), and how the different detectors can be integrated to expose malicious infrastructures and advanced persistent threats. Chris Parker-James, Consulting Systems Engineer, CISCO

This session will be conducted by (ISC)2’s very own Director for Cybersecurity Advocacy. It will cover important new initiatives at (ISC)2 to expand our association’s role in the cybersecurity profession, and provide critical new guidance and support for our membership. In addition to these exciting new programs, the session will also provide a detailed overview of risk management principles outlining why the Lexicon Project is so important. You will learn the underpinnings of our profession, and how elements such as risk, vulnerabilities, ad threat are mathematically related. Join us to get an in-depth look at how your association with (ISC)2 will be paying you even bigger dividends soon, John McCumber, Director of Cybersecurity Advocacy, (ISC)²

In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, as they represent yet another frontier for cyber-attacks. Complete visibility has never been more important—or more difficult. Powered by AI, Darktrace’s Enterprise Immune System technology is the only solution to offer real-time visibility and insight into all parts of a network, regardless of its configuration. By learning a ‘pattern of life’ for all networks, devices, and users, Darktrace can detect threats as they arise and autonomously respond in real time – all without impacting server performance. Dave Masson, Country Manager, Canada, Darktrace

However, as the technology has evolved and organizations have realized the importance of being agile and innovative, it has quickly become the enterprise ‘norm’. Despite this, cloud computing still suffers from confusion. IT leaders are often misinformed or misguided that moving to cloud alone solves challenges around security, performance and agility. Platforms fail, security breaches happen, resilience must be built in both the application and infrastructure design to handle these inevitabilities, regardless of the platform. Learn lessons from some unfortunate failings suffered by other organizations and discover how to leverage the best cloud has to offer by using universal design principles and concepts, without the risk of being ‘cloudwashed’. Bobby Singh – CISO & Head of Infrastructure

Traditional AV vendors see virtualization and cloud architectures as impediments to effective security. At Bitdefender, virtualization has opened the door to a new, more secure world. Today, we leverage virtualization to stop future exploit-based attacks. Tomorrow, we’ll be making virtual servers and workstations even more secure than what is possible today without heavy administrative overhead or poor user performance. Mike Gable, Bitdefender

This discussion will focus on how modern information security has evolved and the new approaches we will need to move into the 21st century. Perimeter security is dead. We need a new paradigm in security with a new diverse workforce that understands application security, the new frontier. Adrien de Beaupre

According to Forrester, a majority of companies (86%) describe their cloud strategy as multicloud. While there may be many good reasons for utilizing multiple cloud platforms, there are also many associated technical and operational challenges, including those in security. We’ll discuss these challenges, and what organizations can do to minimize the impact, and manage security across a hybrid, multi-vendor environment. Mike Cook, Security GRC Specialist (ISC)², Inc.

Most organizations today focus on new and innovative ways in support of client retention and growth strategies. A primary target area is through leveraging emerging technology. This objectives in this session is as follows: 1) It will provide an overview of the digital ecosystem to include the threat landscape and emerging risks facing this technology. 2) It will provide participants with the top ten security risks impacting current organizations. 3) It will strengthen foundational knowledge on this topic, provide focal areas when implementing security controls with a lens on current regulations and industry best practices. Tara Kissoon, CEO, Director, IT Risk & Security Advisory Services