• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Information Systems Security Association

Los Angeles Chapter, cybersecurity, InfoSec, CISO, Privacy

  • Home
  • About ISSA-LA
    • Our Mission
    • ISSA LA Bylaws
    • Board Members
    • Advisory Board Members
    • Contact Us
  • Events
    • Upcoming Events
    • Event Archive
    • Speaker Guide
  • Security Tracks
    • Management
    • Privacy
    • Proactive
    • Reactive
    • Technical
  • Summit XII
    • Summit XI 2019
    • Summit X 2018
  • Membership
  • Become a Sponsor
    • 2019 Monthly Meeting Sponsors
    • 2019 Summit XI Sponsors
  • Good InfoSec Resources
    • Keeping Kids and Families Safe Online

July – Gary Asplund

September 2, 2019 By Technology Director

Topic: My CEO Told Me We Have To Move Our Datacenter to the Public Cloud…So, What’s the Big Deal?

Abstract:

Consider the following:

– You don’t own any of it but, it is your responsibility to control and secure everything in it

– You don’t own any of it, but you critically depend on what’s in it

– You don’t maintain any of it, but you trust all of it is properly maintained at all times 

– You can’t touch any of it, but it’s up to you to completely orchestrate, control and secure what’s in it

– You can’t physically walk in anywhere but you (and anyone else on the planet with the right access) can virtually access from everywhere 

At first blush, a seasoned and experienced network / security director may not fully appreciate the significant differences and challenges his/her staff will experience in trying to fulfill their job duties when their datacenter is in the public cloud. The old strategy of ‘lift and shift’ – creating VM’s of all of your current/existing hardware and ‘shifting’ it to the cloud – will fail. Further evidence of the urgent need for purpose-built tools to secure public cloud infrastructures can be seen in the multiple and repeated data leaks and misconfiguration compromises we have seen in the last year – According to Gartner, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” 

And in a world which is rapidly becoming completely ‘software defined’ new skills and tools are required. 

In this session, we will discuss why today’s IT organizations require mature and complete native tools – built in the cloud for the cloud – which provide: 

– Complete visibility
– Configuration management – Identity protection
– Secure DevOps
– Compliance Automation
– Governance Enforcement
– Environment Lockdown 

We will discuss the subtle yet profound differences in operating your datacenter in the public cloud vs operating your own datacenter. We will discuss the ’Shared Responsibility Model’ and what it really means to you and your IT department as you expand the number of workloads you move to the public cloud. And, as your sophistication increases, and you expand your use of PaaS and IaaS, the complexities follow in tandem. We will show how today’s IT organizations require new, purpose-built tools designed and capable of ’speaking the same language’ as the public cloud infrastructures and built to leverage the extensive API’s they provide.

Filed Under: Management, Monthly Meeting Speakers, Proactive, Technical

Primary Sidebar

Join Our Mailing List and Meetup

Email Subscription

Follow ISSA LA

  • LinkedIn
  • Twitter
  • YouTube

Listen to ISSA-LA President Richard Greenberg Being Interviewed by Ron Burgundy (Will Ferrell)

Grant funds are now available: Get exclusive access to Information Security Leaders: ask questions and obtain guidance; get policies, procedures and governance

We are Proud to Present our Educational Sponsors

ISSA Education Foundation

ISSA Los AngelesFollow

ISSA Los Angeles
issalaISSA Los Angeles@issala·
15 Apr

Join us this coming April 21 @ 5:30 pm - 6:45 pm PDT, to hear our Board President, Richard Greenberg, speak about administrative, technical and physical security controls so that you are better prepared to defend against security breaches! RSVP Here: https://issala.org/event/issa-la-april-2021-virtual-chapter-meeting/

Reply on Twitter 1382743812238364672Retweet on Twitter 13827438122383646723Like on Twitter 13827438122383646725Twitter 1382743812238364672
issalaISSA Los Angeles@issala·
15 Apr

Tick, tick, tick: Federal agencies have until Friday to patch new problems in Microsoft Exchange software and to let the Cybersecurity and Infrastructure Agency know they have done so, by noon. https://www.nextgov.com/cybersecurity/2021/04/agencies-have-till-midnight-april-15-apply-new-microsoft-exchange-patches/173334/

Reply on Twitter 1382736179683074050Retweet on Twitter 1382736179683074050Like on Twitter 13827361796830740501Twitter 1382736179683074050
issalaISSA Los Angeles@issala·
7 Apr

SAP customers urged to patch. Hackers are targeting certain versions of enterprise software from SAP SE that haven't been updated with recent security patches. https://us-cert.cisa.gov/ncas/current-activity/2021/04/06/malicious-cyber-activity-targeting-critical-sap-applications?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1379927252373241856Retweet on Twitter 1379927252373241856Like on Twitter 13799272523732418561Twitter 1379927252373241856
issalaISSA Los Angeles@issala·
7 Apr

U.S. officials indicted a Kansas man last week for allegedly tampering with cleaning and disinfecting procedures at the state's Ellsworth County Rural Water District. https://www.justice.gov/usao-ks/pr/indictment-kansas-man-indicted-tampering-public-water-system?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1379584811929600004Retweet on Twitter 1379584811929600004Like on Twitter 13795848119296000041Twitter 1379584811929600004
issalaISSA Los Angeles@issala·
7 Apr

0
Number of enforcement actions by California's attorney general of the California Consumer Privacy Act since the data-protection law went into effect in January 2020, according to law firm Akin Gump. https://sites-akingump.vuturevx.com/16/3798/uploads/akin-gump-2020-ccpa-litigation-report.pdf?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1379584754031468544Retweet on Twitter 1379584754031468544Like on Twitter 13795847540314685441Twitter 1379584754031468544
issalaISSA Los Angeles@issala·
6 Apr

Law firm breached: Columbus-Ohio-based Bricker & Eckler LLP plans to begin notifying 430,185 individuals on Tuesday that their sensitive data was exposed in a January ransomware attack. https://apps.web.maine.gov/online/aeviewer/ME/40/560dd692-be44-4afe-bb57-9dd1f7597155.shtml?mod=djemCybersecruityPro&tpl=cy

Reply on Twitter 1379520938476195848Retweet on Twitter 13795209384761958481Like on Twitter 13795209384761958481Twitter 1379520938476195848
Load More...

Website Sponsors

Harassment Free Environment

ISSA-LA is dedicated to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, religion, or political affiliation. We have a zero tolerance policy for harassment in any form. Violations by any registered attendee or participant at any ISSA-LA events may result in expulsion and possible ban from future ISSA-LA events.


© Copyright 2019 ISSA LA · All Rights Reserved · Privacy Policy · Terms of Use