I attended the fantastic CloudSec2018 event in Toronto today held at the St.James Cathedral Center.
The focus of the event centered around the following:
Machine learning and AI in cybersecurity – implementations or strategies incorporated in cybersecurity solutions or technologies
IoT/IIoT research – research on smart cities, vulnerabilities in infrastructure, and ICS/SCADA threats
Blockchains, cryptocurrencies, cryptominers – how these three are related, and how they impact cybersecurity
Vertical-specific threats – Threats or vulnerabilities that concern the healthcare and banking industries
Fake news and cyberpropaganda – the fake news underground economy, and how cyberpropaganda is beyond fake news and can impact organizations
All in all an interesting day with superb speakers and panelist hosted by Trend Micro. Name dropping:
- Jim Love – CIO @ ITWC
- Doug Cahill – Senior Analyst ESG
- Mark Nunnikhoven – VEEP Cloud Research, Trend Micro
- Gladstone Grant – Director Solution Sales, Microsoft
- Adam Osherhold, Cloud Specialist SE, VMware
- Matt Hoerig, President, Cloud Security Panel
- James Peek – Security Expert and Consultant, Sourced Group
- Brett Gillett, Founder, Curious Orbit Cloud Consulting Enterprise Intelligence
- Dawood Khan, Co-founder, Capital Blockchain
- A slew of others were on the docket as well
Word cloud for the day:
- Innovation moves at the speed of security
- Attack vectors
- Hybrid Cloud – Burst into the cloud during peak periods.
- Shared responsibility model
- Division of labour to secure stack
- Customer is responsible for Workload, data security, identity access management.
- Traps – Desire to run all through regular controls
- Notion that cloud security is immutable.
- Cloud is cutover as opposed to patch production.
- Virtual patching to monitor for exploits. Looking for behaviour that has potential for an exploit
- DevOps traps – Security checks need to happen. Continuous integration with security can be done better.
- Run time controls in Production.
- Static vs Dynamic Analysis – static to review code for vulnerabilities.
- DevSecOps- umbrella term for security integration into modern deployment in an autonomous fashion.
- Use the correct security structure at every stage.
- Trust but Verify
- Micro segmentation to minimize blast radius if compromised.
- Shared Responsibility Panel
- Divide general resp into areas of the cloud
- Sequence of events to go from enterprise deployment to cloud. Milestones to get there.
- Understand cloud readiness posture/state is for your solution.
- Metered usage model – cloud.
- How does the contract look. Flexibility is required.
- Look at security, audits, control sets, SLA.
- Delineation between responsibility of consumer, provider.
- Issue- try to drag all process to the cloud.
- Look at improving security, instance level security to the cloud.
- Mutual trust with cloud provider. Certify that provider is compliant.
- Cloud Pillars:
- Privacy, Transparency, Compliance, Security
- Hybrid model approach: App, workloads that can be outsourced to the cloud. Integration of Systems – read only between sockets
- Incorporate security in the build process
- Horizontal compliance vs Vertical compliance
- Dynamic/Transient Compute – instances may live for 4 minutes. How to secure an architecture like this?
- Re-evaluate toolset
- Routing in public clouds something to think about and underscore the importance of API security
- Patch Management & Federated Identities
- Define IAM policies – principle of least priviledge
- MFA for humans!
What a fantastic day!! I encourage all of you to make it out to events such as this to listen, learn and network.
More information here: https://www.itworldcanada.com/client/cloud-sec-2018.html