How Has the Threat Landscape Changed as We Transition to Cloud Environments?

Identity is a core tenant of trust we leverage in our environments and this concept extends to cloud environments as well. With a public cloud platform, the cloud service provider (CSP) whether Microsoft, Amazon, Google, or another organization is responsible for the physical security of the infrastructure and for keeping customers data separated. At the same time, the companies using those cloud services are responsible for the security of their data and applications, operating systems, and identity and access management. The cloud platform might come with security solutions, but the customer organization is responsible for configuring those solutions and ensuring that they are working effectively. In this session, we will review the types of threats and attacks we are facing in deployments we manage today and how attacker tactics are changing as they target cloud infrastructure. We will review some example threats to highlight the considerations and questions organizations should be asking themself. We will then teach you how to leverage the Security Stack mapping research to help you identify and implement native security controls in the cloud in order to effectively manage the modern threats we face today.