Global events have accelerated the necessity for organizations to have a cloud-centric IT strategy that enables a flexible workforce, virtualizes operations and minimizes business disruption. Notable security incidents have shown that remaining on-premise infrastructure maintains persistent connectivity to vendor systems to receive system updates. From modernized supply chain risk management, to data governance, to cloud security automation a...

81% of the attacks used stolen credentials. 86% of passwords are terrible. And as the CISO of your organization, you are responsible for keeping your enterprise safe; even while the majority of users and system accounts are working against you. Data is leaving the four walls of your data center and going to the cloud at an alarming rate. What could possibly go wrong?In this talk, we will provide real-world examples and how to apply both tradit...

As more regulated organizations adopt cloud-based services, questions continue to arise around how to properly secure and audit systems that aren’t completely under the ownership of the customer. As such, CSA’s Washington DC Metro Area Chapter (CSA-DC) and ISACA’s Greater Washington DC Chapter (ISACA-GWDC) have joined forces to answer the question that is on most people’s minds: How do I trust the Cloud? Learn directly...

Panelists:Caroline WongCaroline is the CSO at Cobalt.io, a Pentest as a Service (PtaaS) platform that simplifies security and compliance needs of DevOps-driven teams with workflow integrations and high-quality talent on-demand.Caroline is a strategic leader with strong communications skills, cybersecurity knowledge, and deep experience delivering global programs. My practical information security knowledge stems from broad experience as a Cigi...

Cloud breaches are on the rise, and none of these breaches are small. Understanding the TTPs is key to determining where to look among the plethora of services available through Cloud Service Providers such as AWS and Azure. In this session we'll enumerate sources of forensic evidentiary data among the vastness of AWS Cloudtrail, GuardDuty, Microsoft Graph, and more. A very clearly defined methodology will be provided as a baseline for combing...

Organizations today are operating in a “risk-volatile” business landscape. Technology adoption is accelerating and so is reliance on third parties. COVID-19 disrupted operating models of organizations like no other; the shift to mass remote work exacerbated security, data privacy and compliance risks. Risk failures can be quite expensive, ranging from compliance penalties to operational disruption to the loss of key stakeholder sup...

Join the CSA South Florida Chapter as we explore the Certificate of Cloud Security Knowledge (CCSK). The Certificate of Cloud Security Knowledge (CCSK) enables everyone the ability to utilize cloud services more securely and speak with confidence about cloud security concerns. The CCSK gives a broad overview of cloud security and affords critical insights into issues such as data security, key management and identity and access management.This...

Digital transformation and cloud adoption are no longer optional in today’s business environment and widely seen as a necessity, however... About this Event ...However the journey can feel overwhelming especially when it’s understood that securing workloads in the cloud is critical. Join Jeremy Castleman, Cloud Security Specialist, Office of the CTO at Check Point Software Technologies, as he walks you through how you can journey...

AI can enable organizations to improve, innovate, and accelerate their business. AI/ML and data science solutions are being implemented across all industries, including Government. From supply chain to customer experience, there is enormous potential for digital innovation gained from adopting AI/ML in your technology stack.However, integrating effective AI capability in the past was challenging. The footprint of these solutions is often hybri...

Modern security tools are easy to buy; it’s people’s mindsets and culture that are hard to change. Shutterstock’s AppSec team knew this when implementing a DevSecOps strategy throughout their organization. Its global digital media platform is built heavily on cloud native applications; including containers, microservices, and Kubernetes. Securing it all, at scale, has been no small task. A big focus area of this transition ha...