SIGS Special Event
Cloud Security Threats
Join us on April 20th, 2023 and earn 4.25 CPEs
(registration will be closed April 19th, 2023)
Official Event Sponsor
Meet with and be inspired by like-minded peers who face a similar set of challenges. Share strategies for mitigating the most current information security threats. A friendly, relaxed and professional atmosphere will ensure that you leave this event with a new wealth of trust-based contacts and tangible takeaways.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a one-to-one environment.
This is a ‘must attend’ event for all security operation professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success. So do not wait and register!
Looking forward to see you there,
your SIGS team
As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Location
Hilton Zürich Airport
Hohenbühlstrasse 10
8152 Opfikon-Glattbrugg
Hohenbühlstrasse 10
8152 Opfikon-Glattbrugg
DATE & TIME
April 20th, 2023, 1:30 pm - open end incl. dinner
Airport Transfer & Parking
There's a shuttle bus from the airport available.
Parking lots at the hotel are available for free.
Parking lots at the hotel are available for free.
Schedule
1:30 pm
Registration
2:00 PM
Welcome & short introduction from the background organization
2:o0 PM
Sponsor 1: xxx
Deep Dive into Cloud Security Threats from the Research Perspective
Details will follow
Deep Dive into Cloud Security Threats from the Research Perspective
Details will follow
2:30 PM
Sponsor 2: Raj Samani, SVP, Chief Scientist at Rapid7
The Cloud Native Adversary
Understand how cloud native skills are enabling threat actors the ability to exploit and compromise organizations.
The Cloud Native Adversary
Understand how cloud native skills are enabling threat actors the ability to exploit and compromise organizations.
3:00 PM
Sponsor 3: Omer Shliva, Team Leader Cloud Research at Check Point
The Top Four Cloud Attack Trends in 2022: An Overview of the most important Attack Vectors
As organizations continue to rely on cloud infrastructure for their daily operations, it's becoming increasingly important to understand the current security landscape and anticipate potential attacks. In this presentation, we will explore four main trends seen in 2022 in cloud security: cloud vulnerabilities, cloud misconfigurations, cloud IAM, and cloud network access management. Using various examples, we will illustrate how these factors can result in critical security incidents.
The Top Four Cloud Attack Trends in 2022: An Overview of the most important Attack Vectors
As organizations continue to rely on cloud infrastructure for their daily operations, it's becoming increasingly important to understand the current security landscape and anticipate potential attacks. In this presentation, we will explore four main trends seen in 2022 in cloud security: cloud vulnerabilities, cloud misconfigurations, cloud IAM, and cloud network access management. Using various examples, we will illustrate how these factors can result in critical security incidents.
3:30 PM
Break
4:10 PM
Roundtable 1: Olivier Martinet, Group CISO at TX Group SA
What are the key components to ensure cloud security?
Cloud Security is definitely an interesting topic that needs quite a lot of planning and a different mindset. Let's discuss about what are the key components by asking us some of those questions:
- Can I use my standard security tools in the Cloud?
- Am I more at risk?
- Do I trust Amazon, Google, Microsoft... ?
- Do I need to plan my security in the Cloud? Who can help?
- What about Identities in the Cloud?
- How / What do I migrate?
I expect participants in this roundtable to share infos and get some useful tips and knowledge among them.
Roundtable 2: Jeff Schiemann, CISO at SEBA Bank AG
Is Cloud a destination or a never ending journey
-Homogeneous or Heterogeneous cloud? What drives cloud strategy to implementation.
-Supporting Cloud migration and innovation (SRE teams, Dev Sec Ops) what does it mean for Head of IT Security and CISOs?
-What benefits are there to Application and Data telemetry collection in the SOC?
-What are challenges migrating legacy solutions (example on prep SIEM / Syslog servers) into cloud
-What are some of the “truths and lies” in Cloud that we should all be aware of
Roundtable 3: Dusko Karaklajic, Security and Compliance Architect at Amazon Web Services
Security Governance, Risk and Compliance in the Cloud
- How to select security controls to meet compliance requirements and manage risks in the Cloud?
- What can be re-used from the existing on-premise security organization?
- How to design and document effective cloud-native controls?
- How much automation for control enforcement and monitoring is enough?
- How to measure control effectiveness in the Cloud?
Roundtable 4: Djamel Djedid, Head of System Management at DHL Express
Multi-Cloud Microsoft Azure + Oracle OCI + DHL Private Cloud: a big gift or a big risk?
- Topology of DHL Express Enterprise level migration (Transformation!) journey
- Accelerators, opportunities and migration strategies
- Security checks and Security cheques...
- Let's not forget about the business, our users and the vision
Roundtable 5: Dejan Trivalic, Head Cloud & Data Security at Bank Vontobel AG
How to protect Azure from Data Leakage?
First I will share our struggles and thoughts we have made to this topic. After let's discuss together the following points:
- How to technically and organizationally deal with the constant and fast changes of Azure components (as well as security tools)
- Is multicloud a hot topic and how the security topics therein are scalable?
I hope the participants in this roundtable will share their learnings and we can profit from the experience of each other.
What are the key components to ensure cloud security?
Cloud Security is definitely an interesting topic that needs quite a lot of planning and a different mindset. Let's discuss about what are the key components by asking us some of those questions:
- Can I use my standard security tools in the Cloud?
- Am I more at risk?
- Do I trust Amazon, Google, Microsoft... ?
- Do I need to plan my security in the Cloud? Who can help?
- What about Identities in the Cloud?
- How / What do I migrate?
I expect participants in this roundtable to share infos and get some useful tips and knowledge among them.
Roundtable 2: Jeff Schiemann, CISO at SEBA Bank AG
Is Cloud a destination or a never ending journey
-Homogeneous or Heterogeneous cloud? What drives cloud strategy to implementation.
-Supporting Cloud migration and innovation (SRE teams, Dev Sec Ops) what does it mean for Head of IT Security and CISOs?
-What benefits are there to Application and Data telemetry collection in the SOC?
-What are challenges migrating legacy solutions (example on prep SIEM / Syslog servers) into cloud
-What are some of the “truths and lies” in Cloud that we should all be aware of
Roundtable 3: Dusko Karaklajic, Security and Compliance Architect at Amazon Web Services
Security Governance, Risk and Compliance in the Cloud
- How to select security controls to meet compliance requirements and manage risks in the Cloud?
- What can be re-used from the existing on-premise security organization?
- How to design and document effective cloud-native controls?
- How much automation for control enforcement and monitoring is enough?
- How to measure control effectiveness in the Cloud?
Roundtable 4: Djamel Djedid, Head of System Management at DHL Express
Multi-Cloud Microsoft Azure + Oracle OCI + DHL Private Cloud: a big gift or a big risk?
- Topology of DHL Express Enterprise level migration (Transformation!) journey
- Accelerators, opportunities and migration strategies
- Security checks and Security cheques...
- Let's not forget about the business, our users and the vision
Roundtable 5: Dejan Trivalic, Head Cloud & Data Security at Bank Vontobel AG
How to protect Azure from Data Leakage?
First I will share our struggles and thoughts we have made to this topic. After let's discuss together the following points:
- How to technically and organizationally deal with the constant and fast changes of Azure components (as well as security tools)
- Is multicloud a hot topic and how the security topics therein are scalable?
I hope the participants in this roundtable will share their learnings and we can profit from the experience of each other.
5:00 PM
Change the table for the second round of discussions
6:00 PM
Apéro riche incl. networking and know how sharing till open end
Contributors & Speakers
Below you will find our contributors and speakers to whom we say a big thank you !
Djamel Djedid
Head of System Management at DHL Express
Further information at Djamel Djedid | LinkedIn
Dusko Karaklajic
Security and Compliance Architect at Amazon Web Services
Further information at Dusko Karaklajic | LinkedIn
Dejan Trivalic
Head Cloud & Data Security at Vontobel
Further information at Dejan Trivalic | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!