Name: From Shadow AI to Secure GenAI: Building Guardrails for Safe Adoption
Start: 2024-08-29T18:00:00Z
End: 2024-08-29T18:00:56.000Z
Location: BrightTALK
Rating: 4.9

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

The phrase “it's not if, it's when”, has been around for decades. However, businesses still aren’t prepared to recover or resist and therefore be resilient to major incidents. In today’s digital landscape, SaaS data is the lifeblood of every organization, and for compliance leaders, safeguarding this critical asset goes beyond traditional cyber security measures—it's about ensuring continuous data protection, compliance, and resilience against growing threats.

Join us this Cyber Security Awareness Month for an exclusive webinar focused on data in SaaS applications like Salesforce, ServiceNow, and Microsoft Dynamics.  We’ll explore ways to preserve the integrity of historical data and changes needed to build trust in your digital future.

The webinar will cover:
• What causes this lack of preparedness and how do we combat it? 
• How can we more accurately estimate the impact and prepare to ensure core operations will continue?
• Proven strategies for fast identification and recovery from unauthorized access and breaches in SaaS applications.

This session will equip you with the tools to build a resilient foundation for swift recovery from cyber attacks. Don't miss the chance to review your data security strategies and ensure your organization is prepared.

Cyber Attacks: It's not if, It's when! Why aren't we prepared?

Organizations don't need to go it alone in their cloud security efforts, nor do they need to incur significant financial costs. In fact, they can use a familiar set of industry-recognized best practices to create secure cloud environments. Working with global adopters and cybersecurity experts, including Cloud Security Alliance (CSA), the Center for Internet Security (CIS) has created a variety of no-cost resources to help organizations of all sizes secure their cloud-based assets. 

The main challenge in applying best practices within cloud environments is tied to the fact that these systems typically operate software and hardware under different assumed security responsibilities. The Security Best Practices team at CIS continually refines our security guidance for the cloud to help solve these challenges and ensure it reflects any and all scenarios that organizations may face when securing their environments and assets. 

Looking for the most secure way to protect your cloud environments? Our webinar will break down our available resources to keep your organization safe. Tune in to learn more about:

• How the CIS Critical Security Controls and CSA Cloud Control Matrix can work together to improve your cloud security
• Applying cybersecurity best practices in your cloud environments across different service and deployment models 
• Ensuring your cloud environments and assets are securely configured based on consensus-based industry guidance, the CIS Benchmarks

First-Class Security on an Economy Budget: Protecting Your Cloud Assets with CIS

According to a recent survey, 44% of organizations now recognize compliance as a growth opportunity, but 38% of companies stated that not having an adequate compliance posture slowed their sales cycle. By leveraging innovative strategies and tools, you can transform security and compliance from a necessary burden into a powerful sales enabler.

Join Drata and AWS in a fireside chat with Sign In Solutions to learn how they’ve shared their real-time security and compliance posture and greatly expanded their business. By turning trust into a competitive advantage, Sign In Solutions closed 40% more enterprise deals while decreasing the time they spent on security questionnaires by 25%. 

We will cover:
• How transparency can build trust and be an essential business driver
• Steps to empower your sales teams to self-serve security answers
• Best practices when sharing your security and compliance posture

Conquering Security Reviews: How Sign In Solutions Closed 40% More Deals with Compliance Transparency

Enterprises with stringent security and regulatory requirements face the dual challenge of managing complex Public Key Infrastructure (PKI) operations while securing cloud infrastructure against diverse threats. Legacy PKI systems often impede scalability and efficiency, while the shared responsibility model of cloud computing raises significant data privacy concerns.

To address these challenges, Keyfactor and Anjuna have formed an alliance. This partnership integrates Keyfactor's EJBCA Enterprise, a robust PKI platform, with Anjuna Seaglass, the Universal Confidential Computing Platform. Together, they offer a unified solution that simplifies digital identity management and enhances data security.

Join our webinar to learn how this collaboration empowers organizations to navigate PKI complexities and secure cloud environments, ensuring compliance and operational efficiency. Discover practical insights and strategies to streamline your digital identity management and fortify your cloud infrastructure against emerging threats.

Streamline Digital Identity & Secure Your Cloud: Insights from Keyfactor & Anjuna

IT admins and developers are two highly targeted identities for attackers. So what's the best way to tackle their unique access needs without adding hurdles to their day-to-day workflows? Enforce just-in-time access principles and least privilege whenever possible.

Join us for a dive into the practical applications of just-in-time access and newer themes like zero standing privileges. We’ll explore how these concepts can be combined to bring both operational and security focused benefits with the goal of minimizing standing entitlements while maximizing visibility and user experience across data center and Cloud environments.

In this webinar, you will learn how to bring your security program from foundational to exceptional through best practices for both securing IT admins and developers, as well as discover:

• How to deliver measurable cyber risk reduction while maintaining operational efficiency across these sensitive personas
• How to reduce compliance gaps across environments
• How to overcome identity explosion

Implementing Zero Standing Privileges to Secure Your Organizations' Cloud Environments

Dive deep into the heart of Zero Trust security as we tackle fine-grained access policies essential to the Zero Trust mandate of “never trust, always verify.” This session focuses on the challenges organizations face in maintaining an unwavering security posture for privileged users in an ever-evolving threat landscape. Explore the practicalities of implementing centralized context-aware policies that respond in real-time to changing access requirements and threat levels, even after initial authorization.

Zero Trust in Action: Dynamic, Fine-Grained Policies for Continuous Authorization

In today's dynamic digital landscape, organizations face a myriad of challenges in securing their operational environments, which span diverse infrastructures, services, and applications across cloud and on-premises environments. Effective security strategies demand a comprehensive defense-in-depth approach, encompassing proactive security hygiene, posture management, preventive controls, and robust detection and response mechanisms tailored to combat evolving attack vectors.

As the threat landscape continues to evolve, attackers are increasingly adept at circumventing traditional security measures, underscoring the critical importance of detection and response capabilities. 

Join Drata and AWS on August 27th, as we dive into the latest research findings and practical insights to equip security professionals with the knowledge and strategies necessary to enhance their organization's cloud detection and response capabilities. By addressing these challenges head-on and adopting a proactive approach to cloud security, organizations can fortify their defenses against the evolving threat landscape while optimizing operational efficiency and resilience.

From Reactive to Proactive: Strengthening Cloud Security Posture

As we edge closer to 2030, compliance standards are evolving at an unprecedented pace. Join us for "Cloud Control: Scaling Compliance in Cloud Environments Like a Pro" to learn how to navigate these changes effectively. This session will cover the challenges of maintaining regulatory adherence in dynamic cloud infrastructures and how Continuous Controls Monitoring (CCM) and automation can transform your compliance approach. Gain insights into the integration of compliance as code into DevSecOps workflows, ensuring continuous compliance and security.

We’ll provide practical tips, detailed strategies, and real-world examples to help you streamline compliance processes, reduce manual efforts, and enhance efficiency. Hear from industry experts on the latest trends and technologies shaping the future of compliance. Learn how to prepare your compliance strategy for 2030 and beyond.

Cloud Control: Scaling Compliance in Cloud Environments Like a Pro

In this webinar, we’ll dive into the findings from 400+ cloud security pros and investigate why so many are struggling to optimize cloud security despite having adequate funding and multiple point-specific technologies now reaching mainstream.

The webinar will investigate insights such as:
• 85% struggle to prioritize cloud security events (and why)
• 87% have problems managing too many point-specific cloud security tools and data silos (what's the solution?)
• The most overlooked cloud security blindspot (spoiler: it's secrets scanning)
• The top 10 cloud risks and threats organizations face

While the current state of cloud security may be described as “suboptimal"—some may say “broken"—is reason for hope. Register for the webinar now!

2024 Cloud Security Report: From Insights to Action

Are you looking to develop a comprehensive cloud vulnerability management program? Register today for an insightful webinar where industry leaders will share actionable strategies, proven methodologies and practical tips for success. You’ll also gain valuable insights into identifying, prioritizing and remedying vulnerabilities in your cloud infrastructure to strengthen your overall security posture.

Key Takeaways:
• Understand the challenges of vulnerability management in the cloud.
• Learn best practices for effective vulnerability management.

Developing a Comprehensive Cloud Vulnerability Management Program

Following a comprehensive survey of 2,800 IT and security professionals across the globe, Prisma® Cloud's team unveiled intriguing findings in their 2024 State of Cloud-Native Security Report.

The report survey found that although 47% of organizations know about security risks associated with AI-generated code, 100% of respondents embraced AI-assisted application development.

Despite recognized risks, this unanimous adoption suggests a potential oversight in balancing innovation and security. Watch this webinar to learn how to:
• Secure the next generation of AI-powered applications to stay ahead of inevitable AI-powered attacks.
• Unveil critical cloud security hurdles and remain aware of obstacles in application development.
• Plan for the future of your organization with the latest expert insights on cloud native security.

Secure Your Applications: Learn How to Prevent AI-Generated Code Risk

In an era where cyber threats are increasingly sophisticated and frequent, traditional reactive cybersecurity measures are no longer sufficient. 

In this webinar, Certified SANS Instructor Jonathan Risto and Seemplicity’s CPO, Ravid Circus explore the Continuous Threat Exposure Management (CTEM) framework, which represents a transformative shift toward more proactive threat management. CTEM integrates threat intelligence, real-time monitoring, and predictive analytics to anticipate and neutralize cyber threats before they can exploit vulnerabilities.

This webcast will cover:
• CTEM’s core process steps. Learn about the five foundational steps of CTEM—scoping, discovery, prioritization, validation, and mobilization—and how they work together to enhance security.
• CTEM in practice. Discover how organizations can implement CTEM.
• Challenges and solutions. Explore common challenges in adopting CTEM—and the  strategies to overcome them.
• Strategic recommendations. Gain insights into best practices for a successful CTEM program.

Cybersecurity professionals and organizational leaders will learn how to shift from a reactive to a proactive cybersecurity strategy  and ensure their defenses are resilient against the ever-evolving threat landscape. 

Register now to gain valuable insights from industry experts and receive the associated white paper written by Jonathan Risto.

Advancing Cybersecurity with Continuous Threat Exposure Management

With the ever changing nature of IT and the rising number of cyber threats these days, IT teams are struggling to keep up without the help of automation. Despite that, over half of organizations (53%) cite security concerns as a significant barrier to using automation in endpoint management.* In this webinar, we’ll walk you through a 3 step guide on how to adopt safe automation that keeps your environment safe and up-to-date with a healthy balance of tech and human talent.

Join us to learn:
• A step by step guide to safe automation adoption
• Why automation is key to personal and organizational maturity
• What security certifications to look for in endpoint management tools

The IT Admin's Guide to Safe Automation

Join us as we dive into the results of the fourth annual State of Cloud-Native Security Report, commissioned by Palo Alto Networks. This study, which surveyed more than 2,800 cloud security professionals across ten countries, sheds light on the challenges organizations face and the strategies they employ to navigate the complexities of cloud security and AI risks.In this on-demand webinar, Stephen Giguere, Security Advocate at Prisma Cloud, covers the latest trends and insights shaping the future of cloud-native security:
• Although nearly half of organizations know about security risks associated with AI-generated code, 100% of respondents embraced AI-assisted application development.
• 47% of security professionals anticipate AI-driven supply chain attacks.
• 64% of organizations reported a substantial increase in data breaches.

Why you should watch:
• Gain valuable insights into the current cloud-native security landscape and industry trends.
• Explore the need for better risk prioritization in today's intricate cloud ecosystem.
• Address critical concerns surrounding AI-generated code, unmanaged APIs and the expansion of the attack surface.
• Learn actionable steps organizations take to secure data and rapidly deploy applications.
• Discover strategies for bridging the gap between security and development teams.
• Enhance readiness for AI-related security risks and integrate solutions into operational frameworks.

The State of Cloud-Native Security 2024

Understanding your cloud security posture does not necessarily mean understanding your data posture. Organizations adopting a Cloud-Native Application Protection Platform (CNAPP) to protect cloud-native applications are at risk of leaving data assets exposed. One such risk is shadow data resulting from dynamic changes to data pipelines and services across cloud service providers (CSPs) creating hidden repositories where the data is unknown, undiscovered, or unidentified. Due to the complexity of securing multicloud environments, this can pose significant security gaps leaving cloud teams in the lurch.

In this session, Terry Ray, SVP and Imperva Fellow, and Krishna Ksheerabdhi, VP of Product Marketing, Thales Data Security will discuss how organizations are overcoming these blind spots by effectively leveraging in-depth observability, meaningful analytics, and solid data protection practices to reduce data risk from information that drives business growth.

Join to learn:
• How the rapid growth of cloud-native applications is creating shadow data 
• Why CNAPP falls short for data security, posture, and sensitive data management 
• What challenges do organizations face in gaining complete visibility and control across on-premises and multicloud platforms
• How organizations are leveraging a data-centric approach to protect data at scale

Reining in Shadow Data: Move Beyond CNAPP

In today's generative AI landscape, traditional security techniques fall short in protecting modern AI applications. Cybersecurity teams need to understand the OWASP Top 10 threats specific to LLMs to effectively mitigate AI and data risks. While LLM Firewalls play a crucial role in protection, they are not sufficient on their own to address these threats. The rapid adoption of generative AI, coupled with the rise of shadow AI, use of sensitive data, unknown vulnerabilities, and emerging threats, presents significant security, privacy, and compliance risks.

Join our in-depth webinar to explore the top 5 AI security steps recommended to bolster your GenAI defenses. We will cover:
• Understanding AI and Data Security Challenges: Delve into shadow AI, OWASP Top 10 threats for LLMs, data mapping, and sensitive data exposure risks.
• Implementing LLM Firewalls: Learn to protect your prompts, data retrieval, and responses from attacks.
• Enforcing Data Entitlements: Discover how to prevent unauthorized data access in GenAI applications.
• Enforcing Inline Enterprise Controls: Find out how to safeguard sensitive data during model training, tuning, and RAG (Retrieval Augmented Generation).
• Automating Compliance: Streamline your adherence to emerging data and AI regulations.

Top 5 Steps to Mitigate OWASP Top 10 Threats

The data security dilemma needs to be addressed. Despite a ballooning cybersecurity spend of over $183 billion dollars in 2023, breaches increased by a staggering 78% in the same year. Threat actors increasingly take advantage of the misalignment between security and usability that companies are trying to balance with their data. Legacy solutions using access control and dynamic masking have not kept up with the advancements of our data and AI workloads. Finding a balance between data consumption and security risk is possible, and can deliver significant value. 

Join this webinar to hear about:
• Understand the interplay between data risk and consumption to deliver business value and improve your data security posture.
• Re-examine the role access control and dynamic masking solutions play in your data security strategy.
• Uncover new areas of opportunity to apply a risk-based consumption model into your organization.
Translate a zero-trust data segmentation model into business value and achievable dollar savings.
• Drastically reduce your data’s attack surface, risk of breach, double extortion, third party supply chain, and cloud & AI workload exposure.

A Data Security Dilemma: The Misperception of Data Protection in Cybersecurity

The rapid adoption of Generative AI (GenAI) is transforming industries, but it brings significant security challenges, especially with the rise of shadow AI. Rather than block GenAI usage, security teams need to implement robust guardrails to enable safe LLM adoption.

Join our expert-led webinar to explore:
• Shadow AI Risks: Understand and mitigate the dangers of unsanctioned GenAI usage.
• OWASP Top 10 for LLMs: Learn how to address emerging threats to data and AI security.
• Copilot Rollout Failures: Analyze examples of rollout failures and how to manage data entitlement risks.
• LLM Firewalls: Discover why these are insufficient alone and what additional measures are needed.
• Security Guardrails: Best practices for securely moving GenAI projects from lab to production.

This webinar is a must-attend for cybersecurity teams aiming to stay ahead to ensure safe GenAI adoption. Register now to learn how to transform from a reactive to proactive GenAI security approach.

From Shadow AI to Secure GenAI: Building Guardrails for Safe Adoption

Shadow AI

OWASP

LLMs

LLM Firewall

Data Security

GenAI

Compliance

Risk Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

From Shadow AI to Secure GenAI: Building Guardrails for Safe Adoption

Presented by

About this talk

More from this channel