Rain, Hail, or Insider threat? A Risk-Based Approach to Cloud Threats

Logo
Presented by

Oliver Rochford | Kayzad Vanskuiwalla

About this talk

According to Verizon's Data Breach Investigations Report, 24% of breaches involve cloud assets. Many of the benefits that cloud services deliver to organizations, such as elastic scalability, and remote accessibility, act as a double-edged sword if abused. Compromised accounts, for example, can be misused, stolen admin credentials or elevated admin privileges can ultimately lead to sabotage, data loss, and exfiltration. A Forrester study shows that 25% of breaches resulted from internal incidents, and almost half of those were categorized as malicious. Insider threats have evolved, and organizations have more to consider than data leaving the organizations and privileged users. Join Oliver Rochford, Senior Director, Cybersecurity Evangelist, and Kayzad Vanskuiwalla, Director of Threat Hunting & Intelligence at Securonix, for this talk on risk-based threat monitoring in cloud environments to learn about: • The need for monitoring threats in the cloud. • How the insider threat is growing as a critical aspect to monitor. • How cloud controls can be abused, using AWS as an example. • Which real-world attacks exploited cloud controls. • How to detect cloud control misuse with UEBA, machine learning, and threat hunting. • What a cloud threat model could look like. Kayzad partners with our engineering, data science teams, and Fortune 500 customers to continuously assess and evolve our threat-detection, orchestration, and response capabilities. He brings in-depth practical experience researching cloud attack patterns and exploits to build playbooks and automate threat detection. Oliver has worked in cybersecurity for over twenty years, including as a penetration tester, consultant, researcher, and writer for Securityweek, CSO Online, and Dark Reading. As a Gartner industry analyst, he co-named the SOAR market and worked on the SIEM Magic Quadrant. At Securonix, he works with our users on security operations and threat management topics.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (37)
Subscribers (16955)
Securonix Next-Gen SIEM delivers threat detection and response powered by flexible, cloud-native advanced analytics. Follow this channel to learn from our security experts. They will discuss threat trends, detection techniques, and SecOps topics such as cloud security, insider threat, SIEM, UEBA, and SOAR.