Date: March 28, 2023
Time: 9:30 PM MYT | 7:00 PM IST | 8:30 AM EST
Topic: Monitoring Threats in All Types of Cloud Environments
Abstract: As cloud adoption rapidly expands, organizations face many security threats that can compromise their cloud infrastructure and data. Therefore, companies must have effective threat-monitoring tools and strategies to safeguard their cloud environment, but this is easier said than done. The need for a stringent threat monitoring policy puts an additional burden on security teams to manage access and privileges.
Most threats related to cloud assets fall under identity and access management, privileged accounts, third-party vendors, etc. Therefore, monitoring infrastructure and objects in the cloud is a critical and continuous process involving various tools, suites, and automation capabilities to enhance visibility.
The current webinar aims to help participants understand the risks related to cloud storage and operations as well as strategies for a comprehensive framework for monitoring and detecting insider and external threats. The webinar also discusses the recommended telemetry for automating threat detection processes and continuous cloud environment monitoring.
Key takeaways:
- common threats associated with cloud storage, infrastructure, and applications
- recommended telemetry to monitor threats
- recommendations around threat monitoring for cloud infrastructure, identities, and objects
- adjusting threat detection capabilities in line with the shared responsibility model
- developing threat detection and monitoring framework for SaaS, PaaS, and IaaS
- incorporating a zero-trust model to improve the security posture
Speakers:
Kayzad Vanskuiwalla, Director – Threat Hunting & Intelligence, Securonix.
Bio: Kayzad is a Director for Threat Hunting and Intelligence with Securonix. He has over 9 years of experience in automating the detection of advanced scenarios in cyber and insider threats, with a key focus on cloud infrastructure. He has worked across various specialized verticals
for different Fortune 100 customers across the globe. Kayzad’s specialty is identifying control gaps and recommending solutions to help prioritize threat scenarios with a combination of known bad IOCs and unknown TTPs referencing frameworks like MITRE. An alumnus of George Mason University, Kayzad is extremely passionate about cybersecurity and has a master’s degree in computer science with a core focus on information security and assurance. He constantly strives to keep learning and is certified with ISC2’s CISSP, CCSP, ISACA’s CISM, and CRISC.
Kunal Sehgal, Director, Security Decoded
Bio: Kunal Sehgal has been a cyber-evangelist for over 15 years and is an untiring advocate of cyber threat intelligence sharing. He encourages cyber-defenders to work together by maintaining a strong camaraderie across public and private organizations, spanning sectorial and geographical barriers. He is not only actively connected with various communities in Asia but also regularly shares credible intelligence with law enforcement agencies worldwide. These efforts have helped organizations protect themselves against cyberthreats and helped sectors become more resilient.
In his professional capacity, Kunal has worked on setting up two information sharing and analysis centers in Singapore to serve the APAC Region. He has also worked with all major National CERTs, regulators, and other government bodies in Asia, to strengthen intelligence networks for combating cybercrime. Currently, he provides virtual CISO services focusing on the SME sector. In 2018, Kunal was part of a global working group chaired by the GFCE to make policy-related recommendations to a panel of 90+ member countries.
Kunal invests his non-working hours researching, blogging, and presenting at cyber events across Asia. He has earned 17 certifications/degrees, has co-authored two whitepapers, and is the official reviewer of five published books, all in the cyber realm. His latest book on cyber blue team strategies is set to be published in February 2023.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)