PART 1: Leadership Panel: How CISOs Are Tackling Today’s Greatest Cloud Security Challenges

This panel of CISOs will discuss issues ranging from security and compliance concerns to data integrity and visibility and the need for the right security expertise to manage cloud environments.

Moderator: Dan Glass, CISO at large

Panelists: Mandy Andress, CISO, Elastic, Russell Eubanks, Principal Instructor and Managing Partner, SANS and Cyverity, and Shawn Harris, Deputy CISO, Chipotle

Session 1: Thinking Outside the Cloud: Preventing Cloud Compromise by Focusing On-Premises

Many cloud security professionals have a baseline knowledge of the biggest risks to their cloud environments. However, it's often that the weak point of many cloud environments lies in the integration with on-premise infrastructure. This talk will explore Mandiant incident response examples that cover how these integrations have exposed organizations to new threats in the cloud.

Speakers: Will Silverstone, Principal Consultant, Mandiant, Google Cloud and Ashik Saji, Security Manager, Mandiant, Google Cloud

Session 2: Fortifying Government Data: Microsoft GCC and GCCH Security Essentials

Discover how Microsoft GCC and GCCH environments provide advanced security and compliance features tailored for government organizations. Learn about data residency, advanced threat protection, and privileged access management to meet stringent US compliance standards.

Speaker: John Christly, Senior Cybersecurity Consultant, Xantrion

Session 3: Persisting Unseen: Attacker Methods of Infesting Entra ID

What comes after Global Admin? Besides impact, attackers with access want to keep it as long as possible! This talk highlights techniques for privileged persistence within Azure's Entra ID. We'll cover real-world and novel methods to manipulate MFA, applications, and role assignments to stay sneaky. Join us for a look at these methods, how to detect them, and steps to defend against them.

Speaker: Katie Knowles, Security Researcher, Datadog

GIAC and ISC2 members can earn CPE credits for attending this virtual seminar live.

This virtual seminar is sponsored by Wiz. Wiz is a cloud security company, founded in 2020. Organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, OCI, Alibaba Cloud and Kubernetes so they can build faster and more securely. Gain unmatched visibility, accurate prioritization and business agility.