Cloud Security Melbourne schedule

• The importance of OT security in a cloud heavy domain: How OT system risks have evolved and how do you determine OT risk levels?
• Safeguarding IoT devices in OT systems: Current OT threats and the corresponding security challenges
• OT security adaptability and continuous security maintenance

The paradox of cloud migration and repatriation represents a dual challenge faced by organisations in their cloud adoption journey. While cloud migration offers scalability, flexibility, and cost-efficiency, some enterprises encounter unanticipated complexities or limitations that prompt repatriation—moving applications or data back from the cloud to on-premises or alternate cloud providers. This paradox highlights the tension between the promises of the cloud and the realities of implementation. Factors such as cost overruns, security concerns, compliance issues, data governance challenges, or performance variations can trigger the need for repatriation. Striking the right balance between the benefits of cloud migration and the potential complexities requiring repatriation involves careful planning, evaluating the suitability of workloads for the cloud, and maintaining flexibility to adapt to evolving business needs and technological advancements.

This presentation explores the fundamentals of cloud security in the context of evolving trends. It delves into the shared responsibility model in provider-managed cloud environments, the importance of following provider best practices, and the dynamic and agile nature of cloud security. The discussion extends to the challenges of managing log volumes, detecting DDoS events, and the hidden costs in cloud environments. The presentation emphasizes the need for security to be integrated into CloudOps, following the principles of DevSecOps for efficient and secure delivery of applications and services.

Cloud attacks are fast. After finding an exploitable asset, malicious actors need less than 10 minutes to execute an attack. While preventive controls are common in cloud environments, no organization can stay safe without a threat detection and response program for addressing zero-day exploits, insider threats, and other malicious behaviour. Join our session to explore a new approach to staying ahead of the evolving threat landscape. Discover how to acknowledge the realities of modern attacks, identify areas for improvement, and advance your cloud security programs.

• Exploring the typical cloud-based DoS attacks and how to prevent them
• Real-life examples of what happens and strategies to successfully deal of those incidents
• Lessons learned – what to do and what to avoid 

Avi Shua is the Chief Innovation Officer & Co-Founder of Orca Security, a leading Cloud Security platform. Prior to co-founding Orca Security, he was the chief technologist at Check Point Software Technologies and held key positions within Unit 8200, the Israeli equivalent of the NSA. In this session, Avi will share his real-life experiences about cloud breaches and what are the key principles we should adhere to in order to reduce the chances of becoming subject to one.

• The Importance of Hybrid and Multi-Cloud Environments - Need of the hour  
• How to get best of two worlds’ (On premise and Public/private Cloud)
• How to optimally manager hybrid and multi-cloud environments - Automate and Orchestrate
• Orchestrate for Cloud security
• Avail benefits from various automation tools
• Money Matters!
• Aim High - Aim Autonomous 

Discover the new operating model for cloud security and explore the need for a modern, dynamic security strategy that utilizes runtime insights and build-time intelligence to increase productivity and collaboration for your Dev, Sec and Ops teams. Learn how end-to-end context can cut up to 95% of alert noise, give you highly accurate risk prioritization and stop threats in real time.

• What are the biggest cyber threats in the Cloud?
• How can you prepare to prevent and mitigate those threats in a cloud environment?
• Do you have any suggestions or stories to share on strategies to respond to incidents
• What capabilities are required to ensure the security of the Cloud?

Panel moderator:

Gaurav Vikash, Head of Security and Risk – APAC, Axon

Panellists:

Raymond Schippers, Security Engineering Director – Detection & Response, Canva

Ad Wolst, Head of Cyber Security Engineering & Platform Services, Bupa

Richard Magalad, Chair of Cloud Branch, Australian InfoSec Association

Rati Rani Mehrotra, Senior Security Expert, Telstra

Daniel Kelangi, Senior Solutions Expert, Telstra

• Cloud-specific Attack Vectors: Explore some unique vulnerabilities inherent in cloud platforms and services that attackers leverage to infiltrate organisations
• Incident Response Lessons: Analyse incidents where proactive detection and swift response prevented significant data breaches or service disruptions
• Detection and Response Strategies: Learn practical strategies and tactics employed by SOCs to assess for vulnerabilities detect, mitigate, and respond to cloud-based threats effectively
• By dissecting these attack paths and lessons learned, this session aims to empower security professionals, IT leaders, and decision-makers with actionable insights to fortify their cloud security posture and mitigate risks effectively

How can enterprises assess their cybersecurity readiness? Breach and attack simulation can help organisations to uncover gaps in the cybersecurity posture and enhance overall cybersecurity outcomes. This presentation discusses the importance of breach and attack simulation and how it can be used to close gaps rapidly.

• How are you planning to comply with the significantly updated PSPF, ISM and Essential 8 requirements?
• Undertaking the cloud journey: How far should you be and what goals should you be achieving?
• The plan for the next one year: Plot your timeline

Panel moderator:

Sandeep Taileng, CISO, State Trustees VIC

Panellists:

Mathew Hema, Head of Data, Digital and Technology, Independent Schools Victoria

Zachary Sims, Principal Security Engineer, Canva

Vikas Goyal, DevSecOps & Cloud Security, Kmart

Dominik Pietrzykowski, Former Lead Cloud Migration Architect, ANZ