- This event has passed so registration is closed.
Overview
In this session, Jose Hernandez from the Lacework Labs team will dissect the most pertinent cloud security attack trends and techniques of 2023. Delve into actionable insights, real-world metrics, and the current threat landscape as we equip your team with the latest knowledge and strategies.
This discussion will cover the following topics and more:
- Kubernetes attacks and abuses: The rise in complexity and vulnerabilities in deployment, and the resulting increased attacks and administrative plane abuses.
- Zenbleed impact: How Zenbleed affected cloud providers and how Lacework approaches this security concern.
- Cloud supply chain attacks: An examination of the JumpCloud APT case and its broader implications.
- CloudWizard APT: The use of OneDrive, Dropbox, and Google Drive as a C2 in the ongoing CloudWizard threat, including an analysis of its evolution.
Join us as we explore the rapidly changing world of cloud security and provide valuable insights, tools, and strategies to safeguard your organization against an increasingly sophisticated array of threats.
Moderator
Candy Alexander
Candy Alexander is an internationally recognized cybersecurity leader with over 35 years of experience driving strategic security initiatives for global organizations. As a strategic cybersecurity executive advisor, she not only specializes in helping organizations elevate their cyber risk management and responsible AI programs but also instills confidence in her clients with her ability to align these efforts to achieve business objectives.
Candy is a past President of ISSA International, where she served two terms as president of the global association and, 19 years of service as a Board Director, where she spearheaded the development of the Cyber Security Career Lifecycle. She also holds the distinction of being the founding President of the ISSA Education and Research Foundation. Notably, Candy played a pivotal role in establishing the annual ISSA/ESG research project on the State of the Cybersecurity Profession, a vital initiative to understand cybersecurity professionals’ global challenges.
Candy has received numerous awards of recognition, including #1 Security Executive issued by IFSEC, Top Women in IT Security – Cyber Veteran issued by SC Media and listed to the ISSA International Hall of Fame.
A sought-after speaker and media commentator, Candy is a trusted voice on cybersecurity trends, responsible AI implementations, and workforce development. Her commitment to advancing the field is evident in her extensive volunteer work, which includes current contributions to the various AI working groups.
Speaker/s
Jose Hernandez – Cloud Threat Researcher, Lacework
José is a Distinguished Cloud Threat Researcher at Lacework. Previously he founded and lead the Threat Research team at Splunk (STRT). He started his professional career at Prolexic Technologies (now Akamai), fighting DDoS attacks from “anonymous” and “lulzsec” against Fortune 100 companies. As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. Although security information has been the focus of his career, José has found that his true passion is in solving problems and creating solutions.
Recent On-Demand Web Conferences
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.