We kicked off the summer hosting our first Cloud Security Summit with Microsoft at the Microsoft Technology Center that is based in Houston, Texas. It was a great event, and we covered a lot of topics during the half-day session, including a level set on how security is different (and the same) in the cloud versus on-premises, an overview by Microsoft on the security offerings and best practices for Microsoft Azure, and an in-depth case study presented by Slalom Consulting on how they secured an IoT analytics workload using the native capabilities in Microsoft Azure. Three of our most popular sessions included presentations on the latest threats presented by James Morrison, Computer Scientist at the FBI, plus Stephen Coty and Paul Fletcher, Security Evangelists at Alert Logic. You can find a copy of these presentations at the bottom of this post.
One of the key themes throughout the day was the importance of connecting with experts to help stay abreast of all the changes happening in the market on both the threat landscape side (e.g. changes in attack types) and on the tools and platform capabilities side (e.g. security capabilities in Azure and tools provided by companies like Microsoft and Alert Logic). There were a lot of side conversations and connections being made over lunch that we hope are sustained after the event. If you are looking to participate in a similar community, we would highly recommend joining your local InfraGard chapter, a non-profit organization. InfraGard’s partnership with the FBI helps foster information sharing between the FBI and private enterprises. Alert Logic also sends out a weekly threat report that describes recent attacks and what you can do to prevent them. You can sign up for that report here.
Looking to your peers can provide benefits beyond the security arena. Earlier this year, Forrester published a report that summarized cloud adoption trends across different company sizes and industries, and Microsoft has made this report available to you here. This covers a lot of great information, including how these organizations are using the public cloud and where they are making investments this year.
At Alert Logic, we see this every day in our interactions with our customers, partners, and our security operations team. In many cases, this is where a lot of the organizations get the value out of our partnership: they have someone they can call to ask questions about security architecture design, the current health of their environment, and what they need to do to ensure they are protected against the latest attacks that are making headlines in the news. Our analysts are GIAC-certified and can help you understand the similarities and differences in securing workloads that run in the cloud compared to your existing data center infrastructure. For example, many cloud platforms, including Microsoft Azure and AWS, use a shared responsibility model for security, meaning the organizations using the cloud platform are responsible for certain aspects of security, like Identity and Access Management, and there are certain controls and capabilities that are built into the cloud platform, like DDOS protection. You can read more about the Shared Security Model on Azure here and here.
Staying up to date on these topics is not going to get any easier. Microsoft is integrating new services and increasing capabilities of existing services at an impressive clip. During the 2017 Q3 earnings call, they shared the uptick in adoption of their PaaS services—which would include Azure SQL, or HDInsight—has been growing at triple digit rates! These services can make life easier for developers and application owners because Microsoft is managing the underlying infrastructure. However, security is still a shared responsibility.
We would love to talk to you about your current cloud initiatives and see if we can help ensure that you are protected from attacks as well as simplify your response to the latest threats. Our expertise and commitment to our customers is why Alert Logic ranks #1 for the second year in a row in The 451 Group’s Q4 2016 Voice of the Enterprise (VotE) Information Security Quarterly Advisory Report.
We are hosting our next Cloud Security Summit with Microsoft on August 9th in San Francisco. You can sign up for the Cloud Security Summit in San Francisco event here, and learn more about other summits here. We hope to see you soon.
Here are the links to the presentations presented at our Summit:
- Intro to Security in the Cloud | Mark Brooks, Vice President of Sales Engineering, Alert Logic
- Microsoft Azure Security Overview | Calvin Gorriaran, Solutions Architect, Microsoft Azure
- Protecting Against Web App Attacks | Stephen Coty, Chief Security Evangelist, Alert Logic
- Cyber Threats Today and Tomorrow | James Morrison, Computer Scientist, FBI
- Securing Big Data in Azure | Greg Peterson, Solutions Architect, Slalom Consulting
- Stories from the SOC | Paul Fletcher, Cloud Security Evangelist, Alert Logic