Cloud native computing is an approach in software development that utilizes cloud computing to "build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds." —Wikipedia
Cloud native environments have the potential to be more secure than ever before. But security teams must navigate across new teams, like DevOps, and learn the security requirements of groups they may have little to no visibility into. The good news is that, in this new territory, the familiar process of policy-setting is not only applicable, but also essential.
In this panel, we will discuss the security policies required for securing a cloud native environment. Our experts will each share three "must have" policies for cloud native environs and field your questions!
Eligible to receive 1 CPE credit.
Generously supported by:
 |
 |
 |
 |
Rory has worked in the Information and IT Security arena for the last 20 years in a variety of roles. These days he spends his work time on container and cloud native security as a Cloud Native Security Advocate for Aqua. He is an active member of the container security community having delivered presentations at a variety of IT and Information security conferences. He has also presented at major containerization conferences and is an author of the CIS Benchmarks for Docker and Kubernetes and main author of the Mastering Container Security training course which has been delivered at numerous industry conferences including Blackhat USA. When he's not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.
Merritt (Twitter: @MerrittBaer) is a Principal in the Office of the CISO at Amazon Web Services. Merritt provides technical cloud security guidance to complex, regulated organizations like the Fortune 100, and advises the leadership of AWS’ largest customers on security as a bottom line proposition. She also helps build strategic initiatives for how AWS secures itself, running on AWS.
Merritt has experience in all three branches of government and the private sector. Before Amazon, Merritt served as Lead Cyber Advisor to the Federal Communications Commission. She has also served at the US Department of Homeland Security, the Office of US Senator Michael Bennet, and the US Court of Appeals for the Armed Forces. Before joining the government, Merritt started a business advisory / legal practice, working with emerging tech companies.
Merritt speaks regularly on InfoSec, including cloud computing, artificial intelligence and machine learning, quantum computing, and the future of the internet. Her insights on business strategy and tech have been published in Forbes, The Baltimore Sun, The Daily Beast, LawFare, Talking Points Memo, and ThinkProgress. Her academic work has appeared in the journals of Temple, Georgetown, Santa Clara, UPenn, and UVA.
Merritt is a graduate of Harvard Law School and Harvard College. She is admitted to the Bars of New York, the United States Court of Appeals for the Armed Forces, and the United States Supreme Court. Based in Miami, FL, she has been a member of the Council on Foreign Relations, a National Security Fellow at the Center for New American Security, and a Cyber Fellow at the East-West Institute. She is founder of women's tech expert network Tech & Roses; Adjunct Professor of Cybersecurity at the University of Maryland; a mother, and an amateur boxer.
Antonia Dumas is an attorney at Beckage, a law firm focused only on technology, data security and privacy and providing 360 degree services including compliance, incident response and litigation. Her diverse experience gives her insight into daily operations and data processing activities across industries. She has a keen eye for identifying potential cybersecurity and data privacy vulnerabilities and once identified, applies practical solutions to mitigate risk. Antonia has a passion for understanding data and navigating the intersection between privacy, security and technology. She guides her clients in their compliance efforts to protect both business interests and consumers.
