About this Talk
Large organisations are keen to find a way to implement a variety of CNAPP, CSPM and security operations tools to structure the chaos around their cloud estates. But the cost of implementation, the complexity of managing the tools and making informed decisions varies wildly from one organisation to the next. The diverse skillsets are sometimes also a challenge that requires tackling deep into the lifecycle of your cloud adoption journey. This is also not always due to a lack of security engineering or architecture skills, but a direct by-product of the nature of tools and the cloud.
In this talk, we'll dig deeper into:
- why Cloud Security matters to me, and why the way we measure success might be broken - the scope and scale of security tools and the state of the market
- what terms like CNAPP, CSPM, DSPM and CWPP really mean
- the "purpose" security engineering and operations teams
- what a sensible remediation loop should look like and why sustainable success matters so much
- building Cloud Security roadmaps and feedback loops
- a short philosophical discussion where we must imagine Sisyphus happy