The Long and Windy Road that leads to Cloud Native Security- Frederick Kautz, Sharecare
Abstract
Establishing and maintaining a Cloud Native Security policy is more than just installing tools and configuring Kubernetes. A solid security stance requires buy-in from the top leadership down to those implementing and using the system. Obtaining buy-in requires understanding the drivers that motivate Infosec’s governance, risk management, and compliance. In this talk, Frederick will discuss how information security programs are structured and how to engage with the organization effectively to establish a scalable Cloud Native Security program. Frederick will discuss topics such as: What is Infosec? How does Infosec interact with the rest of the organization? How do these interactions translate to the procedures we use to defend our systems? Where do these procedures even come from? How do we collaborate with Infosec to help improve the company’s security posture? How do we enlist Infosec as allies in our Cloud Native Journey? Finally, Frederick will discuss how to get involved with upstream communities which provide guidance, such as the CNCF Security TAG’s Security Controls Catalog.