Learn practical cyber security skills during SANS 2021 - Live Online. Choose from 30+ courses and three types of NetWars!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Cloud Security: Defense in Detail if Not in Depth. Part 2: Changes Make the Cloud More Secure, but Is InfoSec Changing Even More?

  • Thursday, November 02, 2017 at 1:00 PM EDT (2017-11-02 17:00:00 UTC)
  • Nicolas Fischbach, Eric Boerger, Dave Shackleford


  • BMC Software, Inc.
  • Forcepoint LLC
  • Mcafee LLC
  • Qualys

You can now attend the webcast using your mobile device!



This is the second installment of a two-part webcast exploring the security of cloud-computing services and platforms, and how effective they've been in helping IT security reduce organizations' exposure to the threat environment of the cloud. In Part 1, held on Wednesday, November 1 at 1:00 p.m. Eastern, attendees will learn about the survey results, with special emphasis on breach history and the top threats and challenges associated with cloud environments. Click here to register for Part 1.

The 2016 SANS Cloud Security Survey showed that 70% of companies planned to use public cloud platforms for computing services, but 62% said their No. 1 security concern is that unauthorized users would have access to sensitive data on those platforms.

Organizations facing the enormous, dynamic threat environment of the cloud have responded with perimeter controls and cloud-based security. But they've also made enormous organizational changes to reduce their exposure and shorten their response times. Many have adopted the rapid development and automated testing of DevOps into both their development and implementation workflows. Others have expanded their vulnerability scanning, incident response, threat intelligence and continuous monitoring efforts to try to catch intruders more quickly and eliminate weaknesses before they become points of attack. 

Those changes are a challenge even for established security organizations. It will take changes in organization, attitude, training and spending before IT security can consistently and reliably extend security to every workload, pool of data or hybrid cloud their organizations reach.

Register for this webcast to learn how and where cloud security has changed from 2016. Attendees will explore the following:

  • Available controls and their effectiveness for deployment to secure sensitive information in the cloud
  • New capabilities InfoSec professionals need to improve security of cloud applications

Register for this webcast to hear SANS cloud security guru Dave Shackleford discuss the results of the 2017 SANS Cloud Security Survey, the lengths to which InfoSec has already gone to try to secure the cloud and the changes it is going through to try to make those changes stick. You'll also be among the first with access to the associated results paper, including analysis of how quickly the cloud security market is maturing and how far it still has to go.

View the associated whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Eric Boerger

Eric Boerger is an Enterprise Technology Specialist at McAfee, focused on helping organizations secure public and hybrid clouds. He spends his time designing cloud security solutions using McAfee technologies, educating customers on the challenges and capabilities of security in a hybrid deployment model, and working with customers to review AWS/Azure/public cloud implementations to identify gaps in security coverage.

Nicolas Fischbach

Nicolas (Nico) Fischbach is leading Forcepoint's cloud-first transformation as the CTO for the company's cloud security business, where he oversees technical direction and innovation. Nico is a recognized authority on service provider security as well as on next-generation network and cloud architectures, holding a master's degree in networking and distributed computing from Pierre and Marie Curie University, a master's degree in computer science from Institute of Information Technology and a bachelor's degree in computer science from the Robert Schulman University Institute of Technology. He also sits on the advisory board of Versa Networks and is a member of The Honeynet Project, a research organization dedicated to internet security.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.