Final Week: Get an iPad (32 G), Galaxy Tab A, or Take $250 Off OnDemand Training - Ends Jan 27


To attend this webcast, login to your SANS Account or create your Account.

BIPOC in Cybersecurity Forum: Cloud Security

  • Thursday, February 18, 2021 | 8:00 am - 2:00 pm PSTThursday, February 18, 2021 at 10:00 AM EST (2021-02-18 15:00:00 UTC)
  • Frank Kim, AJ Yawn, Carlos O'Neil, Jerich Beason, Shinesa Cambric, Vidya Gopalakrishnan, William Tate

You can now attend the webcast using your mobile device!



Skilled cloud security professionals are in demand as organizations of all types become increasingly cloud-based. Emerging opportunities offer great possibilities for cybersecurity practitioners from underrepresented minority groups.

This free, virtual event, hosted by the SANS Diversity, Equity, and Inclusion Task Force, is open to the whole community.

Talks and panels will explore topics related to:

  • Public Cloud Security: AWS, Azure and GCP
  • Cloud Native Security - Containers and Kubernetes Security
  • Containerization and Orchestration exploits
  • Securing modern Cloud and DevOps environments
  • Cloud Security Monitoring and Threat Hunting
  • Cloud Security Architecture and Operations
  • Cloud Penetration Testing & Incident Response

All SANS events strive to provide content based on real-world experience with actionable lessons you can use as soon as you get back to work.

White Space


8:00-8:15am PST - Welcome & Opening Remarks

Frank Kim, Forum Chair, SANS Institute

Dennis Scandrett, Chair - Diversity, Equity, and Inclusion Task Force, SANS Institute

White Space

8:15-8:50am PST - Keynote

MK Palmore

White Space

8:50-9:30am PST - Panel

White Space

9:30-9:40am PST - Break

White Space

9:40-10:15am PST - Simplifying and Demystifying Security in the Cloud

Jerich Beason, Chief Information Security Officer, Epiq

Cloud security is foreign to some and it can be scary when your employer assigns you the task of securing a new or existing cloud environment. This talk will tackle basic cloud security principles that will mitigate the majority of threats in the cloud. We will cover the benefits and drawbacks of security in an on premise or data center environment vs security in a public cloud. At the end of the session, whether you are a novice or experienced in the cloud, you will have some practical takeaways that will assist in you and your organization's cloud security journey.

White Space

10:15-10:50am PST - Automating Security on AWS

AJ Yawn, Co-Founder and CEO at ByteChek, Founding Board Member of the National Association of Black Compliance and Risk Management Professional (NABCRMP)

Cloud security is tough to get right, the threats are endless and it's easy for users to make mistakes that can cause significant breaches. This is why it's important for cloud security professionals to understand how they can implement automated, event-driven security controls in the cloud to reduce these risks. In this talk, we will discuss some of the options available to cloud security professionals to automate security on AWS and we will spend time in the AWS console and AWS CLI walking through how to automate three common risks in the cloud - S3 public buckets, S3 bucket encryption, and enforcing multi-factor authentication for each user.

White Space

10:50-11:00am PST - Break

White Space

11:00-11:35am PST - Identity-In-Depth: Leveraging Native Tools and a Multi-Layered Approach to Secure Cloud Identity

Shinesa Cambric @gleauxbalsecur1, Identity Governance and Compliance Architect

As companies expand their cloud footprint and leverage more cloud services out of necessity, digital identity becomes the true perimeter and key to protecting an organization's assets. Cloud environments offer multiple layers for identity management and controls and understanding privileges can be a challenge for many - possibly leaving an open door for attackers. Join the discussion to learn more about some of the native tools and processes available in cloud systems to manage and enable a defense-in-depth strategy with identity.

White Space

11:35am-12:10pm PST - Shifting Left: How to Prepare your Security Team for the Cloud

Carlos O'Neil @ether_geek, Technical Information Security Officer - Cloud, Invesco

Rapid cloud adoption requires security teams to extend their controls to the cloud and many teams are discovering that the classic model of Information Security doesn't apply completely to the cloud. We'll discuss the challenges that come with cloud adoption and discuss suggestions on how to enable teams to be more agile in the cloud and leverage native and non-native tools to enhance security.

White Space

12:10-12:20pm PST - Break

White Space

12:20-12:55pm PST - To be announced

White Space

12:55-1:30pm PST - "Mindmap" your way into the Cloud: A framework for hunting in AWS and GCP

Vidya Gopalakrishnan, Security Engineer, Palo Alto Networks

Threat hunting is a deliberate effort to proactively search through data in order to detect threats that have evaded otherwise predictable security alerts or detections. The subset of logs that we don't generally care about could serve as major treasure troves to perform rewarding hunts. When it comes to the cloud, the AWS and GCP MITRE ATT&CK Matrix give us a good starting point on how to approach each of the cloud-specific attacker Techniques, Tactics and Procedures (TTPs). However, which of these listed tactics should we care about for hunting ? How do these TTPs translate in terms of actual logsets like AWS Cloudtrail or GCP Stackdriver? This presentation will present to the audience a mind-map for threat hunting in AWS and GCP environments. More specifically, this mind-map would translate Cloud ATT&CK TTPs to specific patterns to look for in these 2 logsets: 1. AWS Cloudtrail and 2. GCP Stackdriver. The presentation will also take the audience through how the mind-map is applied to hunt for 2 specific example use-cases focused on GCP and AWS.

White Space

1:30-2:05pm PST - William Tate, US AWS Technology Leader, PwC

White Space

2:05-2:15pm PST - Closing Remarks

White Space

White Space

White Space

Speaker Bios

Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation. Learn more about Frank here.

AJ Yawn

AJ Yawn is Co-Founder and CEO at ByteChek. He is also a Founding Board Member of the National Association of Black Compliance and Risk Management Professionals (NABCRMP). Connect with him at

Carlos O'Neil

Carlos O'Neil @ether_geek is Technical Information Security Officer – Cloud for Invesco. He is a self-described cloud computing nerd with a passion for using cloud technologies to elevate small businesses.

Jerich Beason

Jerich Beason is a Security hobbyist turned professional who holds Bachelors and Masters degrees in Cyber Security. He has served in progressive roles at some of the most respected companies within the cyber security indistry including Lockheed Martin, RSA and Deloitte where he was a trusted advisor to executives within the government and fortune 500 organizations. Jerich advised these companies on cyber security strategy, architecture and program development. In his previous role at AECOM, he was responsible for security architecture, risk management, compliance, and the overall security strategy. At Epiq, Jerich serves as Sr. Vice President and Chief Information Security officer where he leads the Global enterprise and Product Security organizations. 

Shinesa Cambric

Shinesa Cambric (CISSP, CISA, CIAM), is an IT Security Architect and Sr. Manager with strategic expertise in the technical design and implementation of employee identity/access and privileged access. Her experience includes architecting identity integration with cloud based platforms, developing tools and strategies for Business-Critical ERP systems, building insider threat programs, and providing unique subject matter expertise on the intersection of governance, risk, and compliance with security and development. As a BIPOC woman in technology, Shinesa actively works to inspire a positive shift toward greater diversity and inclusion in the cybersecurity and cloud industry through empowering and mentoring women in tech. She currently serves as a member of the operational board for non-profit group CloudGirls (, on the Dallas leadership board for International Association of Women ( and as an advisor on the SecureWorld Dallas. Shinesa is an active member of several organizations, including Women's Society of CyberJutsu, ISACA, ISC2, AnitaB, Women in Cyber Security (WiCyS), Information Systems Security Association (ISSA) , International Association of Privacy Professionals (IAPP), Women's Cyber Security Society, Executive Women's Forum and the Identity Management Institute.

Vidya Gopalakrishnan

Vidya Gopalakrishnan is a Security Engineer with the Palo Alto Networks Security Operations Center. She leads the threat hunting program within the Palo Alto Networks SOC and is responsible for running structured hunting operations within the team. This includes developing custom use cases to continually hunt for in the wild, using Palo Alto Networks products. She has three years of experience working in SOC/Blue Team Operation roles and holds a Masters degree in Information Security from Carnegie Mellon specializing in Incident Response and Computer Forensics.

William Tate

William Tate is the U.S. AWS Technology leader, focused on clients within the industrial products and services industry. He is a hands-on architect with over 25 years of global experience delivering a wide range of strategic and operational solutions, including advising clients on cloud transformation, cloud platform engineering, cybersecurity strategies, technology risk,  financial optimization and application modernization efforts.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.