Build crucial cyber security skills through interactive training during SANS Cyber Security Mountain 2021. Save $150 thru 6/30.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

BIPOC in Cybersecurity Forum: Cloud Security

  • Thursday, February 18, 2021 | 8:00 am - 2:00 pm PSTThursday, February 18, 2021 at 11:00 AM EST (2021-02-18 16:00:00 UTC)
  • Frank Kim, AJ Yawn, Carlos O'Neil, Christina Morillo, Dominique West, Jerich Beason, MK Palmore, Shinesa Cambric, Vidya Gopalakrishnan, William Tate, Zeanique L. Barber

You can now attend the webcast using your mobile device!



Skilled cloud security professionals are in demand as organizations of all types become increasingly cloud-based. Emerging opportunities offer great possibilities for cybersecurity practitioners from underrepresented minority groups.

This free, virtual event, hosted by the SANS Diversity, Equity, and Inclusion Task Force, is open to the whole community.

Talks and panels will explore topics related to:

  • Public Cloud Security: AWS, Azure and GCP
  • Cloud Native Security - Containers and Kubernetes Security
  • Containerization and Orchestration exploits
  • Securing modern Cloud and DevOps environments
  • Cloud Security Monitoring and Threat Hunting
  • Cloud Security Architecture and Operations
  • Cloud Penetration Testing & Incident Response

All SANS events strive to provide content based on real-world experience with actionable lessons you can use as soon as you get back to work.

White Space


8:00-8:15am PST - Welcome & Opening Remarks

Frank Kim @frankkim, Forum Chair, SANS Institute

Dennis Scandrett, Forum Chair, SANS Institute - Diversity, Equity, and Inclusion Task Force, SANS Institute

White Space

8:15-8:50am PST - Keynote

MK Palmore @mk_palmore, VP, Field Chief Security Officer (Americas), Palo Alto Networks

White Space

8:50-9:30am PST - Panel: Cloud Security: Now and Next

Moderator: Emmett Childress Jr., Managing Partner, Solutions Architect, Approximare


Cierra Jernigan @CierraJernigan, Information Technology Recruiter, Eliassen Group

Christina Morillo @divinetechygirl, Sr. Security Product Manager, Security Engineering, Marqeta Inc.

Tameika Reed, Senior Infrastructure Engineer, Expansia

Dominique West, Technical Account Manager, Data Dog; Atlanta Chapter Lead, Women's Society of Cyberjutsu (WSC)

This panel of cloud security practitioners will discuss the challenges of securing modern cloud and dev ops environments. They'll also cover security monitoring and threat hunting in the cloud.

White Space

9:30-9:40am PST - Break

White Space

9:40-10:15am PST - Simplifying and Demystifying Security in the Cloud

Jerich Beason, Chief Information Security Officer, Epiq

Cloud security is foreign to some and it can be scary when your employer assigns you the task of securing a new or existing cloud environment. This talk will tackle basic cloud security principles that will mitigate the majority of threats in the cloud. We will cover the benefits and drawbacks of security in an on premise or data center environment vs security in a public cloud. At the end of the session, whether you are a novice or experienced in the cloud, you will have some practical takeaways that will assist in you and your organization's cloud security journey.

White Space

10:15-10:50am PST - Automating Security on AWS

AJ Yawn @AJYawn, Co-Founder and CEO at ByteChek, Founding Board Member of the National Association of Black Compliance and Risk Management Professional (NABCRMP)

Cloud security is tough to get right, the threats are endless and it's easy for users to make mistakes that can cause significant breaches. This is why it's important for cloud security professionals to understand how they can implement automated, event-driven security controls in the cloud to reduce these risks. In this talk, we will discuss some of the options available to cloud security professionals to automate security on AWS and we will spend time in the AWS console and AWS CLI walking through how to automate three common risks in the cloud - S3 public buckets, S3 bucket encryption, and enforcing multi-factor authentication for each user.

White Space

10:50-11:00am PST - Break

White Space

11:00-11:35am PST - Identity-In-Depth: Leveraging Native Tools and a Multi-Layered Approach to Secure Cloud Identity

Shinesa Cambric @gleauxbalsecur1, Identity Governance and Compliance Architect

As companies expand their cloud footprint and leverage more cloud services out of necessity, digital identity becomes the true perimeter and key to protecting an organization's assets. Cloud environments offer multiple layers for identity management and controls and understanding privileges can be a challenge for many - possibly leaving an open door for attackers. Join the discussion to learn more about some of the native tools and processes available in cloud systems to manage and enable a defense-in-depth strategy with identity.

White Space

11:35am-12:10pm PST - Shifting Left: How to Prepare your Security Team for the Cloud

Carlos O'Neil @ether_geek, Technical Information Security Officer - Cloud, Invesco

Rapid cloud adoption requires security teams to extend their controls to the cloud and many teams are discovering that the classic model of Information Security doesn't apply completely to the cloud. We'll discuss the challenges that come with cloud adoption and discuss suggestions on how to enable teams to be more agile in the cloud and leverage native and non-native tools to enhance security.

White Space

12:10-12:20pm PST - Break

White Space

12:20-12:55pm PST - Emerging Cybersecurity Concerns Amidst a Pandemic - Data Architecture Solutions that Keep Business Applications and Business Systems Safe

Zeanique L. Barber @ZLBusinessTech, VP of Health & Public Sector, Gerent LLC.

Now more than ever, organizations must architect end to end data security systems, while meeting data consumers' need to have data available dynamically and quickly. Big data sets flowing in and out of systems, in an organization's environment, can increase the likelihood of cyber attacks. A mindful, and comprehensive security approach to data is a strong defense against emerging cybersecurity concerns. In this session, we will explore emerging cybersecurity trends and how data security architecture best practices can be leverages as a defense against cyber attacks.

White Space

12:55-1:30pm PST - "Mindmap" your way into the Cloud: A framework for hunting in AWS and GCP

Vidya Gopalakrishnan @vidya_gkrishnan, Security Engineer, Palo Alto Networks

Threat hunting is a deliberate effort to proactively search through data in order to detect threats that have evaded otherwise predictable security alerts or detections. The subset of logs that we don't generally care about could serve as major treasure troves to perform rewarding hunts. When it comes to the cloud, the AWS and GCP MITRE ATT&CK Matrix give us a good starting point on how to approach each of the cloud-specific attacker Techniques, Tactics and Procedures (TTPs). However, which of these listed tactics should we care about for hunting ? How do these TTPs translate in terms of actual logsets like AWS Cloudtrail or GCP Stackdriver? This presentation will present to the audience a mind-map for threat hunting in AWS and GCP environments. More specifically, this mind-map would translate Cloud ATT&CK TTPs to specific patterns to look for in these 2 logsets: 1. AWS Cloudtrail and 2. GCP Stackdriver. The presentation will also take the audience through how the mind-map is applied to hunt for 2 specific example use-cases focused on GCP and AWS.

White Space

1:30-2:05pm PST - Threat Modeling to Mitigate Evolving Threats in a Hybrid Cloud Environment

William Tate, US AWS Technology Leader, PwC

Organizations have started to understand the benefits of cloud especially in recent times due to the pandemic and started to migrate some of their critical workloads to cloud. Business agility, speed to market of new products and new business mdoels are some of the reasons organizations are adopting cloud at faster pace. The speed of adoption conflicts with security of workloads and associated data and hence organizations need a focused approach to understand threats and develop mitigations. Mr. Tate recommends an approach that focuses on outside-in-perspective using customer journeys to identify crown jewels, their associated threats and needed controls. This presentation provides an overview of an approach to defining threat models in organizations adopting cloud to run their critical workloads.

White Space

2:05-2:15pm PST - Closing Remarks

White Space

White Space

Speaker Bios

Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation. Learn more about Frank here.

AJ Yawn

AJ Yawn is Co-Founder and CEO at ByteChek. He is also a Founding Board Member of the National Association of Black Compliance and Risk Management Professionals (NABCRMP). Connect with him at

Carlos O'Neil

Carlos O'Neil @ether_geek is Technical Information Security Officer – Cloud for Invesco. He is a self-described cloud computing nerd with a passion for using cloud technologies to elevate small businesses.

Christina Morillo

Christina Morillo is an information security, enterprise identity professional, and technical security product manager. Christina's experience across enterprise security and identity, insider threat, cloud identity and security programs & deployments, have taken her to companies like Morgan Stanley, Fitch Ratings, AllianceBernstein, Microsoft and currently Marqeta. She advocates for and is passionate about meeting people and companies where they are, and is also a proponent of making security practical, accessible and easy to digest (sometimes with the help of basketball analogies :). When she is not spending time with her family, or knee deep in her graduate studies, you can find her co-leading Women in Security and Privacy’s NYC chapter and supporting others in the tech & security community as an advisor and mentor.

Dominique West

Dominique West is currently a Senior Cloud Security Consultant for a multinational professional services and creator of the Security in Color cybersecurity podcast. Achieving her CISSP and Master’s degree in cybersecurity, Dominique is deeply passionate about cloud security & cyber awareness, with 8 years of experience in IT spanning risk, vulnerability, incident and response, cloud transformation & security across the commercial industries.

In addition to her professional endeavors she founded a platform,, that delivers top national and world cyber and cloud security news in a modern and digestible format via podcast format. Aimed at new and continuing cyber and cloud security professionals, Dominique aims to help the next generation of cybersecurity professionals succeed in the field. Additional, Dominique also leads the Atlanta chapter of the Women’s Society of Cyberjutsu, a nationwide non-profit with the aim of empowering women in the field of information security.

Jerich Beason

Jerich Beason is a Security hobbyist turned professional who holds Bachelors and Masters degrees in Cyber Security. He has served in progressive roles at some of the most respected companies within the cyber security indistry including Lockheed Martin, RSA and Deloitte where he was a trusted advisor to executives within the government and fortune 500 organizations. Jerich advised these companies on cyber security strategy, architecture and program development. In his previous role at AECOM, he was responsible for security architecture, risk management, compliance, and the overall security strategy. At Epiq, Jerich serves as Sr. Vice President and Chief Information Security officer where he leads the Global enterprise and Product Security organizations. 

MK Palmore

MK Palmore serves as VP, Field CSO (Americas) for Palo Alto Networks. His responsibilities include support of the initiatives headed up by the office of the global Chief Security Officer and providing thought leadership in the cybersecurity arena through both writing and speaking engagements. Prior to joining Palo Alto, Palmore served as the Head of the Cyber Security Branch for FBI San Francisco capping a career of public service spanning 32 years. His cybersecurity certifications include the CISM, CISSP, GCCC and the Carnegie Mellon CISO Certification. Palmore earned a BS from the US Naval Academy and an MBA from Pepperdine University where he currently serves as an adjunct instructor. He began his career as a commissioned officer in the US Marine Corps.

Shinesa Cambric

Shinesa Cambric (CISSP, CISA, CIAM), is an IT Security Architect and Sr. Manager with strategic expertise in the technical design and implementation of employee identity/access and privileged access. Her experience includes architecting identity integration with cloud based platforms, developing tools and strategies for Business-Critical ERP systems, building insider threat programs, and providing unique subject matter expertise on the intersection of governance, risk, and compliance with security and development. As a BIPOC woman in technology, Shinesa actively works to inspire a positive shift toward greater diversity and inclusion in the cybersecurity and cloud industry through empowering and mentoring women in tech. She currently serves as a member of the operational board for non-profit group CloudGirls (, on the Dallas leadership board for International Association of Women ( and as an advisor on the SecureWorld Dallas. Shinesa is an active member of several organizations, including Women's Society of CyberJutsu, ISACA, ISC2, AnitaB, Women in Cyber Security (WiCyS), Information Systems Security Association (ISSA) , International Association of Privacy Professionals (IAPP), Women's Cyber Security Society, Executive Women's Forum and the Identity Management Institute.

Vidya Gopalakrishnan

Vidya Gopalakrishnan is a Security Engineer with the Palo Alto Networks Security Operations Center. She leads the threat hunting program within the Palo Alto Networks SOC and is responsible for running structured hunting operations within the team. This includes developing custom use cases to continually hunt for in the wild, using Palo Alto Networks products. She has three years of experience working in SOC/Blue Team Operation roles and holds a Masters degree in Information Security from Carnegie Mellon specializing in Incident Response and Computer Forensics.

William Tate

William Tate is the U.S. AWS Technology leader, focused on clients within the industrial products and services industry. He is a hands-on architect with over 25 years of global experience delivering a wide range of strategic and operational solutions, including advising clients on cloud transformation, cloud platform engineering, cybersecurity strategies, technology risk,  financial optimization and application modernization efforts.

Zeanique L. Barber

Zeanique L. Barber serves as VP for Health & Public Sector for Gerent LLC., a University Professor and a continuing education facilitator on technology applications. Her  background includes architecting enterprise big data cloud business systems and applications. 

She gives back as a Board Member on Non-Profit Boards and through Zenith Latitude a social impact organization where she serves as a strategic partner and trusted adviser to provide customized solutions to communities and organizations who desire organization and technology strategy, tactical innovation, operational implementation and educational development. Professor Barber is a graduate of The Sybil C. Mobley School of Business and Industry at Florida A & M University.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.