09-13, 11:45–12:15 (Europe/Stockholm), Main hall
It’s 2024, and Cloud Security is the same dumpster fire it’s always been. Fifteen years into running our critical workloads on “someone else’s computer,” we’re still making the same mistakes while our adversaries evolve. This talk will dissect several high-profile cloud breaches to discuss where the customer and the cloud providers went wrong. We’ll see how adversaries are changing and how cybercrime and geopolitics have lifted and shifted themselves into the cloud along with our legacy workloads.
With this information, we’ll find the common elements of these major incidents and discuss a universal threat model that applies to everyone in the cloud. Finally, I’ll cover how the cloud providers are letting their customers down and what you can do to protect yourself.
Chris Farris is an independent cloud security consultant. With an IT career spanning over 25 years, he has focused the last ten years on public cloud and public cloud security in media and entertainment, leveraging his expertise to build and evolve multiple cloud security programs.
Chris is passionate about enabling the broader security team's objectives of secure design, incident response, and vulnerability management. He has developed cloud security standards and training to provide risk-base