Topic: Simplifying Security Compliance with Cloud Reference Implementations
Cloud technology is transforming commercial and government systems by providing cost-effective, near limitless scalability, and providing developers rapid and direct access to technology that is helping to transform startups into multi-billion dollar enterprises such as Pinterest, Dropbox, Box.net, and Netflix. Unlike the commercial sector that has been migrating to cloud technologies over the past 8 years, the government is just starting their cloud journey. Most federal, state, and IC organizations are accelerating their cloud migrations so they can obtain the cost savings and scalability that their commercial counterparts have been realizing for the past 6-7 years.
This cloud “revolution” is creating some concern within government compliance and security organizations that have invested significant amounts of time and resources on security processes that may be challenged by the pace of innovation that the cloud empowers. This may cause security organizations to rethink their existing policies to take advantage of the agility that a cloud powered enterprise enables. For the first time in IT history, developers can build and deploy cloud based infrastructures within minutes yet cannot go into production for months due to the time and manpower it takes to manually ATO systems. This is a big problem that security professionals need to address so that mission applications can deploy and keep up with our adversaries. Come learn how enterprise security organizations can use cloud technology to create standardized, repeatable, pre-vetted reference implementations. Utilizing these types of technologies will reduce enterprise risk, shorten ATO timeframes, support real-time continuous monitoring and strengthen the overall enterprise security posture. Discover why CIOs across the commercial and government sectors assert that their security posture is better in the cloud than within their traditional datacenters.
Speaker: Brett Miller
Amazon, Senior Consultant, World Wide Public Sector Professional Services
Brett Miller is an Amazon Web Services (AWS) Senior Consultant with the Security and Compliance Practice. Brett has been working closely with commercial, civilian and IC organizations to migrate their applications into the cloud and modernize their security practices using cloud technologies. Before AWS, Brett spent 14 years as a mission developer, network and security engineer and a cloud security SME. Brett spent 3 years with a government enterprise security organization and led the authoring and deployment of the IC shared 800-53 responsibility matrix that has been used to accredit several clouds within the intelligence community. Brett was also the primary security architect and accreditation advisor for several cloud platforms currently deployed within the government.
Developing and Connecting Cybersecurity Leaders Globally.
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.
The Baltimore Chapter is a local resource to be used by members and non-members alike.