#10 - Securing the Cloud

Understanding how to secure the cloud is a crucial piece of tradecraft that every CISO needs to understand.  This episode provides an in depth discussion of AWS's 7 design principles for securing the cloud:

1. Implement a strong identity foundation
2. Enable traceability
3. Apply security at all layers
4. Automate security best practices
5. Protect data in transit and rest
6. Keep people away from data
7. Prepare for security events

Please note the AWS Well-Architected Framework Security Design Principles can be found here: https://wa.aws.amazon.com/wat.pillar.security.en.html

Chapters

• 00:00 Introduction
• 02:33 Seven design principles for securing the cloud
• 04:17 Multi Factor Authentication (MFA)
• 05:59 How to prevent password guessing attacks on the cloud
• 08:19 How to limit access to your applications
• 11:05 How to enable traceability in your environment
• 13:15 The importance of cloud infrastructure
• 14:47 How to monitor security in the cloud
• 17:09 How to automate monitoring, alerting, and auditing
• 19:09 Configuring a strong identity foundation
• 20:52 How to have an effective real time view of what your developers have produced
• 22:48 How to automate your security best practices
• 26:42 How to protect your data in the cloud
• 28:36 How to limit access to your data
• 31:36 How to scan your APIs to protect your data
• 33:41 The importance of permissions in a data science environment
• 36:06 The importance of identity in cloud computing
• 41:30 Review of the 7 design principles for securing the cloud