#10 - Securing the Cloud

Understanding how to secure the cloud is a crucial piece of tradecraft that every CISO needs to understand.  This episode provides an in depth discussion of AWS's 7 design principles for securing the cloud: Implement a strong identity foundation Enable traceability Apply security at all layers Automate security best practices Protect data in transit and rest Keep people away from data Prepare for security events Please note the AWS Well-Architected Framework Security Design Principles can be found here: https://wa.aws.amazon.com/wat.pillar.security.en.html Chapters 00:00 Introduction 02:33 Seven design principles for securing the cloud 04:17 Multi Factor Authentication (MFA) 05:59 How to prevent password guessing attacks on the cloud 08:19 How to limit access to your applications 11:05 How to enable traceability in your environment 13:15 The importance of cloud infrastructure 14:47 How to monitor security in the cloud 17:09 How to automate monitoring, alerting, and auditing 19:09 Configuring a strong identity foundation 20:52 How to have an effective real time view of what your developers have produced 22:48 How to automate your security best practices 26:42 How to protect your data in the cloud 28:36 How to limit access to your data 31:36 How to scan your APIs to protect your data 33:41 The importance of permissions in a data science environment 36:06 The importance of identity in cloud computing 41:30 Review of the 7 design principles for securing the cloud