With the increased use of SaaS, IaaS, and PaaS platforms, organizations are shoveling more compute, applications, and data into the cloud from on-premises solutions. However, answering cloud governance and access control questions such as “What data do I have?," "Where is my data stored?," Who has access to my data?,” has become challenging. Often, it is because data is out of sight and out of mind. Additionally, during a breach, these questions can impede an investigation that is already challenged by decentralized logging, access rights, large volumes of data to review, and the inability to physically access the environment.

This presentation will walk thought the current challenges faced by defenders and IR investigators in large cloud environments, and offer solutions that call on a variety of cyber security, digital forensic and incident response, and eDiscovey talents. We will step through a case example where the convergence of these disciplines allowed an organization to effectively investigate a data breach and comply with regulatory notification requirements. 

Speaker Bio:

Douglas has over 23 years of professional technology experience. He is a recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to leading proactive security assessments, he conducts investigations involving hacking, data breaches, trade secret theft, trademarks, intellectual property, employee malfeasance and a variety of other legal and governance issues. Douglas is also the founder and host of Cyber Security Interviews, a popular information security podcast.

*Note:  First half hour reserved for networking, meal, and general chapter announcements.  Speaker presentations begin 30 minutes after chapter start time.

With the increased use of SaaS, IaaS, and PaaS platforms, organizations are shoveling more compute, applications, and data into the cloud from on-premises solutions. However, answering cloud governance and access control questions such as “What data do I have?," "Where is my data stored?," Who has access to my data?,” has become challenging. Often, it is because data is out of sight and out of mind. Additionally, during a breach, these questions can impede an investigation that is already challenged by decentralized logging, access rights, large volumes of data to review, and the inability to physically access the environment.

This presentation will walk thought the current challenges faced by defenders and IR investigators in large cloud environments, and offer solutions that call on a variety of cyber security, digital forensic and incident response, and eDiscovey talents. We will step through a case example where the convergence of these disciplines allowed an organization to effectively investigate a data breach and comply with regulatory notification requirements. 

Speaker Bio:

Douglas has over 23 years of professional technology experience. He is a recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to leading proactive security assessments, he conducts investigations involving hacking, data breaches, trade secret theft, trademarks, intellectual property, employee malfeasance and a variety of other legal and governance issues. Douglas is also the founder and host of Cyber Security Interviews, a popular information security podcast.

*Note:  First half hour reserved for networking, meal, and general chapter announcements.  Speaker presentations begin 30 minutes after chapter start time.