On September 4, 1900 attendees and 40 expert speakers gathered at The Park Plaza Hotel in London for Trend Micro’s CloudSec 2017. This congregation of Europe’s leading cloud and DevOps professionals was inspired by the evolving field of cloud technology and the associated security considerations, as well as those considering adoption of a cloud strategy.
Shared industry challenges in cloud security were discussed throughout the day across industries. One point of concern covered how modern CISOs and their teams struggle to keep pace with software development teams who are rapidly responding to business demands with new feature development. At the same time, security teams are challenged by their executive boards to proactively focus on the guardianship of sensitive customer data. This is becoming increasingly difficult as they are met every morning by a new threat to the integrity of their environment.
Modern Security Challenges?
Many of the day’s conversations and presentations revolved the current departmental separation of development, security and operations. Disparate though these groups may be, technological advancements, notably in the speed of deployment through cloud and container strategies, has opened the door to the consolidation of these otherwise distant objectives, dubbed DevSecOps. Many of the day’s expert speakers emphasized the need for security itself to remain as agile and nimble as the subject it secures, and they insisted that this must remain at the forefront of any considerations regarding DevOps, Cloud technologies or containerisation. This is why DevOps and DevSecOps are quickly moving from being a mere twinkle in the eye of the enterprise technology strategist to a tangible, prioritised facet of current development practices. The clear business advantages to shifting to the Cloud and DevOps were highlighted throughout the day at CloudSec 2017 by many of the industry experts attending.
One expert was Neuvector’s Michael Krueger. Michael spoke to a large crowd about what it means to remain cognizant of security threats whilst working within the break-neck, agile speed of the DevOps environment. Drawing from his experience with VMWare’s growth and the wider use of virtual machines, he spoke with authority about the coming risks and how to combat threats by implementing continuous container security: from design and build-time to run-time and operation.
Not surprisingly, the Black Duck and Neuvector booths hummed with visitors from London, Europe and beyond. Attendees at CloudSec 2017 represented non-profits, governments, and fortune 500 companies, all wanting to discuss the upcoming challenges they and their organisations were tackling.
As 2017’s CloudSec event came to a close, the excitement about the burgeoning DevSecOps and Cloud space continued. Certainly both the move to cloud and the increasing use of open source will remain foundational to any organisation looking develop not just rapidly, but securely.
Want to learn more about secure development in the Cloud with Black Duck Hub on Google Cloud Platform? Try it free for 14 days - learn more.