SecOps 360 Day: IT Security Community Event Highlights
Our #SecOps360Day event on Thursday, 22 June 2023, was a huge success. We want to offer special thanks to all of our expert speakers, our community who attended the sessions and brought great questions and observations to the mix, and last but not least our team behind the scenes who helped to make it all happen so smoothly: Gabriela, Diana, Zuzana, Andrea, Jakub, Centeine, Fatma, Eliza, Lucie, Magdalena, Steve, Stan and probably a few more.
What follows are some notes on the sessions, which are available for you to watch on-demand here in the event platform.
Welcome Speech
Stan Markov, CEO & Co-Founder at Runecast
To kick things off, Stan Markov provided a warm welcome describing aspects of why the day's conversations are so relevant.
Warm-Up Quiz
Michiel de Lepper, Global Enablement Manager at Runecast
Michiel de Lepper hosted a quick Warm-up Quiz to get everyone's morning thoughts aligned. Our quiz winner was ‘DUCK’, whose real name we later learned is Alket Shabani.
Align Cybersecurity Strategy with Business Goals
Muhammad Adel, Head of IT at Paymob
Muhammad Adel presented an insightful session on aligning cybersecurity strategy with business goals, drawing on his vast experience in various security and IT roles to help the audience understand some of the approaches that he now uses for security and why.
Attendee Michal Srnec recommended the book:
Helping Children to be Safe on the Internet
Tomas Meznik, Founder at Protect the Little Ones Foundation
Tomas's new foundation – Protect the Little Ones – works with E&Y and Masaryk University on initiatives (including educational games) for helping to keep kids safe and secure online. If you want to support these efforts, reach out to him via: https://www.protectthelittleones.com
Shrinking the Target: Strategies for Ransomware Attack Surface Reduction
Michiel de Lepper, Global Enablement Manager at Runecast
Michiel presented some of the long-term planning and processes that threat actors use to plan their cyberattacks and how those can spread across complex IT environments, to help answer the questions: "Where exactly is the attack surface?" and "How do we protect all of that?!"
How to Fill Gaps Between ITOps & Security Teams
Steve Salisbury, Product Marketing Specialist at Runecast
Steve shared trends with industry regulations and challenges that include increasing compliance requirements and communication breakdowns between security and operations teams, as well as how to improve cultural mindsets for better collaboration.
Open Chat: Aligning IT, Security, and DevOps for Stronger Cybersecurity
Aylin Sali, CTO & Co-Founder at Runecast
Markus Strauss, Chief Product Officer at Runecast
Michiel de Lepper, Global Enablement Manager at Runecast
Michiel hosted Aylin and Markus in an open discussion covering topics of biggest challenges, best practices, and ideal tools for dealing with those challenges as they evolve. Michiel shared his favorite Pizza as a Service framework for wrapping his head around various security aspects.
Can We Replace Humans with AI? Are They the Best or Worst Line in Security and Efficiency?
Gareth Edwards, Solution Engineer at VMware
Gareth covered how to counter – via fun and interesting training methods – detrimental human aspects (e.g. indifference) that can make organizations more vulnerable to cyber threats. He also spoke briefly about potential developments with Deepfakes (with voice) and Ransomware as a Service. Some tools that he recommended included:
- https://www.sophos.com/en-us/products/phish-threat
- https://phished.io/product-overview
- https://www.knowbe4.com
Building Better Relationships
Taylor Parsons, Technical Customer Success at Sevco Security
Taylor (with a magnificent beard) provided tips on how to build better relationships between security and IT teams, with question prompts to get people thinking about where challenges are now (e.g. chat/IM tools, ticketing systems, differing access policies), what common goals exist across teams, and current or ideal communication methods, resources, responsibilities, boundaries, trainings and many other factors to "Take the mystique away from security." He additionally spoke about the Principle of Charity being essential for cross-team communication.
Security Tips and Tricks: Enhancing Your VMware Security Posture
Steve Bettison, Lead Technical Sales Engineer at Runecast
Steve revealed tips and tricks for enhancing VMware security posture by bridging the gaps between IT and security teams that share responsibility for virtualized workloads and environments. He also talked about various security layers like access control, authentication and password policies, patch management, updates, strategies, tools and more.
Cybersecurity AMA Session
Michiel de Lepper, Global Enablement Manager at Runecast
Michiel's CyberSecurity Ask-Me-Anything (AMA) session covered topics from visibility of cloud migration to vendor integration/consolidation to the inadequacies of any other state than continuous compliance. He also shared some of his favorite news sources and podcasts for keeping up with latest cybersec news. "If we bridge the gaps between IT, DevOps and SecOps, everyone will be much happier and safer."
Building Bridges, Not Walls: The Power of Culture in IT & Security Convergence
Katy Craig, Staff Security Engineer at G2 Ops
Katy shared insights to help enable IT and Security convergence by improving cultural bridges, including how ‘culture’ is something rarely written down or defined but rather internalized through signals that we pick up from cues. Leaders must model the culture that they want to see in their teams. She pointed out that ‘soft skills’ can frequently be ‘hard’ skills for some people, and how important an environment of psychological safety and continuous learning is for growth in all other areas.
Toward a Secure Future: Our Commitment to Innovation and Collaboration
We at Runecast are on a mission to lead organizations into the future by pioneering proactive technologies and approaches that help them stay ahead of emerging threats. Leading discussions at events is one of several ways that we offer our assistance to these aims – from our first Runecast Virtual Conference in 2020 (watch sessions here) to Uptime 2020 (watch sessions here), Uptime 2021 (watch sessions here), and this year’s SecOps 360 Day (watch sessions here).
If you have ideas for co-organizing an event with us to help the IT community, please contact us here with your idea(s).
Have a secure summer!
Your Runecast Team