Season 3 Episode 10: Cloud Security Trends and Best Practices (Security Engineer)

10/29/21 • 21 min

In this episode, Preeti sat down with Laura to discuss the challenges of moving into the cloud, interoperability between cloud platforms, security anti-patterns, and mentorship success stories. Laura also shares her go-to resources for anyone looking to enhance their skills in DevSecOps and cloud security.
Resource list:

https://attack.mitre.org/matrices/enterprise/cloud/
https://cloudsecurityalliance.org/research/working-groups/top-threats/
https://tldrsec.com/
https://cloudseclist.com/
https://acloudguru.com/
https://madhuakula.com/ (great workshop guy, some resources on his site too)
https://aws.amazon.com/certification/
https://cloud.google.com/certification
https://www.lastweekinaws.com/
https://meanwhileinsecurity.com/

Guest:

Laura Haller is currently a cloud-infrastructure-focused security engineer on Hashicorp’s Threat Detection and Response team. She is passionate about helping non-cloud-native companies make their journey to public cloud safe, optimized, and cost-effective, as well as deepening her understanding of pure cloud-native design.

Like many others in the field of security, she had a non-traditional path. She pursued a degree in Electrical Engineering from the University of Illinois at Urbana-Champaign with a specialization in Power and Energy Systems but decided to shift into the world of software engineering after falling in love with programming during her undergraduate research on microgrids.

She shifted from software engineering to security engineering during her time at Capital One while gaining a deep understanding of cloud infrastructure and AWS best practices. She recently closed out her time at Charles Schwab as a cloud security engineer and cybersecurity research engineer with a focus on helping the firm take security-minded steps in their nascent cloud journey.

Outside of work, she loves to hike at her local botanical gardens and see her mentees thrive.
Connect with Laura on LinkedIn

Host:

Preeti is a Senior Security Data Scientist at VMware Carbon Black. where she provides technical expertise to artificial intelligence projects for cybersecurity. She has experience in developing practical solutions using data science and machine learning for information technology programs as well as commercial security products. She has prior experience as an applied security researcher at IBM X-Force where her work has contributed to intellectual property and conference talks.

During her spare time, she gives back to the community by creating podcast content to create awareness about emerging technologies in cybersecurity. She also engages in women in cybersecurity initiatives both within and outside of her organization. Preeti holds a Masters Degree in Information Networking with a concentration in Cybersecurity from Carnegie Mellon University.
Connect with Preeti on LinkedIn

Support the show

https://attack.mitre.org/matrices/enterprise/cloud/
https://cloudsecurityalliance.org/research/working-groups/top-threats/
https://tldrsec.com/
https://cloudseclist.com/
https://acloudguru.com/
https://madhuakula.com/ (great workshop guy, some resources on his site too)
https://aws.amazon.com/certification/
https://cloud.google.com/certification
https://www.lastweekinaws.com/
https://meanwhileinsecurity.com/

Support the show

Previous Episode

Season 3 Episode 9: A Day in the Life: Medical Device Insights from a Senior Director

In this episode, Ashley chats with Inhel, a Senior Director of Information Security Engineering at BD, one of the largest global medical technology companies in the world. With privacy in healthcare at the forefront of current events, our guests delve into the nuances of the medical device industry. Inhel also provides actionable advice about career transitions, navigating the workplace, and other lessons learned from her experiences in the field.

Guest:

Inhel Rekik is the Sr Director of Information Security Engineering at BD, a global medical technology company that is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. She currently leads all information security engineering initiatives for Enterprise IT, BD products, manufacturing/OT and R&D. Before joining BD, Inhel was the Director of Health Technology Security at MedStar Health where she founded the program of medical device security, IoMT and IoT security.

Prior to moving into information security, Inhel held various roles of Healthcare Technology Management in HDOs. Inhel is CISM certified. Inhel pursued her education in Canada where she received her Bachelor’s degree in Computer Engineering from Laval University and her Master’s degree in Biomedical engineering from Polytechnic School of Montreal. Inhel is an active member of HISAC Medical Device Security Information Sharing Advisory Committee, MDIC (Medical Device Innovation Consortium) and EWF (Executive Women Forum). Awards include Intelligent Health Association (IHA) Grand Award and (IHA) Improving Patient Care and Health Delivery Award.

Host:
Ashley Baich is a Cybersecurity Consulting Analyst at Accenture with experience in many disciplines of cybersecurity. Her analytical background in marketing, communications, technology and business development inform her mindful but competitive approach.

Ashley is fueled by her desire to bridge the communication between IT Professionals and Business Executives. She considers herself a ‘forever student’, eager to continue to build her academic foundation to be innovative and forward thinking in the world of cybersecurity. She is in the process of earning her MBA in information security and is an active participant in the EWF, currently as a co-lead for the Rising Leader Forum.

Support the show

Next Episode

Season 4 Episode 1: A Day in the Life: Code School Founder and Incident Response Analyst

In this episode, Liz sat down with Linda to discuss her journey from being in academia to having a career in Law Enforcement and to her current role as a Senior Incident Response Analyst. Linda highlights the similarities between her time as a detective specializing in digital forensics and her current role within the private sector. She also shares advice for those who are considering a career within the Technology space whether they are fresh out of college or for those considering a career switch. Do enjoy!
Guest: Linda Smith
My name is Linda Smith and I like to break hacker’s hearts. I am also the Founder of Codify Zone a Tech-Education company where children learn programming, logical and critical thinking skills. I am an ex-cop with extensive experience in the field of Digital Forensics.

Currently I am a Senior Incident Response Analyst with one of the best companies in the field of cyber security, Sophos. I am a mom of 2 beautiful children and a wife, in my spare time I run to support local and international charities. I am a workout freak, and I can’t sit still. I love to travel, boxing and I absolutely could not live without caffeine.

I love what I do
I do what I love
I do what I do to protect business and humans.

Host: Liz Jaluague

Liz Jaluague is a Cyber Testing Associate at RSM Canada where she performs penetration tests for clients in a wide span of industries. Her previous work experience includes full-stack development, cloud automation, and security governance consulting at a Big Four firm. She earned a BSc in Biochemistry and a postgraduate certificate in Computer Security and Digital Forensics.

Liz serves as a mentor in several organizations for people who are in their first cybersecurity role or looking to enter the field. She also co-leads the EWF's Podcast Action Team.

Support the show