The Past, Present and Future of Cloud-Native Security
2024-12-14 , Track 2

Cloud-native has revolutionised how we build and deploy applications, but let's face it - we've made our share of mistakes along the way. From the early days of on-prem to today's massive cloud-native deployments, this has not only transformed application development but also dramatically reshaped the infrastructure, DevOps practices, and the overall security landscape. This talk takes a look at the evolution of cloud-native security, highlighting the real-world incidents and attack techniques that have evolved alongside our technologies.
We'll trace the threat landscape from on-prem to hybrid cloud to cloud-first, then dive deep into the current cloud-native risks: identity breaches, misconfigured cloud services, vulnerable CI/CD pipelines, and the long-standing threat of supply chain. We'll look ahead, exploring the emerging technologies that will shape the future of both attacks and defenses.
Wrapping up the session, actionable strategies to secure your cloud-native environment will be discussed, highlighting tools which can be used to proactively mitigate risks, enhance runtime visibility and automate security.


Key Takeaways:
Analyse the evolution of cloud-native security threats.
Learn how attack techniques evolved over time, and assess the shortcomings of addressing cloud-native security challenges.
Explore the future impacts and trends of cloud-native security and discover practical defense strategies.

Emma is a Senior Cloud Security Architect at EPAM, with extensive experience in cloud, DevSecOps, and security architecture & strategy. In her role, she designs and architects security solutions for her clients' cloud transformation projects. Formerly at Microsoft, she delivered cybersecurity projects and technical workshops to diverse clientele, from emerging tech startups to established FTSE 100 firms. She is passionate about cloud security, Zero Trust, and AI/ML security. Alongside her professional work, Emma is dedicated to advocate for a more diverse workforce in cybersecurity through mentorship and community programs. She is an international public speaker at various cybersecurity conferences across the Europe and the USA, and volunteers as the Executive Lead at WiCyS UK&I, driving the career advancement initiatives. She also serves as a member of Industry Advisory Board of the computer science faculty at the University of Buckingham.