Suresh Vasudevan, CEO of Sysdig, discusses the evolving challenges of cloud security incident response and the need for new approaches to mitigate organizational risk.

Topics Include:

• Cybersecurity regulations mandate incident response reporting.
• Challenges of cloud breach detection and response.
• Complex cloud attack patterns: reconnaissance, lateral movement, exploit.
• Rapid exploitation - minutes vs. days for on-prem.
• Importance of runtime, identity, and control plane monitoring.
• Limitations of EDR and SIEM tools for cloud.
• Coordinated incident response across security, DevOps, executives.
• Criticality of pre-defined incident response plans.
• Increased CISO personal liability risk and mitigation.
• Documenting security team's diligence to demonstrate due care.
• Establishing strong partnerships with legal and audit teams.
• Covering defensive steps in internal communications.
• Sysdig's cloud-native security approach and Falco project.
• Balancing prevention, detection, and response capabilities.
• Integrating security tooling with customer workflows and SOCs.
• Providing 24/7 monitoring and rapid response services.
• Correlating workload, identity, and control plane activities.
• Detecting unusual reconnaissance and lateral movement behaviors.
• Daisy-chaining events to identify potential compromise chains.
• Tracking historical identity activity patterns for anomaly detection.
• Aligning security with business impact assessment and reporting.
• Adapting SOC team skills for cloud-native environments.
• Resource and disruption cost concerns for cloud agents.
• Importance of "do no harm" philosophy for response.
• Enhancing existing security data sources with cloud context.
• Challenges of post-incident forensics vs. real-time response.
• Bridging security, DevOps, and executive domains.
• Establishing pre-approved incident response stakeholder roles.
• Maintaining documentation to demonstrate proper investigation.
• Evolving CISO role and personal liability considerations.
• Proactive management of cyber risk at board level.
• Developing strong general counsel and audit relationships.
• Transparency in internal communications to avoid discovery risks.
• Security teams as business partners, not just technicians.
• Sysdig's cloud security expertise and open-source contributions.

Participants:

·        Suresh Vasudevan – CEO, Sysdig

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/