— Azure Cloud Community Leader Presentation
Quick recap. Shawn and Ian discussed the importance of networking and making connections, with Ian presenting on his role as the Azure Cloud Community Leader at Cis and the development process of the CIS benchmarks. The team also discussed the CIS Cloud Benchmarks, the importance of community engagement, and the potential for automation in assessment and remediation. Lastly, they addressed ongoing security issues, the challenges of balancing risk and cost in security, and the importance of security vendors vetting their processes.
Show 5 discussion topics
Azure Cloud Community Leader Presentation
In the meeting, Shawn welcomed everyone and introduced Ian McCree from Cis, who was to present a presentation. The meeting also saw new faces, including Tyler Lynch from Hashicorp and Roland from 40 net. Tyler was identified as a potential future presenter. They were identified as a potential future presenter. The group also discussed the importance of networking and making connections. Ian then took over to present on his role as the Azure Cloud Community Leader at Cis, sharing his background and expressing hopes for engagement and volunteer opportunities.
CIS Benchmarks and Secure Configurations
Ian provided an overview of the Center for Internet Security (CIS) and its benchmarks. He explained that CIS was founded in 2000 to help state, local, tribal, and territorial organizations build appropriate defenses against evolving threats. The CIS benchmarks are prescriptive, providing actionable guidance for secure configurations in various platforms. Ian emphasized the importance of secure configurations, noting that misconfigurations are the third most common attack vector for cloud platforms. He also discussed the development process of the CIS benchmarks, which involves community engagement, consensus building, and iterative refinement. Finally, Ian gave an example of a benchmark recommendation, explaining its components such as numbering system, title, profile, applicability, and rationale.
CIS Cloud Benchmarks and Volunteering
Ian discussed the CIS Cloud Benchmarks, which are free and widely followed for their broad impact on cybersecurity. He explained that the benchmarks are divided into two types: foundational benchmarks applied at the tenant or subscription level, and service category benchmarks for specific products. Ian also mentioned that the benchmarks are mapped to other frameworks and are intended to provide a base level of security. He encouraged the team to contribute to the benchmarks, even if they lack extensive cybersecurity experience, as it would help them in their professional journey. Tyler suggested that newcomers could start by registering as a volunteer, asking for a mentor, and learning through the meetings they attend. Shawn and Tyler also emphasized the value of volunteering for early career professionals, as it demonstrates involvement in the industry and can be beneficial for future career opportunities.
Community Input and Automation Discussion
In the meeting, Jay asked about the relationship between the providers and the community, specifically if there's an established pipeline for suggestions on how to configure the landscape. Ian clarified that the most active input comes from the community, with independent vetting of all submissions. He also mentioned that the community has different calls and discussions, and that Microsoft and other providers have been active in his community. David Gargan raised the idea of using RPA bots for implementation and suggested that the CIS team could potentially close a commercial gap by automating assessment and remediation. Ian acknowledged this and mentioned that they have a basic platform for automated assessment, but not for cloud communities. Mischa expressed gratitude for the work done by the CIS team and asked about the process of deciding whether to provide coverage for a new product. Ian explained that it depends on pre-existing coverage, popularity, and severity of vulnerabilities. Tyler offered to help with one-on-one mentoring and Shawn shared the good news that his cancer is not metastatic.
Firewalls, VPNs, and Enterprise Security
In the meeting, Neil discussed the ongoing issue of firewall and VPN vendors getting compromised, citing a recent example of a ticketing website hack. He also shared a past experience of a security incident at a large organization, where a widely shared service account was used to gain domain admin privileges. The team also discussed the challenges of balancing risk and cost in security, with Jay emphasizing the importance of considering the overall enterprise business risk. Shawn thanked everyone for attending the meeting and encouraged them to look for the meeting invite from the previous week. The team also discussed the importance of security vendors vetting their processes and the challenges of updating systems without causing operational downtime.