Friday, March 7, 2025 — Meeting Recap

Gathering and Tech Issue Discussion

Shawn opens the meeting with music, and attendees greet each other in the chat. YHL mentions a technical issue with a cable, while others discuss the music selection. The meeting officially begins with Shawn welcoming everyone, followed by greetings from Dave and Alex. Richard notes it's afternoon in his time zone.

Cloud Security Office Hours Overview

Shawn introduces the Cloud Security Office Hours, describing it as a weekly gathering of experts in cloud security where participants can ask any questions related to the field. He emphasizes that the group is open to people transitioning from other careers into cloud security, highlighting the value of diverse skills and backgrounds. Neil adds that many successful professionals in the field have come from different backgrounds. Gilmar, a new participant from Brazil with a background in IT engineering, introduces himself and shares his journey of focusing on AWS security, obtaining certifications, and working on hands-on projects. He expresses feeling overwhelmed and seeks guidance on his next steps in pursuing a career in AWS cloud security.

Cybersecurity Career Path Discussions

In the meeting, Shawn welcomed new participants including Heather from Marriott 360, Jarrielle from Fairfield, California, and Pavel from Poland. Heather expressed her interest in the field of cybersecurity, while Jarrielle is considering a transition from sales to real estate. Pavel shared his background in technical account management and his interest in offensive security. The diverse backgrounds and interests of the participants were acknowledged. Shawn also highlighted the competitive nature between his company, Wiz, and Orca, but assured that the group remains neutral ground for learning and discussing cybersecurity.

Abdullah's Network Security and Transition Plan

Shawn discussed his upcoming absence for three weeks and handed over to Abdullah. Troy, a new participant, expressed interest in transitioning from DevOps to Security, viewing the role as a security champion. Shawn and Jay emphasized the importance of roles in ensuring security's effectiveness, likening it to good governance. Abdullah, a network security engineer, shared his experience in AWS and his plan to transition to Google Cloud.

Emphasizing Security Expertise Outside Security Teams

The group discusses the importance of security champions and building security expertise outside of dedicated security teams, especially in cloud environments. Neil highlights how cloud adoption has diffused security responsibilities, requiring developers to be more involved in addressing vulnerabilities. Heather emphasizes the need for training and explaining security issues to create a security-focused culture. David shares his approach of using cross-functional working groups to implement new technologies and manage ongoing operations. The conversation also touches on the comparison between Security Onion and Splunk, with Heather noting Splunk's high cost as a significant difference.

Security Tools and Incident Response Challenges

The group discusses the use of security tools like Security Onion, Splunk, and ELK Stack, comparing open source and commercial solutions. They explore the challenges of implementing and maintaining security systems, including cost considerations and the need for skilled personnel. The conversation touches on the transition from open source to paid solutions as organizations grow. Neil shares insights from his incident response experience, highlighting common issues like mismanaged service accounts. The group also discusses the stress and burnout associated with incident response work. Jay mentions submitting feedback to the Australian government on zero trust principles, emphasizing that many organizations may be better off outsourcing their security needs to trusted partners.