32/ TERI RADICHEL
Chief Executive Officer, 2nd Sight Lab
Initially led by software as a service (SaaS), the transition to the public cloud is one of the most important changes we’ve witnessed in information technology to date. From the early days of SaaS to the current stage where adoption of infrastructure, platform and function as a service (IaaS, PaaS, FaaS) are catching on like wildfire, there’s an increasing awareness that the end state of this shift few aspects of how we do our jobs will be unchanged. This Security Voices episode is the first of five where we dig into the details of how the public cloud is transforming cybersecurity.
Teri Radichel joins us to explain key concepts in public cloud technology, the differences from on-premises, migration options and more. If you’ve ever wondered what is meant by “lift and shift” or “cloud native”, this is for you. Teri’s background as a trainer, author and researcher shines through as she describes both broad concepts in easily understood terms but she also doesn’t spare the details for those who are already cloud savvy.
Beyond the core concepts, Teri compares and contrasts the security models across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP). As she walks us through the differences between the three platforms, you get a sense of the complexity faced by those straddling an on-premise environment as well as the public cloud – not to mention several clouds at once. From networking to identity and access management models, no cloud service provider is quite like the other. Moreover, the fierce competition between Google, Microsoft and Amazon is driving such rapid changes in their platforms that any grip you have on exactly how things are is a slippery one at best.
In spite of the challenges, Teri explains her belief that one can achieve better security in the cloud than on-premises. Doing so requires thinking differently, however, such as Teri’s advice to handle data as we would handle money. We hope this episode lays the groundwork for you for understanding the current state of public cloud security as in the next show we dive into the trenches with a cloud security practitioner at Yelp.
Teri Radichel has helped 1000's of companies with cloud security through consulting, writing, research, and training. Teri is the founding organizer of the Seattle AWS Architects and Engineers Meetup which has nearly 3000 members. She helped Capital One move production workloads to AWS. At another company, Teri led a team of 30 people in two counties and architected a SAAS IOT solution for firewalls connecting to the cloud. Her team implemented a secure CI/CD pipeline based on her whitepaper on event-driven security. She then moved into security research, writing articles for publications such as Light Reading and Infosecurity Magazine, and reverse engineering malware.
Teri is the CEO of 2nd Sight Lab and has helped companies from startups to Fortune 100 with cloud security assessments, pentests, audits, and training. Teri presents on cloud security at conferences such as RSA, AWS re:Invent, AWS re:Inforce, IANS Security Forums, Countermeasure, SANS Networking, SANS Cloud Summit, and BSides. She received the SANS Difference Makers Award for cloud security innovation. She writes a blog called Cloud Security and has written a book, Cybersecurity for Executives. You can follow her on Twitter @teriradichel.