The NYU Center for Cybersecurity explores the cloud security megatrends driving digital transformation

Cost-efficiency, scalability, flexibility, transformative power . . .there are any number of reasons why companies are turning to the cloud. But what implications does that have for security? 

The NYU Center for Cybersecurity recently convened a high-wattage keynote address and panel discussion to explore that question. The event–which drew hundreds of attendees–featured multiple Chief Information Security Officers and other top professionals, including:

• Keynote speaker and panelist Phil Venables, Google VP and CISO of Google Cloud 
• Panelist Edna Conway, VP and Security & Risk Officer of Azure Hardware Systems & Infrastructure at Microsoft
• Panelist Jon Brickey, SVP & Cybersecurity Evangelist at Mastercard
• Panelist Jasper Graham, Distinguished Engineer, Managing Director, and Deputy CISO / Global Threat Hunt Lead at Morgan Stanley 

After an introduction by Professor Nasir Memon, who presciently introduced cybersecurity studies to NYU Tandon in 1999, making it one of the first schools to teach the subject at the undergraduate level, Dean Jelena Kovačević  gave her own words of welcome, explaining to attendees that faculty and students in Tandon’s cybersecurity programs are deeply involved in research on a variety of fronts, including “wireless communications infrastructure, open-source software development, and safe software update protocols via remote servers.” Witnessing their work, she asserted, “has made me feel confident that while the threat landscape is constantly evolving, we’re developing a new generation of professionals extremely well-equipped to keep us safe.”

Following an introduction from Kristina V. Dorville, the Head of Governance and Engagement at AIG, which has generously sponsored the cyber-lecture series since 2017, Venables took to the Zoom microphone to outline several of what he termed “megatrends,” that are driving “technological innovation and improve the overall security posture of cloud providers and customers,” including:

• Economy of scale (since decreasing the marginal cost of security and raising its level go hand-in-hand)
• A cycle of increasing trust between cloud provider and customer, incorporating shared responsibility and shared fate
• Healthy competition among providers to keep increasing security (along with agility and productivity), since that race to the top will benefit all
• A reinforcement loop that allows the cloud to function as a digital immune system, with each provider’s resources and expertise being harnessed to make improvements for everyone
• Software-defined infrastructure that enables continuous controls monitoring, a greater level of inventory assurance, and a highly secure environment without significant operating risks on the part of the customer
• Updates made more frequently and with greater velocity
• Greater cloud adoption due to simplicity and abstraction
• Support for global, regional, and local requirements by providing sovereignty across data, software, and operational pillars.

“These cloud computing megatrends will propel security forward faster, for less cost, and less effort than any other security initiative,” Venables concluded. “The advantages are clear.”

A lively panel discussion, moderated by Joel Caminer, Tandon’s Senior Director, Center for Cybersecurity, ensued, touching upon such topics as the best strategies for moving applications and operations to the cloud, the current threat landscape and the risks of overly centralized platforms, the push for greater regulation, and the challenges around talent acquisition & development with in-demand cloud security skills. (Tandon Online is doing its part to ameliorate those challenges with a new cloud-security course elective and Google Cloud certification available to students in the Cyber Fellows master’s program.)

While those might not seem like topics that could be characterized as particularly heartwarming, Conway managed to touch everyone and encapsulate the importance of these types of events. “There is something unique about people who work in cyber,” she asserted. “There is a perception in some places that competitors don’t collaborate, but we know that although we’re competing, the things we learn together ultimately bring everyone the benefits of the power of the cloud.” 

Caminer points out that organizing an event featuring such an experienced, high-profile group of professionals is only possible because of Tandon’s extensive industry partnerships and the robust, diverse cybersecurity community that has developed at the school. “Whether it starts with our Center for K12 STEM Education; our undergraduate cybersecurity minor; our Cyber Fellows online master’s program; our collaboration with NYU Law to offer a Cybersecurity Risk & Strategy degree; our new Chief Information Security Officer (CISO) program; or our innovative Bridge Program, which prepares those without traditional technical backgrounds to take on the challenges of a STEM-related graduate program, we are widening the global pipeline of highly educated cyber professionals,” he explains. “October may be considered the official Cybersecurity Awareness Month, but I like to think that’s every month here at Tandon.”