Owning Your Role in the Shared Responsibility Model for SaaS Security
Wednesday, January 22, 2025 | 8:30am – 9:30am PT / 11:30am – 12:30pm ET
#SINET
The attack campaign against Snowflake customer tenants shows that security incidents often stem from overlooked fundamentals — unrotated credentials, weak MFA enforcement, and misconfigurations. Breaches like this highlight a critical fact: while SaaS providers ensure platform security, the onus for securing configurations and user access lies squarely with the customer.
This discussion will explore
- Practical strategies for managing SaaS security within the shared responsibility model — enforcing MFA, adhering to the Principle of Least Privilege (PoLP), and implementing robust credential management.
- How decentralized application ownership complicates efforts for managing SaaS security.
- Best practices for regaining control and visibility to ensure SaaS security fundamentals are followed, even when ownership is fragmented across business units.
Moderator
Robert Rodriguez
Chairman, SINET
Venture Partner, SYN Ventures
Panelist
Luke Lazzari
Senior Cyber Manager, Identity and
Access Management
Corporation Service Company (CSC)
Panelist
Brittany Vercillo
Security Engineering Manager
Federal Home Loan Bank of Chicago
Panelist
Fritz Wetschnig
CISO & Chief Data Privacy Officer
Flex
Panelist
Randy Vickers
Deputy CISO
National Student Clearinghouse
Panelist
Louis Bobelis
Deputy CISO
AXIS Capital
Panelist
Yoni Shohet
Co-Founder & CEO
Valence Security