Compliance Does Not Equal Security (Except When It Might Be) - Rob Clark - USENIX Enigma Conference - 2018

Explore a thought-provoking conference talk from USENIX Enigma 2018 that challenges the notion of compliance equating to security in cloud environments. Delve into IBM's innovative approach to restructuring their security strategy, aligning with NIST guidance to support DevSecOps and enhance cloud deployment security. Learn how IBM built a security team responsible for understanding and measuring controls across their vast cloud infrastructure, comprising over 200 services and 53 data centers. Discover the lessons learned, results achieved, and future steps in this 21-minute presentation by Rob Clark, Cloud Security Leader at IBM, as he shares insights on decreasing complexity, driving security feature functionality, and making compliance more accessible and effective in cloud security management.