Practical Considerations on the Road from Traditional to Cloud Native Enterprise Security: A Working Group Update

Spring 2021

As the enterprise world has moved increasingly toward embracing Cloud Native architectures over the past decade, it has become clear that traditional security approaches no longer meet our requirements for protecting organizations’ digital assets.

ONUG’s Cloud Native Security Working Group focuses on what is needed for enterprises to make the transition from effective legacy to Cloud Native security.

Our Working Group has thus set out to introduce the ONUG community to this complex subject in a stepwise fashion via a series of blogs and playbooks – smaller-scale artifacts drawn from practical experience that will, over time, help all of us understand this burgeoning space in all its complexity – and help us arrive too at more locally relevant solutions.

Today’s session offers an update on our progress-to-date.

Speakers:

Forrest Bennett

Cyber Security Advisor with FedEx Services, Inc. My current focus is on securing SDN and hybrid-cloud workloads as FedEx moves towards digital transformation and away from traditional L3 networks and data centers. In my role as Cyber Security Advisor I am called on to consult on many IT projects across the various operating companies that comprise FedEx. I am the team leader for the Network Security team that is responsible for implementing micro-segmentation, security analytics, identity services, and Wifi intrusion prevention among other security platforms and initiatives. I currently hold active ISC²CISSP and GIAC GSEC certifications and have been a guest speaker on network and cloud security at various conferences including Proofpoint Connect, VMworld, and Future:NET.

My background is 30+ years of experience as a Network Security Engineer / Network Manager / Network Engineer working in the IS/IT division of various companies which span half a dozen industries and government agencies.

Michael Thomas Clark

Michael is a veteran technologist with over 30 years’ experience in large enterprise computing. He began his career as a network and server engineer at Bausch & Lomb in the early days of distributed computing before moving on to Fidelity Investments and progressively larger systems management roles.

He finished up his time at Fidelity in Enterprise Architecture, where he focused on various platform infrastructure initiatives, including leading the effort to develop a unified compute platform strategy for the firm. Michael has spent the last decade engaged in an array of global professional services activities, working with private-equity firms and startups in healthcare data management and network security.

As a Core Organizer for the annual DevOpsDays Boston conference since 2017, Michael also co-founded “Boston DevOps Network, Inc,” a non-profit aimed at promoting DevOps learning and community-building in the Greater Boston area. Since 2015, he has worked with what is now the ONUG Cloud Native Security Working Group, where he is currently co-Chair with Forrest Bennett of FedEx. In 2019, Michael worked with Nick Lippis to launch ONUG’s first set of conference tracks focused on DevOps practices.

Today, he continues to consult on Cloud infrastructure and security projects and recently launched a new podcast series: “The Wages of Cybercrime.”

Ken Arora

Ken Arora is a Distinguished Engineer within F5’s Office of the CTO, focusing on cybersecurity and defining technologies for data-driven, AI-assisted security solutions.

Ken currently provides technical alignment and vision across multiple security product development teams. He also evaluates emerging technical and competitive trends to formulate a technical application security vision. Ken’s background spans both software and hardware development, and he is responsible for many of F5’s hardware/software co-designed solutions and is also passionate about workflow-driven user experience design. His current focus is around next generation Zero Trust evolution and the use of big data enabled machine learning to improve security efficacy.

Before joining F5 in 2012, Ken was architect of Intel’s Pentium and Pentium Pro processors and Cisco’s ASA product family. He later co-founded a startup that developed a hardware-accelerated solution stack for pattern matching. Ken’s first role at F5 was as architect for the BIG-IP AFM, the world’s fastest DC firewall and a primary component of F5’s SP solution, used by many of the world’s largest service providers.

Ken’s undergraduate degrees are in Astrophysics and Electrical Engineering, from Rice University. Outside of work, enjoys playing hockey, but when off the ice, he also spends time on the board of Silicon Valley Shakespeare and is a superforecaster for the Good Judgement project.