Securing Your Cloud Infrastructure with CIS Critical Security Controls v8

May 4, 2021 | 10:00 am EDT

About this Webinar:

You asked and we listened! Based on feedback from users around the world and working in a breadth of industries, we enhanced CIS Critical Security Controls (CIS Controls) Version 8 to keep up with modern systems and software. To better support enterprises as they incorporate cloud-based computing, virtualization, mobility, outsourcing, and work-from-home, as well as to better defend against changing attacker tactics, CIS Controls v8 includes new and updated guidance for securing fully cloud and hybrid environments. Toward this end, CIS partnered with like-minded organizations Cloud Security Alliance (CSA) and SAFECode to provide input into CIS Controls v8 to help our users secure their cloud environments.

In this webinar, subject-matter experts from CIS, CSA, and SAFECode will engage in a panel discussion to go into detail on the benefits of our partnership and review each organization’s contributions to the new and updated guidance for cloud infrastructure contained in CIS Controls v8.




Phyllis Lee
Senior Director for CIS Controls, Center for Internet Security (CIS)

Phyllis Lee is the Senior Director for Controls at the Center for Internet Security (CIS). She has over 25 years of experience in information assurance and has performed vulnerability assessments, virtualization research and worked in security automation. Prior to joining CIS, Lee worked at the National Security Agency (NSA) focusing on the intersection between malware and virtualization, which included collaboration with MIT Lincoln Labs. Lee also participated in a variety of security automation standardization efforts and led the security automation strategy for the NSA Information Assurance Directorate (IAD). She graduated from Johns Hopkins University with a master of science in computer science.



John DiMaria
Assurance Investigatory Fellow and Research Fellow, Cloud Security Alliance (CSA)

John DiMaria CSSBB, HISP, MHISP, AMBCI, CERP, is the Assurance Investigatory Fellow and Research Fellow with the Cloud Security Alliance (CSA). He has 30 years of successful experience in Standards and Management System Development, including Information Systems, Business Continuity, and Quality. John was one of the innovators and co-founders of the CSA STAR program for cloud providers, a contributing author of the American Bar Association’s Cybersecurity Handbook, a working group member, and a key contributor to the NIST Cybersecurity Framework. He currently manages all facets of the CSA STAR Program which includes security, privacy, continuous monitoring, and development of new solutions.



Steve Lipner
Executive Director, SAFECode

Steve Lipner is the executive director of SAFECode, a nonprofit focused on software assurance. He was the creator and long-time leader of the Microsoft Security Development Lifecycle (SDL). Lipner has more than a half century of experience in cybersecurity as a researcher, engineer, and development manager. He is a member of the National Academy of Engineering and the National Cybersecurity Hall of Fame.




Curtis Dukes
Executive Vice President and General Manager, Security Best Practices, Center for Internet Security (CIS)

Curtis W. Dukes joined CIS as the Executive Vice President and General Manager of the Best Practices and Automation Group in January 2017. The CIS Benchmarks™ and CIS Controls™ program provides vendor-agnostic, consensus-based best practices to help organizations assess and improve their security. Prior to CIS, Curtis served as the Deputy National Manager (DNM) for National Security Systems (NSS). On behalf of the Director of NSA, the DNM is charged with securing systems that handle classified information or are otherwise critical to military and intelligence activities.