After two full days of keynote presentations and track sessions, CloudNativeSecurityCon is officially in the books.

The first-ever event in Seattle represented a bit of a gamble by the Cloud Native Computing Foundation that it could draw an audience for dedicated sessions on security topics that had previously been wrapped into KubeCon + CloudNativeCon NA during the fall. The gambit appeared to work, according to theCUBE analysts.

“This event was done very carefully and methodically by the CNCF,” said John Furrier (pictured, left), industry analyst for theCUBE, SiliconANGLE Media livestreaming studio. “They didn’t want to overplay their hand relative to breaking out from KubeCon. People were enthusiastic and confident that this has the ability to stand on its own.”

Furrier spoke with theCUBE industry analyst Lisa Martin (right) at CloudNativeSecurityCon, during the show wrap segment in an exclusive broadcast on theCUBE. They discussed key insights learned from two days of coverage.

Offense vs. defense

One of the insights from the event was that the security community has come to realize it must focus more heavily on resolving vulnerabilities faster while taking a proactive approach toward thwarting breaches.

“Hackers are playing offense, and the industry is playing defense,” Furrier said. “That has to change. There are a lot more security problems still unresolved, and the emphasis on developer productivity is at risk here.”

With cloud-native emerging as a driving force in enterprise IT, the need to protect critical elements of cloud-native platforms is expanding as well. Hackers read the news, and malicious actors are fully aware of growing cloud-native adoption where exploits of the software supply chain and ransomware attacks can realize significant financial gain. Can the cloud-native community pivot toward a model that will disrupt the disruptors?

“This is a challenging thing because it is so lucrative for hackers,” Martin said. “Having a dedicated focus on cloud-native security at this conference is incredibly important. It seems from what we’ve heard in the last couple of days, this is a community with the right focus to be able to make that pivot.”

End-user influence

As a spin-off from KubeCon, the security gathering in Seattle this month stands to benefit from the same trends that propelled Kubernetes and other cloud-native technologies to the enterprise forefront. This will likely result in a greater role for end users, according to Furrier.

“End-user participation really drove the birth of Kubernetes,” Furrier said. “You have a lot of use cases out there where customers are leaning in, rolling up their sleeves and working with open source. This has to be the driver, so I’m expecting to see the next level of CloudNativeSecurityCon to be end-user focused.”

One insight from the conference centered around the Security Operations Center, or SOC. While SOCs remain an important element in maintaining threat visibility and a capability to respond quickly to attacks, the analysts expressed surprise that SOCs were not always a given in many organizations.

“It’s a pretty high percentage of organizations that either don’t have an SOC or have a very primitive SOC,” Martin said. “This kind of surprised me. In this day and age, the risks are there.”

Amid a rising threat landscape, the need to take a fresh look at security practices and generate innovative new approaches has become more important and timely. The cloud-native community could provide what amounts to a reboot of the security paradigm.

“If automation and scale continue to happen, and with the business model of hackers still booming, security has to be refactored quickly,” Furrier said. “There’s going to be an opportunity structurally to use the cloud to make that happen. There’s a ‘do-over’ opportunity for the security industry with cloud-native driving that.”

Here’s the complete video discussion, part of SiliconANGLE’s and theCUBE’s coverage of CloudNativeSecurityCon:

Photo: SiliconANGLE