2025-08-08 –, Cassiopeia
Language: English
An inside look at the challenges I faced while establishing security in a cloud-native environment within a fast-growing fintech company.
The talk is about four years of hands-on experience as a CISO in a fast growing fintech company. During this time, I've had the unique opportunity to build an effective and operational security structure from the ground up within a completely cloud-based setup.
My experience provides a practical roadmap for understanding the critical nuances of approaching security in a full-cloud, product-driven organization.
We'll delve into topics like:
* The initial complexities: What happens when you're securing infrastructure that's always changing?
* Navigating DevSecOps: How do you embed security seamlessly into a fast-paced development culture?
* Real-world pitfalls: Concrete examples of challenges faced and how we overcame them.
* Building an effective security posture: Practical insights into creating an operational security framework that actually works in the cloud.
The goal is to share actionable takeaways and lessons learned, helping others anticipate and navigate similar challenges in their own cloud security journeys.
I’m Giovanni "merlos" Mellini one of the founders - and actual president - of Cyber Saiyan, a non profit organization born in December 2017 - https://www.cybersaiyan.it/
Since 2018 we organize RomHack a cyber security conference held yearly in Rome, Italy - https://romhack.io/ and in 2022 we organized RomHack Camp.
I occasionally speak on public community events, schools and universities