Are We There Yet? Lessons from the 10 Year Cloud Security Ride
James Berthoty
fwd:cloudsec North America 2026 · Day 1
James Berthoty's talk, "Are We There Yet? Lessons from the 10 Year Cloud Security Ride," offers a critical retrospective and forward-looking analysis of the cloud security landscape over the past decade. As the founder of Lacatio, a practitioner-focused analyst firm, Berthoty brings a unique perspective shaped by his extensive background in security operations, cloud security, and application security. The presentation aims to demystify the evolution of cloud security tools, explain their current architectural design, and identify the gaps that still need to be addressed.
AI review
A competent practitioner retrospective on cloud security's last decade that earns its keep through honest framing and useful buying heuristics. Nothing here breaks new ground, but Berthoty's 'understand your architecture before the vendor explains it to you' and 'buying a tool means buying 2,000 alerts' framing is more practically useful than most CNAPP vendor decks. Fits squarely in the case-study/analyst lane and delivers what it promises — no more.