A Hero’s Guide to Building a Cloud Security Program Without a 20-Person Guild
Steve Turner
fwd:cloudsec North America 2026 · Day 1
In his fwd:cloudsec talk, "Slaying the Sprawl: A Hero’s Guide to Building a Cloud Security Program Without a 20-Person Guild," Steve Turner, a Cloud Security Architect at Zealus, addresses one of the most pressing challenges in modern cybersecurity: how to establish or rebuild an effective cloud security program with limited resources. Turner's presentation cuts through theoretical ideals, offering pragmatic, battle-tested strategies for small teams navigating the complexities of multi-cloud environments. The core thesis revolves around the idea that the biggest mistake isn't choosing the wrong software, but rather designing a workflow that a small team cannot sustain, leading to alert fatigue, morale drain, and ultimately, exploitable vulnerabilities.
AI review
A competent, honest practitioner talk aimed squarely at small-team cloud security leads who are drowning in tool sprawl. Turner knows the material and the advice is sound, but this is a well-organized synthesis of established ideas — agentless-first, CNAP as correlation layer, shift-left CI/CD gates — rather than anything the fwd:cloudsec audience hasn't heard before. Fills a slot, serves its audience, won't be remembered in six months.