Steve Riley researches and writes about various aspects of public cloud security. Mr. Riley researches how to design and deploy secure workloads in public infrastructure-as-a-service (IaaS) clouds and how best to secure the use of software-as-a-service (SaaS) offerings. He tracks the security and compliance capabilities of cloud service providers and monitors the threat and vulnerability landscape present in public cloud services. Related areas of research include cloud security access brokers (CASB), zero-trust network access (ZTNA), cloud data loss prevention (DLP), and container security in run-time.
Before joining Gartner, Mr. Riley participated in a variety of security projects. He worked with a team to create an incident response process and to establish a culture of security. He was part of a group that managed worldwide forums for chief security officers and security architects, seeking customer feedback and incorporating it into security-related product design. Throughout his career, at numerous events on six continents he has delivered hundreds of presentations, many of which covered various aspects of cloud security and compliance.
Technical Director/Deputy CTO
Amazon Web Services
Sr. Technical Program Manager
Sr. Security Strategist
Security of Applications and Data
Cloud and Edge Infrastructure
B.Sc., Computer and Information Engineering, The Ohio State University
1How can we improve the security of cloud office?
2How do we select and manage cloud access security brokers?
3How can we govern the use of SaaS?
4How can we ensure that IaaS is being applied securely?
5How can we secure and govern the IaaS control plane?