Cloud 101CircleEventsBlog

SECtember 2021: Why I’ll Be There

SECtember 2021: Why I’ll Be There

Blog Article Published: 08/03/2021

Written by Larry Hughes, Principal Compliance Consultant, LJH Compliance Consulting

I first got involved in the Seattle information security scene in 1996. I was busy building a security consulting practice for a startup. It wasn’t long before I met this affable fellow named Jim Reavis, who had already established himself as a security consultant even in those early days of internet commerce. At first, I considered Jim a likely competitor and I was guarded in our early conversations. Jim, on the other hand, only ever viewed me as a welcome colleague. It wasn’t long before I considered him a friend.

I remember Jim saying sometime during 2008 that as of January 2, 2009, he was going all in on cloud security. I wasn’t exactly sure what he meant. I soon learned he was co-founding a non-profit called the Cloud Security Alliance with an ambitious agenda. I already knew Jim to be a big thinker, but I had no idea that CSA would flourish into what it is today: the world’s leading organization dedicated to raising awareness of cloud security best practices and an incubator for best practices.

Some impressive stats as of July 2021:

What is SECtember?

SECtember is going to be THE cloud security conference of the year. It’ll be held September 13-17, 2021, at the Meydenbauer Center in Bellevue, Washington. Mere blocks from local offices of AWS, Microsoft, Google, Facebook, SalesForce and others. Count on meeting some of the best cloud security minds in the world. Set your expectations high, and you'll learn even more than that.

The outstanding cast of speakers will include Christopher Krebs, former Director of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and security overseer of the 2020 US presidential election. If you’ve never witnessed Christopher speak, you’re as short changed as I have been. If I wasn’t participating, I’d attend SECtember for this reason alone.

In what is probably an administrative error, I’ve also been asked to present. I’m a die-hard fan of the CSA Consensus Assessment Initiative Questionnaire (CAIQ), a remarkable investigative tool for assessing the security posture of any CSP. The CAIQ (pronounced "cake") has more uses than you think. I’ll be talking about how I’ve used it for acquisition diligence.

Will SECtember be Virtual, In Person, or Both?

It will be in person. Rest assured that CSA’s Duty of Care plan will ensure the health, safety and wellbeing of all event participants. You will be safe, comfortable, and benefit from measures that will ensure optimal health and sanitary conditions in all environments where in-person interaction takes place.

Last But Not Least

Be aware that your participation in SECtember will do the world more good than helping to improve cloud security across the globe. CSA will be donating 5% of attendee proceeds to the fabulous Seattle Children’s Hospital.

SECtember – be there or be uninformed!

Update 11/2/21:

Access the presentation decks from SECtember 2021 here.

Watch recorded sessions and panels from SECtember 2021 here.

About the Author

Larry Hughes has been in the security industry for more than twenty years. His notable former roles include GRC Director at Equinix, the world’s largest interconnection company, and Head of Information Security at He is currently the Principal at LJH Cybersecurity Compliance Consulting.

Share this content on your favorite social network today!