Ditch the kale smoothie, it's time to go big picture. Your organization is moving to AWS, and you're in a panic. Which of the 42 billion AWS service offerings do you really need? How do you manage user and service accounts? What about those 7 different rogue AWS accounts you just found out about? We'll talk about securing, organizing and standardizing your AWS environment(s), managing authentication, protecting your applications, and we'll walk through a few key guardrails you can plan today. Throughout the presentation, we'll talk about balancing security with usability, how your existing architecture can work for you and against you, and how to identify and protect your attack surface in (and even out of) the cloud.