January 2015: Cloud Security Symposium

Presentation 1: Cloudy with a Chance of Pain

ISSA Cloud Security Symposium – OBS Cloudy with a Chance of Pain

Speaker: James Adamson, CISSP, CCSP, CRISC, QSA, Senior Consultant, Online Business Systems

Bio: James is an information security professional with over a decade of consulting experience in the security and risk management field. Client projects have included the full lifecycle of security projects, including gap analysis, assessment activities, solution and roadmap development, and project-based remediation. Recent work has focused on helping clients build and run cloud environments that are secure and compliant. Experience in security architecture and aligning technical solutions with security governance helps clients implement business-enabling technology while retaining the emphasis on security of the enterprise and protection of their important data.

Abstract: The benefits of moving data, applications, and even infrastructure to the cloud are undeniable and we find an increasing number of companies who have made the big move or who are considering it. These new frontiers come with a healthy dose of fear and skepticism that a lack of security could put the entire organization at risk. But just as these same anxieties were conquered in a distributed computing world, the major cloud providers are offering architectural building blocks that allow you to assemble secure cloud environments. While the tools and solution sets will vary by provider, there are several emerging security best practices to help ensure that you are creating a secure computing platform. We’ll cover security options at a high level in AWS and Azure as well as how to prove that what you’ve built is indeed secure when your internal audit or external assessors come knocking. You’ll leave with a deeper knowledge of how to secure the cloud and hopefully a little less stress (at least around cloud security).

Presentation 2: Perimeters and Unicorns: Two things that exist only in IT fairyland.

Speaker: Krishna Narayanaswamy, Netskope

Bio: Krishna Narayanaswamy, Chief Scientist, Netskope A highly-regarded researcher in deep packet inspection, security, and behavioral anomaly detection, Krishna Narayanaswamy leads Netskope’s data science and user behavior research as chief scientist. Krishna brings 24 years of experience, including founding Top Layer Networks and serving as a distinguished engineer at Juniper Networks.

Abstract: Perimeters & Unicorns: Two Things That Only Exist in IT Fairyland Join Netskope’s co-founder and Chief Scientist Krishna Narayanaswamy, for a bird’s-eye view of how mobile and cloud have conspired to dissolve the enterprise perimeter and transform IT as we know it. Hear his take on how these dynamics have shifted the role of enterprise IT, why letting users “go rogue” is the path to business success, and how smart CIOs will become the drivers of growth and profits this decade.

Presentation 3: Security in cloud application delivery model & DevOps Integration

Speaker: John Martinez, Product Manager, Evident IO

Bio: John is a recognized industry expert and speaker with extensive experience implementing DevOps and security at cloud leaders like Adobe and Netflix.

Abstract: John will lead a deep dive discussion and live demonstration on how to improve security awareness between IT, Dev, Ops teams, and provide real-world (code) examples on how to bring security into your application delivery model to reduce security risks with DevOps integration and security and compliance automation within Amazon Web Services.

Presentation 4:  Data-Centric Security – Key to Cloud and Digital Business

Speaker: Ulf Mattsson, Chief Technology Officer, Protegrity.

Bio:  Ulf is commonly considered one of the founding fathers of tokenization and has been advising the industry’s top analysts and stakeholders including PCI Security Standards Council and ISACA. Ulf is the inventor of more than 20 patents in the areas of encryption key management, policy driven data encryption, internal threat protection, data usage control and intrusion prevention. Ulf is working with the PCI Security Standards Council to create standards for Payment Card Industry in areas of Cloud Computing, Encryption and Tokenization. He also is a research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security, ANSI X9, Cloud Security Alliance , Information Systems Security Association (ISSA) and Information Systems Audit and Control Association (ISACA).

Prior to joining Protegrity, Ulf spent 20 years with IBM working in software development as a consulting resource to IBM’s research organization, specializing in the areas of IT architecture and IT security. He received a master’s degree in physics from Chalmers University of Technology in Sweden, and holds degrees in electrical engineering and finance.

Abstract: Business is moving to the cloud. To achieve the agility and low overhead necessary to remain competitive, your business needs to get in the game. But increased regulatory requirements for securing sensitive data create a huge challenge for large enterprises – and 80% of businesses are not sure how to protect data in the cloud.  You need a scalable solution that protects your data before it moves to the cloud and continues to protect it once it’s in a cloud environment.

 

Share
This entry was posted in Past Presentations. Bookmark the permalink.