Featured panels and topics include:
Are US Cloud Service Providers Insecure – A Technical Look: Jon-Michael C. Brook, Former Cloud and Security Architect at Symantec, will dive into the history of protectionism and tariffs and EU Privacy legislative background. He will then bring to light common arguments of US privacy invasions along with cloud service providers principal protection mechanisms, reference architecture examples and security evaluations.
Identity Security Automation to Stay Ahead of Nation State Attacks: Today's massive infrastructures are leveraged on user as well as embedded credentials and certificates. Most cloud providers pay little attention to the internal management of these identities and risk serious damage due to periodic perimeter breaches caused by phishing, malware, and other intrusions. Philip Lieberman, President, Lieberman Software will inventory some nation-state attack points, provide guidance on remediation, and describe next generation automation to eliminate these threats from day 1 via rethinking how identity security is managed internally.
The Cloud House of Cards: Accountability vs. Instant Gratification?
Francoise Gilbert, Esq., CIPP/US, Managing Director, IT Law Group will speak to the legal implications of the cloud multi-layer environment, including the taxonomy of cloud services contracts and their dependencies. In outlining the accountability requirements in the different legal systems worldwide, Gilbert will provide the audience with insight on how accountability affects the cloud environment and the legal and technical requirements in performing due diligence, contracting and auditing cloud services.
Big Data, Big Security Questions – Securing Petabytes of Data: Peter Guerra, Senior Associate, Booz Allen Hamilton will address what the Big Data security problem is and how to address it with new architectures. Attendees will also be given access to case studies that look at understanding data cloud security ecosystems.
Trusting Mobile Users in the Cloud: Can We Learn from Past Authentication Failures?
Phillip Dunkelberger, CEO, Nok Nok Labs, will provide insights into business and consumer
challenges with online/mobile authentication including original research into the scale of the authentication challenge along with future considerations of the mobile requirements and emerging technologies.
Key Considerations to Moving Enterprise Applications to the Cloud: Dan McNerney, SVP, Global SAP Services, Freeborders Corporation will lay out how to architect the right solution including security, compliance and accessibility and what the key success criteria looks like. He will also share how to securely transition and manage enterprise and business critical applications to cloud.
How to Respond to Cloud Security Incidents: Kristy Westphal, Director, Security Operations, T-Systems North America will address the importance of customer and vendor roles, how to conduct tests to find holes in the process, recommended processes and templates, and necessary contractual statements and recommended policies.
Cloud Security Alliance Congresses continue to be the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering best practices and practical solutions for remaining secure in the cloud, this year's fourth annual U.S. CSA Congress will focus on emerging areas of growth and concern in cloud security. Attendees will gain exposure to industry-specific case studies that will help them learn and leverage best practices used by their peers in moving to a secure cloud.