NORTH AMERICA EMEA ASIA
All programs BankAudit 2013 InfoSec World Conference & Expo 2013 SuperStrategies Conference & Expo 2013 The Conference on Big Data Security
All programs The Audit Directors & Managers Symposium The MIS Audit Leadership Institute The MIS CAE Master's Program
ABOUT MIS INTERNAL AUDIT IT AUDIT INFO SECURITY IN-HOUSE TRAINING  
 
     Conferences            >      Seminars            >      Symposia            >      Webinars      Online Self Study      Training Weeks      In-House Training      Certificate Programs>      Exhibiting Info      Ways to Save      Request Info      Event Downloads      White Papers      Call for Instructors      Contact MIS      Site Map
Internal Audit IT Audit Info Security
Internal Audit IT Audit Info Security
   
Conference Program Registration/Hotel EXPO Press/Media
The Cloud Security Summit

In a short period of time the cloud has gone from being a fringe storage option to a critical component of many businesses. This Summit offers an exceptional opportunity to focus on the key security challenges inherent in cloud adoption. From attacking a public cloud, to conducting a cloud risk assessment, to user war stories, this Summit offers a comprehensive understanding of how to protect your data in the cloud while leveraging the cloud's capabilities.

Thursday, April 18
8:45 AM - 9:00 AM
Opening Remarks from the Chair
Tim J. Sandage, CRISC, CCSK, Compliance Manager, Amazon Web Services

9:00 AM - 10:00 AM
Encryption for the Public Cloud
John Viega, Executive Vice President of Products and Engineering, Perimeter E-Security
• New techniques for encryption that will allow organizations to operate on
fully encrypted data – even though it's sitting in the cloud
• Several different approaches, real-world tradeoffs and best practices for maximizing security, functionality and performance
• Clarity around the various approaches to data encryption for the cloud era
• Best practices for encrypting data-in-motion
• How to perform fast, full wildcard searching
• Through real-life examples, how to maximize cloud security for both software and data

10:00 AM - 10:15 AM Refreshment Break

10:15 AM - 11:30 AM
Conducting a Risk Assessment Within a Cloud Environment
Tim J. Sandage, CRISC, CCSK, Compliance Manager, Amazon Web Services
• Defining the risk-based approach for selection of security standards and controls
• How to categorize cloud service and deployment models, and map controls selection
• Developing and implementing control baselines and control tailoring for cloud service and deployment models
• Documenting how the controls are deployed
• Assessing the security controls by procedures, implementation and operational effectiveness
• Documenting the risks based on deployment service model and risk ownership
• Monitoring through a "real-time" risk management program to support continuous monitoring, report carding and control adherence beyond the authorization

11:30 AM - 12:30 PM PANEL DISCUSSION
Secure Cloud Deployment: Lessons Learned
Moderator: Tim J. Sandage, CRISC, CCSK, Compliance Manager, Amazon Web Services
Panelists: Nikita Reva, CISSP, CISA, Global Security Assessment Specialist, Mars Information Services – Chicago; Connie Barrera, MCSE, CISA, CISSP, Director of Information Security and Compliance, Chief Information Security Office, University of Miami; Travis Howerton, Chief Technology Officer, National Nuclear Security Administration
• Security concerns inherent in the adoption of cloud technology
• Controls used to mitigate risks
• What worked, what didn't, and what adaptations were required
• Trust technologies that have been successful
• Managing expectations in the company

12:30 PM Networking Luncheon

1:30 PM - 2:30 PM
Anatomy of a Public Cloud Attack DEMO
Aaron C. Newman, Founder, Cloud Compliance, Inc.
• How hackers attack and break into a public cloud
• New security issues presented by the public cloud
• Minimizing risks and remediating security weaknesses
• Best practices for cloud security
• A live attack demonstration and how to collect evidence after an attack

2:30 PM - 2:45 PM Refreshment Break

2:45 PM - 4:00 PM
Securing Mobile Clouds for BYOD
Dipto Chakravarty, Vice President, Engineering, NetIQ
• How to provision the BYOD model
• Detective mechanisms for monitoring transient guest devices that access resources on the corporate network via authentication and federation
• Techniques for safely using mobile devices in the cloud
• Best practices for single sign-on application set-ups for WRT smartphones
• Real-world examples of how users in large corporations are using mobile devices to administer systems in the cloud

4:00 PM - 5:00 PM
Privacy and Data Security: A View from the Cloud
Gerard M. Stegmaier, Attorney at Law, Privacy and Data Protection Group, Wilson Sonsini Goodrich & Rosati, P.C.
• Recent key legal developments
• Risk and operations considerations
• International and region-specific complications
• Health, financial and other industry-specific matters
• Actionable insights from legislative and policy developments in privacy and data security

5:00 PM - 6:00 PM Cocktail Reception
 Follow Us on Twitter

Platinum Sponsors

Gold Sponsors

Global Education Sponsor

Association Sponsors

Media Sponsors