April 13, 2017

Overcoming the Challenges of Securing Hybrid Enterprises

Presentation by Cryptzone

It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often results in a fractured security architecture without a centralized single policy, view or enforcement point. With this shift to hybrid, organizations need to embrace CSA’s Software-Defined Perimeter (SDP)…

March 15, 2017

Leveraging the Power of Threat Intelligence

Presentation by Ray Pompon and Sara Boddy of F5

It's becoming impossible for cyber security to keep up with paradigm-changing technological advancements which provide fertile new hunting ground for the more sophisticated cyber-criminals. You can't enumerate all possible attacks while calculating probabilities and impacts for each. We need to narrow things down. But when we reach for data, we drown in reports, dashboards, and…

March 6, 2017

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

Presentation by John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group

Join this in-depth interview at RSA Conference with John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group. Viewers will learn John's insights around: - Preparing for GDPR - Challenges for the new U.S. administration - Protecting our critical infrastructure - Protecting the IoT: personal accountability, product certifications, regulation - The…

March 1, 2017

Fighting the ‘Gap of Grief’ With Business-Driven Security

Presentation by Peter Beardmore of RSA

Defending against human ingenuity demands a new way of thinking. With countless dollars spent and infinite alerts you still don’t have a true picture of what is going on. So when a breach happens, can you answer THE question: “How bad is it?” The inability to do so is what RSA calls the “gap of…

January 19, 2017

Which CASB Deployment Mode is Right for Me?

Presentation by Srini Gurrapu and Brandon Cook of Skyhigh

When kicking off a cloud security project, you'll quickly discover that there are multiple deployment options for a cloud access security broker (CASB) – Log Collection, API, Reverse Proxy, and Forward Proxy – delivered via the cloud, on-premises, or hybrid - and with or without agents. But which CASB deployment mode is right for your…

January 17, 2017

Cloud First, Now What?

Presentation by Palo Alto Networks

Your executive staff has made a strategic decision to move to the cloud, and your team has the seemingly monumental task of executing on this new direction. The journey to the cloud introduces many unknowns, the least of which is determining the applications and data, including precious customer information, that belong in the cloud. Yet…

December 14, 2016

The 2017 Cyberthreat Landscape

Presentation by Leo Taddeo, Chief Security Officer, Cryptzone

2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threat landscape will help you better formulate your defensive strategy and prioritize security initiatives for 2017 and beyond. This webinar will feature Leo Taddeo,…

December 6, 2016

SIEM for the Cloud? The Essentials You Need to Know

Presentation by Chris Collard and Mark Campbell of IBM Security

A cloud-delivered security intelligence platform can help you make sense out of the mountains of data collected from your expanded perimeter of cloud workloads and assets. However, it’s easy to get buried in a data avalanche. Join us as we discuss the essentials for making sense out of cloud data and keeping your workloads secure…

November 29, 2016

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

Presentation by Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler

The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore different perspectives on how the guidance can best be used by organizations seeking to secure IoT products. We will also discuss how to prioritize your security engineering efforts…

November 15, 2016

CSA SDP for IaaS Initiative: Research Preview

Presentation by Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage

Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting from the seamless protection it offers, whether on-premises or in the cloud. SDP can better protect IaaS services for Enterprise usage, and deliver uniform and seamless protection of…

November 8, 2016

Conducting Security Investigations in Minutes (or Less)

Presentation by Doron Shiloach, Senior Product Manager at IBM

Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking a threat intelligence source and making it work with your security practice. Join the session to learn how to make the most of threat intelligence,…

November 3, 2016

Developing a Proactive Approach to GDPR Compliance

Presentation by Yael Nishry and Doug Lane of Vaultive

As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total…

October 19, 2016

Defeating the Insider Threat: Don't Have Your Head in the Clouds

Presentation by Evelyn De Souza and Mary Beth Borgwing

Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new research to understand the extent of this issue. Join the Cloud Security Alliance Strategy Advisor, Evelyn de Souza, Mary Beth Borgwing, President of LemonFish Technologies... -Uncover the…

October 18, 2016

IT Security & Privacy Governance in the Cloud

Presentation by Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE

After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical…

October 13, 2016

Working the Numbers: Learn How to Make the Case for a CASB

Presentation by Palerra

58% of security professionals expect their budgets to stay the same next year. If you’re like them, you’re trying to secure a growing number of cloud services and infrastructure without a bigger budget. What do you do? Make a bulletproof business case for a Cloud Access Security Broker (CASB). In this webinar you'll learn: -How…

October 11, 2016

20 Months to a New Global Data Privacy Law – What You Need To Do

Presentation by Nigel Hawthorn of Skyhigh

The GDPR Covers Anyone with Data on European Residents In May 2018, a new data privacy law comes into effect and any organisation with data on the 500+ million citizens of the European Union (EU) has to comply. Fines can be up to 4% of revenue, mandatory data loss notification to regulators and users comes…

October 6, 2016

Scared of implementing a data protection solution?

Presentation by Rich Mogul of Securosis and Terence Spies of HPE Security--Data Security

Data protection has a tendency to be intimidating for organizations, users and implementers. Organizations see the value of having a data protection program but the challenges of applying a data protection solution often upsets the balance and work flow within the organization, users and create challenges for those implementing. Wouldn’t it be great if there…

August 30, 2016

CSA Research: Mitigating Top Cloud Threats

Presentation by Salim Hafid and Rich Campagna of Bitglass, and John Yeoh of CSA

With cloud adoption on the rise, IT leaders are looking to peer organizations to understand security best practices in the cloud. Bitglass and CSA surveyed infosec professionals to uncover the top threats to cloud security and the tools most often used to secure cloud apps. In this webinar, John Yeoh, Senior Research Analyst at CSA,…

August 24, 2016

Standardization and visibility of security controls in Hybrid

Presentation by Avinash Prasad and Munish Gupta of Infosys Ltd

The needs for IT agility for business, is driving adoption of flexible computing environments including IaaS, Private Cloud among others. The challenge associated with this transformation towards the Hybrid cloud environment is the assurance around the security for the workloads and data. Specific issues arise due to the “Shared security model ” of the varying…

August 16, 2016

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

Presentation by Mat Hamlin of Spanning by EMC and Will McNae of Microsoft

Information theft is the most expensive consequence of cybercrime, according to a recent Ponemon study. Business interruption following a cyberattack exacts a high price in productivity and business process failures—even greater than the cost of information and revenue losses.1 The more data you share in the cloud, the more you expose it to attack. While…

August 9, 2016

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

Presentation by Brandon Cook and Santosh Raghuram of Skyhigh Networks

How does your organization combat insider threats and compromised accounts? Join CSA and Skyhigh Networks to learn about cloud threat findings from the research of CSA and Skyhigh Cloud Security Labs. We’ll share practical guidance on how to address the rapidly evolving cloud threat landscape, starting with user behavior analysis. Specifically, we will discuss how…

August 4, 2016

Protect Against New Threats to Safely Enable SaaS

Presentation by Palo Alto Networks

The usage of SaaS applications continues to grow rapidly whether they are enabled by IT or your end users. SaaS-based application usage has grown 46 percent over the past three years as shown in the latest Application Usage and Threat Report from Palo Alto Networks. The attackers are now adapting to leverage these applications as…

August 2, 2016

Joining the Cloud Cyber Intelligence Exchange

Presentation by Patrick Coughlin, TruSTAR

CSA, along with support from key corporate members like Rackspace and Intel, has been incubating a new intelligence exchange within the CloudCISC Working Group. Join CSA and technology partner TruSTAR to discuss: - The challenges of building effective intelligence exchange - How the CloudCISC exchange is designed differently - How you can get involved in…

August 1, 2016

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

Presentation by Jim Reavis of CSA and Atri Chatterjee of Zscaler

According to Gartner, cloud-based security is continuing to grow at a significant rate, spiking at a 35% CAGR compared to 6% for on-premise appliances. Newer and more advanced threats are creating risks that traditional appliances are struggling to keep up with. Consequently, the report highlights a number of key priorities for your security strategy, including:…

July 26, 2016

Five Requirements for Securely Adopting Cloud Applications

Presentation by Mark D. Campbell and Brandon Whichard of IBM Security

The business benefits of cloud applications are undeniable, however security concerns can still slow their adoption. While many mainstream cloud applications offer secure platforms and excellent security capabilities, much of the security burden is still on you. You still need a strategy and the technology tools to ensure your organization can safely and efficiently utilize…

July 13, 2016

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

Presentation by Brandon Cook and Srini Gurrapu of Skyhigh Networks

Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level of granularity when users access cloud-based systems of record from a variety of networks, locations, and devices. In today’s cloud-first, mobile-first world,…

July 13, 2016

Protecting employees on the move with cloud-friendly application segmentation

Presentation by Paul German of Certes Networks

Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonly reluctant to adopt cloud technologies over concerns with security and control over enterprise data. However at the same time, many of these same organizations…

July 12, 2016

Data-centric protection: the future of BYOD security

Presentation by Bitglass

Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools…

June 30, 2016

Building the Connected Hospital - Securely

Presentation by Chris Frenz, Jennifer Cathcart, Yogi Shaw, and Gib Sorebo

The concept of the Connected Hospital offers full integration with Electronic Health Record (EHR) systems, streamlined operations, and enhanced patient safety. Secure implementation of the capabilities that enable a connected hospital is a challenge given the diverse nature of the components involved. Hospitals, integrators and developers must work together to ensure that security is considered…

June 22, 2016

It's Alive! Automating Security Response in the Cloud

Presentation by Tim Prendergast of Evident.io

The challenges facing teams responsible for creating speed and acceleration in the cloud are numerous, but the most dangerous challenge is discerning security signals from infrastructure noise. We can no longer deploy catch-all appliances or wrap hosts in countless layers of agent-based security technology in modern cloud environments. The context and approach to security has…

June 14, 2016

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

Presentation by Daniele Catteddu, CTO, CSA & Josh Downs, Community Manager, BrightTALK

- Infosecurity Europe 2016 - BrightTALK were honoured to be joined by the CSA's CTO Daniele Catteddu to get his thoughts on cyber security and cloud defences in particular. Daniele walked through his thoughts on privacy shield and the sharing of EU data with the US; data protection; cyber security in the financial sector and…

June 14, 2016

Continuous auditing/assessment of relevant security properties

Presentation by John DiMaria of BSI

Module 3 in the CSA STAR Series While the Cloud Security Alliance’s (CSA) STAR Certification has certainly raised the bar for cloud providers, any audit is still a snapshot of a point in time. What goes on between audits can still be a blind spot. To provide greater visibility, the CSA developed the Cloud Trust…

June 7, 2016

The CSA Strategy for Securing IoT via the Cloud

Presentation by Jim Reavis

Internet of Things will lead to a future where virtually every physical item has a microprocessor and all industries will be disrupted. In this presentation, CSA CEO Jim Reavis discusses key security trends for Internet of Things and Cloud Computing. He will make the case that the cloud platform is the key strategy for attaining…

June 2, 2016

CSA SDP for IaaS Initiative: Best Practices and a Progress Report

Presentation by Jason Garbis of Cryptzone

Enterprise adoption of IaaS environments has brought tremendous benefits, in terms of cost savings and agility, and enabled a more dynamic infrastructure. However, these changes have created new security, compliance, and IT administration challenges for enterprises, and management challenges for cloud service providers. The good news is that a Software-Defined Perimeter (SDP) approach can solve…

May 20, 2016

Cloud Trust Protocol (CTP) Demo

Presentation by Alain Pannetrat of Cloud Security Alliance

The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, promoting transparency and trust. This video illustrates in concrete details how CTP can be used to monitor the security level of…

May 11, 2016

Mitigating risk with application isolation and cryptographic segmentation

Presentation by Adam Boone of Certes Networks

There is a direct correlation between the size of an enterprise’s attack surface and its risk profile. The greater the number of networked applications supported by the enterprise and the greater number of users granted access, the greater the chance that one of those users will be compromised and hackers will gain a foothold to…

May 11, 2016

The Business Value of Operational Risk Management

Presentation by John DiMaria of BSI

Risk Management is not a standalone activity carried out by a company’s risk experts; it is part of the responsibilities of management and a concern to all of the organization’s stakeholders. Risk identification and management are vital to strategic planning, project development and change management. Correctly instituted, Operational Risk Management (ORM) is a cross-functional and…

May 10, 2016

Risky Business: Key Cloud Security Metrics your Board Needs to See

Presentation by Srini Gurrapu, Skyhigh Networks

A recent study by Ponemon showed that the likelihood of an enterprise data breach of involving more than 10,000 records is approximately 22%. This risk, with an average associated cost of $3.79 million, has catapulted cloud security into an executive and board level. What key metrics should you track and share with your board? How should you structure your…

May 5, 2016

Improve CX, Productivity, Revenues and Security with Identity Coherence

Presentation by Steve Tout of Forte Advisory

Customers expect a seamless experience across services and devices, critical to ensure successful conversions and renewals in e-commerce. At the same time, the impact of disconnected user experience on employee productivity can have significant financial implications. Big egos, politics, a shortage of skilled talent, legacy systems and complexity can also conspire to undermine the success…

May 4, 2016

Meeting international requirements and leveraging CSA STAR for supply chain mana

Presentation by John DiMaria, BSI

When an organization adopts cloud services, it is in fact expanding its operations from a local or regional presence to a more global one. As a result, the corresponding organizational operations’ strategy needs to be adjusted to align with these changes. You need to be in line with international requirements as well as your supply-chain.…

April 27, 2016

Cloud security threats and resolutions: A meeting of the minds

Presentation by Jim Reavis of CSA, David Baker and Arturo Hinojosa of Okta

According to the 2016 Top Threats report from CSA, the ramifications of poor cloud computing decisions is no longer an IT issue but rather a boardroom issue. Executives at the highest levels are under scrutiny about security posture, and their response to a breach, from stakeholders, regulators and consumers. The growth of cloud and mobile…

April 26, 2016

Beyond the Firewall: Securing the Cloud with a CASB

Presentation by Mike Schuricht and Salim Hafid, Bitglass

As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Organizations need the ability to protect data in the cloud, at access, on the network, and across all devices. While cloud app vendors now offer robust functionality, they lack the level of granular control…

April 26, 2016

Mind the Mobile Gap

Presentation by Dan Wolff, IBM

Throwing a safety net over mobile cloud app usage leaves the enterprise having to balance manageability and security against the user experience. This session covers how you can gain visibility into mobile cloud app usage, defend against malware and threats, and enforce corporate policies for mobile—all while enabling BYOD and protecting the user experience.

April 20, 2016

Public, Private, Hybrid…Secure Your Cloud’s Future

Presentation by Sai Balabhadrapatruni Palo Alto Networks

The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed, and adopted. The challenge has become balancing the agility needs of the business with improving the security of the applications and more importantly the data as it moves between…

April 13, 2016

Dramatically Improve Network Security using SDP

Presentation by Jason Garbis, Cryptzone

It’s time to recognize that traditional network security tools grant users too much access and therefore create a serious security gap. A typical user may be authorized to access only a few resources across the enterprise, but from a network perspective can see, and send packets to, every service running on every server on the…

April 12, 2016

Reducing the Enterprise Attack Surface with Cloud-Friendly App Segmentation

Presentation by Satyam Tyagi, Certes Networks

The large volumes of data being stored as well as the multiple siloes, users and applications using the data, means that organizations are constantly under threat of a data breach. Certes Networks, will discuss how, despite the numerous threats and vulnerabilities currently faced by organizations, there are new ground-breaking cloud-friendly segmentation and application isolation techniques…

April 11, 2016

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

Presentation by Jason Wolford of Rackspace and Imam Sheikh of Vormetric

Your business has capitalized on managed cloud services to host many of your IT workloads. Now, you need to expand your cloud IT deployments further with public cloud services using Amazon Web Services or Microsoft Azure to scale cloud computing and storage resources to meet growing IT business demands. Suddenly, you have data center and…

March 31, 2016

Cloud Security: What You Should Be Concerned About

Presentation by Raji Samani of Intel Security and Jim Reavis of CSA

Intel Security conducted a survey regarding cloud adoption and cloud security. This webcast will discuss the findings and answer questions like... -Is cloud for everyone? -How much are companies investing in cloud? -What are the top concerns?

March 22, 2016

2016 Information Security Trends and Cloud Security Alliance Priorities

Presentation by Jim Reavis, CEO of Cloud Security Alliance

An informal look at the important security trends identified by CSA experts and the activities initiated by Cloud Security Alliance to address key industry issues.

March 21, 2016

How to Determine Responsibility for Cloud Security?

Presentation by Rich Campagna, Bitglass

Rich Campagna of Bitglass explains in this short video the WSJ test -- an easy way to determine the security responsibilities of SaaS vendors and their clients.

March 15, 2016

Not “If” but “When”: Protecting Your Data with a Cyber Resiliency Plan

Presentation by Santosh Raghuram, Skyhigh Network

In today's security landscape, a security breach is not a matter of "if," but "when." Is your organization prepared to minimize and mitigate the effects of a breach? Join the Cloud Security Alliance and Skyhigh Networks for a webinar discussing how to create a data-driven cloud cyber resiliency plan. In this session, you'll learn: -How…

March 15, 2016

Data Breaches are Inevitable: Reduce your Risk with Cloud-Friendly Segmentation

Presentation by Eugen Rusen, Certes Networks

The mass of data breaches that hit the headlines in 2015 show organizations must accept that breaches are inevitable, and breach detection and protection strategies are no longer enough to keep the hackers at bay. To prepare for a breach, organizations should put in place a breach containment strategy that assumes a breach will happen,…

March 10, 2016

The Borderless World: Bridging the Cloud with On-Prem Systems

Presentation by Farshad Ghazi and Chris Griffith, HPE Security

Learn more about the new CSA Top Threats Report and how to protect yourself. In the borderless world of Cloud computing, everything changes. You cannot deliver a cloud enabled business without a fundamental redesign of your security infrastructure. On-prem systems are increasingly integrated to cloud-based platforms which creates an abyss for data to spread to…

February 25, 2016

Securing IaaS - The Forgotten component of Cloud Access Security Brokers

Presentation by Ganesh Kirti, Palerra

ShadowIT Discovery and security of SaaS are often considered key capabilities of Cloud Access Security Broker. There is, however, one critical capability which is often overlooked; security of IaaS. Many organizations are finding out the hard way that focusing on security of SaaS is only part of the puzzle. They must address the security of…

February 17, 2016

The State of Office 365 Security

Presentation by Doug Lane, Vaultive

Microsoft Office 365 adoption skyrocketed in 2015, but security and compliance questions are still keeping many organizations on the sidelines. What built-in security features does Microsoft provide, and under what circumstances are they good enough? Which industries and use cases call for a third party Office 365 security solution? Join us as we discuss these…

February 11, 2016

Road Map to CSA Star Certification: Module 1

Presentation by BSI

ROAD MAP TO CSA STAR CERTIFICATION – OPTIMIZING PROCESSES, REDUCING COST AND MEETING INTERNATIONAL REQUIREMENTS With Japan’s introduction of the quartz wristwatch in 1969, the majority Swiss market share dropped from 80% at the end of World War II to only 10% in 1974 . Ironically, it was the Swiss who had invented the quartz…

February 3, 2016

Next-Gen Mobile Security: What comes after MDM?

Presentation by Salim Hafid and Neal Mhaskar, Bitglass

BYOD is an adoption, not a rollout. In fact, 57% of employees refuse MAM or MDM on their personal devices. What are the drawbacks of MDM? How can your organization both drive adoption and effectively secure BYOD? In this webinar, we'll answer those questions and discuss next-generation mobile security solutions that can help secure corporate…

January 28, 2016

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

Presentation by Anil Karmel, Co-Founder and CEO of C2 Labs

Containers such as Docker and CoreOS Rkt deliver incredible capabilities to developers and operators and are powering the DevOps revolution in application development and deployment. Docker in particular has taken industry by storm, resulting in over 400 million downloads and 75,000+ containerized applications in this open source platform. With all this new found power come…

January 14, 2016

Making Trusted Decisions to Use the Cloud: A New Model to Succeed

Presentation by Jeffrey Ritter

You know that every decision to use the Cloud will be challenged, whether by investors, executives, customers, or members of your own team. Behind every challenge is the same question, "Can we trust the decision?" This presentation introduces a new decision model that will transform the confidence you can earn from others that your decisions…

December 9, 2015

Cloud Access Security Brokers: Critical Capabilities

Presentation by TBD

Cloud Access Security Brokers (CASBs) are the hottest security technologies on the market. They provide organizations with much needed visibility and control over corporate data as it moves beyond the firewall via the public cloud. In this webinar, experts from Bitglass will dive into the architecture of CASBs and explain how the wide range of…

November 24, 2015

Can I Still Use The Cloud? Now That Safe Harbor is Dead

Presentation by Nigel Hawthorn

A webinar for IT Security, Legal and Compliance Managers. The EU-US Safe Harbor agreement for data transfers has been declared invalid. Hear what this means for you, your organization and your data on EU citizens. Can you save data in US cloud services, and if so, what do you need to know to ensure you…

November 10, 2015

Keeping your Data and Applications Safe from the CSA Top Threats

Presentation by Farshad Ghazi and Chris Griffith--HP Security

The cloud presents all kinds of opportunities for today’s enterprise, from anywhere access to anything-as-a-service. Cloud computing imposes significant security risks on the corporation, network, IT and the day to day activities of the business. How do they maintain compliance, control and ownership of sensitive data as they move from the physical environment to a…

October 21, 2015

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Presentation by Matt Brunsvold of Cargill and Srini Gurrapu of Skyhigh

Skyhigh’s Office 365 Cloud Adoption and Risk report shows that the average enterprise uploads 1.37TB of data across SharePoint, OneDrive, and Yammer each month, 17.4% of which is sensitive.  With Office 365 use exploding and vast volumes of data headed to the cloud, IT Security teams are working to determine how they can enforce security,…

September 24, 2015

Top 3 Reasons Why Growing Organizations are Moving Their Security to the Cloud

Presentation by James Kawamoto, Zscaler Inc.

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. Data security, privacy and compliance have never been more at risk than in today’s social and…

August 20, 2015

Professionalizing the Cloud Security Workforce

Presentation by Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)²

(ISC)² and CSA recently developed the Certified Cloud Security Professional (CCSP) credential to meet a critical market need to ensure that cloud security professionals have the required knowledge, skills and abilities to audit, assess and secure cloud infrastructures. Join Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)² on August 20, 2015…

July 15, 2015

Leveraging Data Control and GRC for Securing Data on the Cloud

Presentation by Ryan Ko- CSA APAC Research Advisor, Vibhav Agarwal – Associate Director - Product Marketing, MetricStream

Leveraging Data Control and GRC for Securing Data on the Cloud - A Practical Guide for Immediate Challenges and An Overview of Long-Term Research Challenges Data security for cloud applications is a perennial challenge due to the lost of control and oversight over data placed within clouds. As cloud becomes mainstream, various industries need to…

July 8, 2015

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

Presentation by Evelyn de Souza, Data Governance Workgroup Chair, Cloud Security Alliance & Data Privacy and Compliance Leader, Cisco Systems

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach over the next 12 months. While cloud insider threats consistently rank as a top concern, they have not been decomposed and mitigated like enterprise exploits. We will uncover threat vectors and behavioural traits and present new…

June 30, 2015

Cloud Standards - Ready for Prime-time (part 2)

Presentation by Michel Drescher, EGI; John Messina, NIST; Peter Deussen, Fraunhofer FOKUS

Cloud computing will not reach its full potential without fully developed and stable management and context standards. Customers indeed expect freedom of choice, increased control and interoperability, as a tool for fair competition and unfettered innovation. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance. While part one…

June 25, 2015

Lessons Learned From the Biggest Security Breaches

Presentation by Jim Reavis, CSA; Michael Sutton, Zscaler

Learn about the biggest security breaches and what it means for your organization. The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest profile companies have been compromised including Anthem, Sony, Home Depot, JPMorgan Chase, Target and more. 2015 is turning out to be…

June 9, 2015

Cloud Standards - Ready for Prime Time

Presentation by Michel Drescher, EGI; Alan Sill, OGF, Texas Tech University; Alex McDonald, NetApp; David Wallom, Oxford e-Research Centre

Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as a tool for fair competition and unfettered innovation in cloud services. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance.…

May 19, 2015

How to Negotiate a Proper SLA

Presentation by Jesus Luna, CSA; Frederic Engel, Market Engal SAS;Daniele Catteddu, CSA; Arthur van der Wees; Arthur's Legal; Said Tabet, EMC

The typical cloud customer easily grasps perceived advantages and user-friendliness in the cloud, but they are not security experts. Matching an customer's security requirements with what is being offered by CSPs can be the biggest challenge. Even though most CSPs include security provisions in their SLAs (Service Level Agreements), the variety of customer requirements make…

May 12, 2015

Preparing for 2015: Internet security best practices from the Global 1000

Presentation by Jim Reavis, CEO at the Cloud Security Alliance & Dan Druker, CMO at Zscaler

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. So what can you do today to keep your security ahead of these trends? In this…

March 19, 2015

Platform as a Service: Build Cloud Applications Rapidly and Reliably

Presentation by Jonathan Sage, IBM; Mike Edwards, IBM; Achille Pinson, PrepMyFuture.com

CloudWATCH webinars aim to evangelise the merits of cloud services to SMEs and governments. This particular session on building cloud applications will explain Platform as a Service. Cloud technologies, such as Bluemix, make app development easier, more practical, and cost effective. Also, Achille Pinson, founder of PrepMyFuture.com, will share his experience as a cloud service…

February 17, 2015

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

Presentation by Peter Wood (moderator); Prof. John Walker, James Brown (Alert Logic), Bernd Jaeger (Cloud Security Alliance)

Join this exciting panel session with some of the industry's leading thought leaders including: Peter Wood, CEO, First Base Technologies Prof. John Walker, Researcher, Writer & Speaker, Cyber-Vault Stephen Coty, Chief Security Evangelist, Alert Logic Bernd Jaeger, Cloud Security Alliance The panelists will discuss topics ranging from predictive security, real-time threat intelligence, combining structured and…

February 5, 2015

Cloud CISC Virtual Summit

Presentation by Paul Kurtz, Dave Cullinane

The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharing. CSA has selected a partner, TruSTAR Technology, to create what we are calling the industry’s first Cloud CISC (Cyber Incident Sharing Center). We believe it is…

February 4, 2015

An Approach to Cloud Services Risk Management for Today’s Enterprises

Presentation by Deepayan Chanda, Wesley Cheng, Security Solutions Architects, Advanced Services, Cisco Systems

This session provides a methodology and a Business Risk Framework for assessing the risk of an ever-increasing number of cloud services. It builds upon the Cloud Security Alliance Cloud Controls Matrix by enabling users to add new controls and address risk vectors such as the financial viability of a cloud service provider, traffic data, and…

February 4, 2015

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

Presentation by Derick Fogt, IT Risk Management, Cisco Systems

A great many enterprises leverage the Cloud Security Alliance Cloud Controls Matrix as a primary component for identifying cloud service provider risks. What’s also needed is a way to measure these risks. This session will focus on building a risk rating framework and on better quantifying and operationalizing risk management activities. Presenter: Derick Fogt, IT…

January 29, 2015

Service Management: What Standards Can Do For Business – The Example of FitSM

Presentation by Dr. Thomas Schaaf, Dr. Michael Brenner, Owen Appleton, Sy Holsinger

To meet customer needs and provide valuable services, it is important to maintain a high quality of service, which in itself requires a well-structured approach to IT Service Management (ITSM). Existing approaches such as ITIL and the ISO/IEC 20,000 standard are useful but not always well suited to the challenges of providing cloud or other…

December 4, 2014

IoT Security Challenges for Early Adopters

Presentation by Brian Russell, Chief Engineer CyberSecurity Solutions at Leidos

The Internet of Things (IoT) offers enhanced technology capabilities in diverse industries. In the health care setting, IoT will bring new connected medical devices that support near real-time monitoring of patient health information. In the transportation industry, connected vehicles will communicate securely with each other and with the environment surrounding them, offering safer commutes. In…

November 26, 2014

Monitoring in a Cloud Environment

Presentation by Eliot Salant, Dario Bruneo, Avi Miron - Cloud Wave; Kyriakos Kritikos - PaaSage; Michel Drescher - EGI, CloudWatch

Monitoring resource consumption in a Cloud environment is becoming an increasingly important research topic in order to provide optimal management of both the underlying Cloud infrastructure and executing applications. Clouds are complex environments composed of many different entities and layers. Each of them may be provided with mechanisms offering various management actions. Different situations call…

October 15, 2014

Reducing Risk in the Cloud with the CCM

Presentation by John Yeoh, Sr. Research Analyst, CSA; Sean Cordero, Co-Chair, CSA CCM Working Group

Cloud computing promises to deliver efficiencies through reduced time to market and greater agility for organizations. While the impact of cloud computing is profound, many organizations remain hesitant to consider the cloud. This is often due to a lack of clarity over the unique security risks introduced in the cloud computing model and a perceived…

October 2, 2014

The Role of Certification and Standards for Trusted Cloud Solutions

Presentation by Daniele Catteddu, CSA; Dr. Michaela Iorga, NIST; Marnix Dekkar, ENISA; Claudio Belloli, GSA

Security and privacy certifications have been identified as one of the most effective means to increase the level of trust in cloud services and stimulate their adoption. Based on this assumption, it was critical to focus on the appropriate standards and their interoperability. Therefore, a number of efforts have started in Europe, mainly led by…

September 24, 2014

New Opportunities for Data Privacy and Data Protection Harmonization

Presentation by Evelyn De Souza, Cisco; Dan Blum, Respect Network; Mary Beth Borgwing, Advisen

This week the CSA and Cisco announced the results of a comprehensive survey of cloud security professionals on data privacy considerations. The survey responses highlight a growing and strong interest in harmonizing privacy laws towards a universal set of principles. But what does this really mean as you develop cloud services for your organization? And,…

September 24, 2014

Big, Open, and Properly Protected Data?

Presentation by Mariusz Jarzebowski, demosEUROPA; Ratko Mutavdzic, PROJEKTURA; DR. Gwendal Le Grand, CNIL; Patrice Chazerand, DIGITALEUROPE

Big data keeps making the headlines. Open data is high on governments’ agenda. This CloudWATCH webinar will hear contributors to the research paper ‘’Big & Open Data in Europe: A growth engine or a missed opportunity?” debating the impact on the economic potential of various parts of Europe – North, South and East. CNIL, France’s…

September 23, 2014

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

Presentation by Ilia Tivin- CISSP, CCSK- Senior SIEM consultant and Hiroshi Masuda- HP APJ TSC ITAS(Security) Lead

Cloudbytes is a Webinar/Webcast for the APAC region which would be held monthly for all the CSA chapter members. The CloudBytes program will look to bring the most important topics to the forefront for education and discussion. Security is one of the major barriers to cloud adoption and transformation when we think IT risks in…

August 28, 2014

Multi-tenancy in Federated Clouds

Presentation by Michel Drescher, European Grid Infrastructure; Jesus Luna, CSA; Ian Osborne, Knowledge Transfer Network; Colin Wallis, NZ Gov

However popular multi-tenancy has become in cloud computing, this concept still sounds a bit like a mystery. This CloudWATCH webinar will provide you with a chance to get a crystal-clear take of the concept by clarifying how tenancy is defined, how relations between tenants and their behaviour should be designed. Indeed, in a typical multi-tenancy…

July 24, 2014

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

Presentation by John Howie, Cloud Security Alliance; Doug Meier, Pandora; Krishna Narayanaswamy, Netskope

The Cloud Security Alliance’s Cloud Controls Matrix is a rich source of cloud security best practices designed as a framework to provide fundamental security principles to cloud vendors and cloud customers. It serves as a useful guidepost for app developers and technology decision-makers alike. But what if you really want to put it to work…

July 15, 2014

Legal Issues for Cloud Computing

Presentation by Paolo Balboni, ICT Legal Consulting; Lucio Scudiero, ICT Legal Consulting

Cloud Computing Users increasingly attempt to negotiate contract terms for cloud computing services, in order to make them more suitable for their specific needs. However, despite the efforts they make, contracts are still often concluded on a take-it-or-leave-it basis, because of the negotiating power enjoyed by bigger cloud service providers against small service clients. The…

May 16, 2014

2 Minutes on BrightTALK: What are your weak points?

Presentation by Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance

Hear what Daniele Catteddu recommends to strengthen your IT security posture - from risk assessments to mobile and cloud computing.