-
Summary
-
Speakers
-
Schedule
-
Contact Us
<
>
New Normal - The Relevance of Cloud Security
The shift towards remote working has prompted businesses to change their IT models. Needless to mention, as cloud adoption grows, organizations’ cloud strategy must go hand-in-hand with a security strategy. Given that remote working or work from anywhere is here to stay, and businesses will continue to shift to cloud infrastructure, it has never been more vital for them to a strong, reliable and robust strategy to protect against the ongoing threat of cyber attack.
Join leading experts from India with domain proficiency and expertise to discuss the key issues and trends facing cloud security and cybersecurity today at this one-day virtual Summit organized by CSA APAC & CSA Bangalore, Kolkata Mumbai & NCR chapters on 1 October 2021.
The event is free to attend. To register for the sessions, log in using your BrightTalk account. If you do not have an existing account, please sign up here https://www.brighttalk.com/login/. Once the account is created visit https://www.csaapac.org/csaindiasummit2021.html and register for sessions you would want to attend under the 'schedule' tab.
Earn CPE Credits: To download your viewing certificate, navigate to the “Viewing History” section of your BrightTALK Account. You can find more information about this here: https://support.brighttalk.com/hc/en-us/articles/204280700-Can-I-have-a-list-of-all-the-webinars-I-ve-attended-
The shift towards remote working has prompted businesses to change their IT models. Needless to mention, as cloud adoption grows, organizations’ cloud strategy must go hand-in-hand with a security strategy. Given that remote working or work from anywhere is here to stay, and businesses will continue to shift to cloud infrastructure, it has never been more vital for them to a strong, reliable and robust strategy to protect against the ongoing threat of cyber attack.
Join leading experts from India with domain proficiency and expertise to discuss the key issues and trends facing cloud security and cybersecurity today at this one-day virtual Summit organized by CSA APAC & CSA Bangalore, Kolkata Mumbai & NCR chapters on 1 October 2021.
The event is free to attend. To register for the sessions, log in using your BrightTalk account. If you do not have an existing account, please sign up here https://www.brighttalk.com/login/. Once the account is created visit https://www.csaapac.org/csaindiasummit2021.html and register for sessions you would want to attend under the 'schedule' tab.
Earn CPE Credits: To download your viewing certificate, navigate to the “Viewing History” section of your BrightTALK Account. You can find more information about this here: https://support.brighttalk.com/hc/en-us/articles/204280700-Can-I-have-a-list-of-all-the-webinars-I-ve-attended-
Co - Organized by
Platinum Partners
Gold Partner
Speakers & Panelists
Parveen ARORA
Co-Founder & Director, VVnT Foundation
|
Parveen Arora is quality security consultant and founding director @VVnT SeQuor. He is also a Co-founder @VVnT Foundation, a not-for-profit organization embarked on the mission to build an empowered community of Knowledgeable, Efficient and Ethical – Verification Validation & Testing Professionals in India. He is certified practitioner and expert in Cybersecurity, Cloud Security Engineering, Privacy by Design, Scaling DevOps & implementation of Quality-First approach to build better Products and Services in compliance to global standards. His credentials include: CCSK, Certified GDPR Practitioner & Fellow of Privacy Technology, Certified DevOps Leader & Coach, DevSecOps Certified & Practitioner, Certified Software Test Manager & Test Automator, ITIL v3 Foundation Level, ISO 9001, ISO/IEC 27001 and ISO/IEC 20000 Certified, Certified Kaizen Practitioner.
|
Dr. Lopa Muddra BASUU
APAC Research Advisory Council Member, CSA
|
Dr. Lopa Mudraa Basuu, a leading Security evangelist with 18+ years of rich, versatile experience in IT & Information Security, Data Protection, Technology Risk Management & Governance with a proven performance record of delivering value as business enabler. She holds a master degree in Information Technology and Doctor of Excellence in Cyber Risk Management. She is a certified global CIO from ISB Hyderabad. She also has the required industry certifications - C|CISO, CRISC, CISM, CHFI, ECSA, CEH, DCPLA, DPO, LA ISO 27001, Certified SAFe 4 Practitioner (Scaled AGILE), ITIL. Global industry leaders like - OCWEN (Global Director IT Risk Operations), SLK Global (AVP & Head Enterprise Security & Risk Governance), MetLife (Manager IT Security & Quality) and Infosys (Consultant Security Audit & Architecture) are amongst the organizations to which she has contributed in her career till now. She authors articles and is a regular speaker & panellist in the professional public domain on the same. She also mentors & guides the professionals.
She has expertise in - enterprise security & risk governance portfolio management, strategic alignment of technology with business & regulatory requirements, cyber defence program management, privacy program management, security operations, third party risk management, shadow IT governance, security training, architecting network security, security& risk based audit lifecycle management including tech-audit & standardization & compliance program lifecycle management (SOX, SOC, ISO 27001, ISO 22301, ISO 20000, ISO 31000, PCI DSS, COSO, CobiT, VAL IT, RISK IT, ITIL, DAMA, EU GDPR, HIPAA, HITRUST, DPF/DSF, WCA). |
Renu BEDI
IT Security Manager, PwC
|
An information Security professional and a transformational security leader with an extensive background in GRC, IT/IS audits, and third-party risk Governance roles, Renu brings a leadership perspective combined with practical “hands-on” experience. Throughout her career, Renu has focused on risks associated with third-parties and the adoption of emerging technologies, including cloud computing and IoT in healthcare and financial services organizations.
Renu actively volunteers with CSA and ISACA and is certified in CISSP, CISM, CISA, AWS Certified Cloud Practitioner, and ITIL. |
Madhav CHABLANI
Chairman, CSA NCR Chapter
|
He engages in consulting assignments, developing, managing and advising global enterprise clients to succeed on IT Governance, Strategy, Enterprise IT Performance, Risk Management, Compliance & Sustainability, Audits and Assurance, Strategic IT Outsourcing, Distilling Digital Strategies and Transformation in enterprises, Cyber Security & Privacy, Cloud Strategy, Migration, Governance and Security, in Organizational Change Management programs & Transformations initiatives, enriched outsourced delivery capabilities, Practice-level competency requirements, build and delivered Center of Competence for Technology Solutions, Enterprise Information Architectures & Integration, that minimizes risks in an enterprise and align in creating business value.
He is passionate, Innovative, being customer focused & committed for value delivery, a professional with over 30+ years of proven success, has worked in past with Big 4 Consulting firm as Partner (Advisory) - Protiviti, HP Consulting, NIIT Technologies, Agilent, Xansa (now Sopra Steria), PCS and WIPRO on both domestic and global offshore projects and consulting assignments. These include mentoring start-ups in APAC for product development/innovation, service delivery, business development, client relationship & P&L management – Fintech, Healthtech, Cloud Security and Smart Cities initiatives. He orchestrates with governments, industry and academia for building advocacy and thought alignment, for communities - CSA, CCICI, ISACA and IAMI. He is involved in Smart City ICT Standardization in India, ITU-T & NIST (Cyber Physical Systems). He has also been, involved in initiatives of "Thought Leadership" for technology strategies, investments and M&A, focused on building and enriching "business value" and "keeping stride in remaining competitive". He is engaged in working groups for thought aggregation and building knowledge components which could be adopted in Chairman of NCR Chapter | WG member of : Application Containers & Secure Microservices Architecture | Serverless Security | Cloud Control Matrix 4.0 | IOT4Healthcare – Connected Healthcare – Designing Secure IoT Devices | Enterprise Architecture | Blockchain and Distributed Ledger | Mobile Application Security Testing | Converged Vehicles Framework | SecaaS | TEC (DEITY) – m2m – Smart Cities Advisory | MEITY – Cloud Consultations; Governing Council Member – CCICI (Cloud Computing Innovation Council of India ) | an IEEE incubation initiative (WG : Interoperability | e-Gov Reference architecture | Framework for Multi-vendor Cloud Services | IOT4Smart Cities – Security Architecture| TRAI Cloud Computing Consultation | Cloud Management Office (MEITY). |
Satyavathi DIVADARI
Chairman, CSA Bangalore Chapter
|
Satyavathi Divadari is working as Chief Cyber Security Architect at Micro Focus. She is also the Chairman of CSA Bangalore Chapter and a Global Advisory Board Member of CTIA in EC-Council.
Satya has over 22 years of experience in Banking, Telecom, IT/ITES and Media industries and leadership positions at News Corp, Cognizant, Wells Fargo, Capgemini, IBM, and Tata Communications Ltd. She is a cross functional enterprise architect in cloud security, security operations, application security, network security, identity governance and administration, and data Security. She has proven her expertise in defining and executing security controls around strategic digital transformations, and built secure environments with improved return of investment through continuous improvement and innovation culture. She holds variety of certifications that includes AWS Cloud Solution Architect Associate, CFE, CIPT, TOGAF, PMP and CISSP*. She is a noted speaker in national and international forums. She has been awarded in multiple forums for her contributions to community that includes “Top 20 Indian Women Influencers in Security 2020” by Security India, “CISO Top 100” by CISO Platform, “Women in tech - Chief Mentor” by Kamikaze B2B Media, “Top Technologists -Tech Beacon” award by WEquity. |
Praveen KULKARNI
Country Manager - Security Risk & Governance, Micro Focus
|
Praveen Kulkarni heads the Cyber Resiliency business for Microfocus in India. He is responsible for working with enterprises on Cyber Resilience, Cyber Security, Security Operation, Application Security, Data Privacy & Identity and access management. Prior to this he has held various leadership roles in Microfocus, HPE and HP.
|
Brendan LAWS
Director, Solutions Architecture, Rapid7
|
Brendan leads the solution architecture team within Rapid7 Asia Pacific. He helps people understand challenges, define goals and mature cyber capabilities; whilst accommodating their teams’ abilities and leveraging the diverse array of technologies and your business strategy. This journey has already consumed two decades and has provided me with vantage points that span industry sectors, and importantly, people and cultures. Above all, I aim to reduce the noise of a remarkably diverse, complex series of domains.
|
Dr. Hing-Yan LEE
EVP APAC, CSA
|
Hing Yan LEE is Executive Vice President, APAC at the Cloud Security Alliance (CSA). He has over 30 years of ICT working experience in both the public and private sectors. He was global director of the CSA STAR program for 6 months in 2017. Prior to that, he was Director of National Cloud Computing Office at the Infocomm Development Authority (IDA) for 9+ years, where he was responsible for the national program for, inter alia, developing the cloud ecosystem, promoting cloud adoption by government agencies and private enterprises, and building a trusted environment (which included developing the Multi-Tier Cloud Security (MTCS) standards and Cloud Outage Incident Response guidelines).
He was previously Deputy Director of National Grid Office at the Agency for Science, Technology & Research (A*STAR), Principal Scientist at the Institute for Infocomm Research, Director of Knowledge Lab and Deputy Director of Japan-Singapore Artificial Intelligence Centre at the Kent Ridge Digital Labs as well as Deputy Director at Information Technology Institute (the applied R&D arm of the National Computer Board). He oversaw and managed industry collaborations and applied R&D in machine language translation, spoken language dialogue, expert systems, knowledge discovery, data mining, data visualization, and other knowledge-driven efforts. Hing Yan is a Fellow and former VP of the Cloud Chapter in Singapore Computer Society. He is active in the ITSC working group on MTCS revision, and SingAREN Lightwave Internet Exchange (SLIX 2.0) Steering Committee. He has also undertaken consultancy and research reviews for the governments of Finland, Israel, Malaysia and Singapore as well as cloud service providers. He graduated from the University of Illinois at Urbana-Champaign with PhD and MS degrees in Computer Science. He previously studied at Imperial College London in the UK where he obtained a BSc (Eng.) with 1st Class Honours in Computing and MSc in Management Science. |
Ashish MEHTA
Co-chair, CSA Blockchain Working Group
|
Ashish Mehta is Director at Genese Incubation Management Services Pvt Ltd; a leading startup incubator and advisory firm with a strong focus in supporting innovative “Make in India” focussed startups and taking their break-through products in the fields of EVs, agriculture, supply chain, blockchain, cybersecurity, education & medicine onto a global stage.
Ashish has extensive experience in cybersecurity, blockchain, compliance, privacy standards, IT management, financial markets, decentralized grids and the energy industry. He currently serves as C0-chair of the CSA Blockchain Working Group. In that capacity, he is responsible for pushing their multiple research efforts as well as coordinating with multiple industry participants on cross-pollination of cybersecurity research. He also serves as an Advisor to the Government of Kerala's Blockchain Initiative. He has also worked with Dubai Government’s DLAD initiative. He serves as an advisor to multiple blockchain startups and is a part of technology analyst panels like Dimensional Research, IDG and Aberdeen. He has served as an IT management and cybersecurity professional for multiple SMEs across UAE, India and USA for over a decade prior to starting his own cybersecurity consultancy. He has taught blockchain courses for corporations and universities worldwide. He was awarded the Title of “Cybersecurity Research Fellow” in 2021. He was awarded with the Ron Knode Award for Cybersecurity Best practices at Sec-Tor,Toronto,Canada in 2017. He is Co-Author on Books on BPX (SAP) & OCEG RedBook(GRC). He is also an active participant in the research efforts of NIST,ACT-IAC , OWASP & IEEE.He Holds multiple certifications in the fields of IT, cybersecurity, blockchain and IoT. Has a special research interest in quantum computing & IoT defensive techniques. He has been interviewed by leading technology journals like Iot-Inc & has spoken at multiple global events like Unblock 2021,Metamorphosis 2020,LF Energy 2020,CSA Summits,Startup Grind summits & Planet Blockchain. He was awarded with the Young Alumni Achiever award for 2020 by IIT-Kharagpur, India. Ashish holds a B.Tech (Hons) in Electrical Engineering and M.Sc in cryptography with a minor in technology strategy from Columbia Business School, NY. |
Ekta MISHRA
Country Manager, India, CSA
|
Ekta has been with CSA for over seven years. As APAC Membership Director, she is responsible for customer relations with APAC corporate members, assuring that members understand and utilize their membership benefits. As India Country Manager, she is responsible for managing CSA’s business within India. She also looks after the engagement with members, partners, chapters and other strategic alliances in country. She strengthens CSA influence and presence in APAC through managing over 30 Chapters in the region primarily focusing on providing the various support system and tools for strengthing the Chapters engagement. Ekta also manages the CCSK Training in the APAC region and has been actively leading various regional events in India.
Ekta has completed her MBA in marketing from S.P Jain School of Global Management- Singapore and Dubai. |
Ramesh NARAYANSWAMY
CTO, Aditya Birla Capital
|
Ramesh Narayanaswamy is currently the chief Technology officer for the Aditya Birla Capital Limited which is the holding company for the financial services business of the Aditya Birla Group. Ramesh is responsible for Technology, Data and Digital for all the financial services company. Ramesh has more than 25 years of technology experience in delivering transformational programs across various geographies. Prior to this role, he has been in the technology space in CIMB Bank, Standard Chartered Bank, Singapore Post and Citibank. Ramesh is passionate about technology transformation and innovation and has successfully implemented various programs in his different stints.
Ramesh holds a MBA from Nanyang Technological University, Singapore and Bachelors and Masters degree from Birla Institute of Technology and Science, Pilani, India. |
Keith PRABHU
Chairman, CSA Mumbai Chapter
|
Keith Prabhu helps organizations to secure their digital assets. He is the Founder & CEO of Confidis and also the Chairman of CSA Mumbai Chapter, he is a part of the CSA Global Certification Board and helped create CCSK and CCSP certifications, leading global Cloud Security certifications. He has been a contributor to the CSA Cloud Control Matrix and co-author of the book “Practical Guide to Cloud Computing”.
He has over 2 decades of experience security, privacy, business continuity and has earlier worked with KPMG, Deloitte, HSBC Software, Arthur Andersen and HCL Infosystems. He holds Master of Business in Information Systems, CCSK, CCSP, CISSP, CISA, MBCI and is a volunteer with Center for Social Action an NGO that helps children and women. |
Jim REAVIS
Co-Founder & CEO, CSA
|
For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security and related technology industries as co-founder, CEO and driving force of the Cloud Security Alliance. Jim has been named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com.
Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, governments, large enterprises and other organizations on the implications of new trends such as Cloud, Mobility, Internet of Things and how to take advantage of them. Jim founded SecurityPortal, the Internet’s largest website devoted to information security in 1998, and guided it until a successful exit in 2000. Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and formerly served on WWU’s alumni board. Jim was recognized as a WWU Distinguished Alumnus in 2015. In 2016, Jim was inducted into the Information Systems Security Association (ISSA) Hall of Fame. |
Somik SEN
Vice-Chair, CSA Kolkata Chapter
|
A cybersecurity enthusiast having a decade of experience in information, risk & technology security domain, with specialisation in managing, designing and implementing security solutions & engineering. He is effectively associated with PwC (Next Gen Cloud), after a successful spell with Wipro (Cyber Security & Risk Services), KPMG (IT Advisory), L&T (Technology) and Tata Technologies.
Somik has experience in security domain including Controls Assurance, Vendor Risk Management, Technical Assessments, IT Attestations, Business Continuity, Data Security, Info-Sec Audits, End Point Security, Identity Access Management etc. He is an Engineer (Electronics & Communication) with a MBA (Marketing) degree. Additionally, he is certified in PMP, CISSP, CISA, CRISC, CHFI, CCSK, ISO 27001 & 22301 etc. |
Raj SHASTRAKAR
CSA Working Group Member
|
Raj is a cyber security expert with hands-on expertise. Who in the last two decades has provided strategic and tactical guidance to a diverse range of national leadership and global clientele in the areas of cloud security, incident response and threat hunting. He currently leads the global cloud security team and security research programs. Raj has authored various security researches , spoken at security conferences and mentored startups.
|
Lefteris SKOUTARIS
Program Manager, CSA
|
Lefteris Skoutaris has been working as a security analyst for Cloud Security Alliance in the past 4 years and is currently the program manager of the Cloud Controls Matrix (CCM) Working Group and CCMv4.0 development activities.
Mr. Skoutaris has worked in the past at the European Space Agency and European organization for Network and Information Security (ENISA), substantially contributing to cyber and cloud security projects on research, architecture and frameworks development. |
Prasun SRIVASTAVA
Senior Solutions Architect – India and SAARC region, Cloud Protection and Licensing, Thales
|
Prasun Srivastava joined SafeNet (now Thales) in May 2007. Prasun has been involved in many turnkey projects in the BFSI and Government segment in India such as UPI, CTS, RTGS, E-sign, UIDAI Adhaar etc and has a good experience of Designing and Architecting Solutions relevant to these industries since the last 13 years.
Prasun heads the Solution Engineering team of CPL Solutions of Thales for India and SAARC |
Time |
Activity |
Session Link |
9:00 am |
Welcome Remarks Dr. Hing-Yan LEE (EVP APAC, CSA) Welcome Address Ekta MISHRA (Country Manager India, CSA) Opening Address Jim REAVIS (Co-Founder & CEO, CSA) |
|
9:30 am |
Keynote : Stepping Up the Security Journey Ramesh NARAYANSWAMY (CTO, Aditya Birla Capital) In this session we will discuss about the changing nature of digital transformation and how it is altering the thinking in the security landscape. It will cover the ways to integrate security at every step of development life cycle. |
|
10:00 am |
Keynote : Cyber Resilience Praveen KULKARNI (Country Manager - Security Risk & Governance, Micro Focus) The Cyber threat landscape is changing and evolving, the notion that enterprises are safe and that one needs to protect against future threats has changed to a position where enterprises could be at threat with adversaries in their midst. One needs to change to an adversarial mindset and adopt a security posture to be able to positively adapt within this context. |
|
10:45 am |
Securing IoT Ecosystem Leveraging CSA's IoT Framework Renu BEDI (IT Security Manager, PwC) The internet of Things (IoT) brings increased connectivity to all industries and business markets, enabling a wide range of services for customers, stakeholders, and service providers. IoT security risks could result in loss of business or life. Device manufacturers and organizations can leverage CSA's IoT framework to reduce risk to an acceptable level by implementing end-to-end security controls. |
|
11:15 am |
Continuous Compliance in Cloud Raj SHASTRAKAR (Serverless Working Group Member, CSA) The presentation will cover how continuous compliance can be achieved in a multi-cloud environment, in near real-time. It will also cover the strategy on anti-drift pattern, mitigation at scale, and mitigation-as-code approach. |
|
12:00 pm |
CSA Guidance on Mobile App Security Testing Parveen ARORA (Co-Founder & Director, VVnT Foundation) The advent of Mobile Apps, as a default and mandatory requirement, with every service has caused an explosion in usage of smart mobile devices. The use of mobile applications over cloud have surpassed websites as the avenue of choice when it comes to consuming services and hence the rise in mobile application testing services market (valued at USD 13.6 billion by 2026 growing at 20.32% CAGR during the forecast period 2019–2026). CSA aims to continuously improve and increase open-source security standards and thereby enhance mobile applications security. The Mobile Application Security Testing (MAST) whitepaper by CSA provides best practices for the security testing of mobile applications. This session covers its application approach to MAST landscape to overcome growing application security challenges. |
|
12:45 pm |
Cloud Workplaces - Managing The Risks Keith PRABHU (Chairman, CSA Mumbai Chapter) While the Cloud has been gaining in adoption for the last decade, the pandemic challenges of the last 2 years has made the move to the Cloud inevitable. The last 2 years have seen massive adoption of Cloud, Mobile Computing and telecommuting. Organizations went into an overdrive to move workloads to the Cloud and equip the workforce with laptops and remote access. This trend will only continue and a hybrid working environment will develop. However, this hybrid environment has widespread ramifications on information security, privacy and business continuity. This hybrid working environment has increased the attack surface and has forced organizations to be more "elastic" yet secure in meeting security demands. New approaches are required to meet these new challenges in information security, privacy and business continuity. Organizations will have to embrace concepts of Zero Trust and Cloud Security Controls. The increasing focus on privacy would need more emphasis on implementation of privacy by design. Organizations will have to move to the more mature model of "resilience" rather than the current model "business continuity". |
|
1:15 pm |
BREAK |
- |
1:45 pm |
Establishing Cloud Audit Expertise Ekta MISHRA (Country Manager India, CSA) As the cloud becomes increasingly essential to organizational IT strategies, working knowledge of cloud security best practices is crucial. Cloud computing represents a radical departure from legacy IT which means that IT audits must be significantly altered to provide assurance to stakeholders that their cloud adoption is secure. Traditional IT audit education and certification programs are not developed with an understanding of cloud computing and its many nuances. Developed by CSA and ISACA, the Certificate of Cloud Auditing Knowledge (CCAK) credential and training program fills the need for vendor-neutral, technical training and credentials in cloud auditing. Learn how CCAK prepares you to address the unique challenges of auditing the cloud, ensuring the right controls for confidentiality, integrity and accessibility, and mitigating risks and costs of audit management and non-compliance. |
|
2:15 pm |
Smart Vehicle Ecosystem - Security Challenges IoT Cloud & Mobility Dr. Lopa Muddra BASUU (APAC Research Advisory Council Member, CSA) IoT Cloud Convergence Elevated the Smart Vehicle Ecosystem boosted by Mobility. With enhanced experience, security challenges increased manifold. Striking a balance between risks & user experience became the most challenging ball game. Secure Cloud capabilities can be strategically used to address technology risks. |
|
3:00 pm |
Introduction to the Cloud Controls Matrix v4.0 Lefteris SKOUTARIS (Program Manager, CSA) The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4.0, a greater insight into its development and new components, the current activities of the CCM working group (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0. |
|
3:45 pm |
Identifying & Securing Against Crypto Asset Risks with Special Focus on Impact of Quantum Computing on Crypto Assets Ashish MEHTA (Co-chair, CSA Blockchain WG) The speaker will be sharing CSA Blockchain Working Group research papers on "Securing Crypto assets, can Blockchains survive the Quantum Computing Threat" & then extending conclusions of those papers to the Cryptocurrency Security Standard (CCSS) and showing how to effectively map the CCSS with the CSA's CCM 4.0 framework for Enterprise deployments of secure Crypto assets". |
|
4:30 pm |
Panel Discussion : "Hybrid Cloud Security: Risks & Mitigation" Timothy Grance (NIST) shared that no hybrid cloud existed when he co-authored the landmark NIST definition of different clouds. He has never expected hybrid clouds to become so pervasive and popular. This panel of experts will endeavor to address the following issues: What are the differences between hybrid and multi clouds? What are the risks in a hybrid cloud environment compared to on-prem and how does one go about mitigating each of these risks. How does one assess the effectiveness of these mitigation measures? And finally how would these mitigation measures benefit organizations/businesses? MODERATOR: Satyavathi DIVADARI (Chairman, CSA Bangalore Chapter) PANELISTS:
|
|
5:30 pm |
Closing Keynote : Decoding Cloud Security Matrix and Shared Responsibility in the Cloud Prasun Srivastava (Senior Solutions Architect – India and SAARC region, Cloud Protection and Licensing, Thales) The latest cybersecurity incidents affecting government agencies and organizations as well as large enterprises around the world, who have invested heavily in digital and cloud initiatives, have demonstrated the urgent need for businesses to segregate their security duties from those of cloud service providers, and own their own data security to avoid cyber threats and prevent criminals. The most important security consideration is knowing exactly who is responsible for what in any given cloud project. It’s less important if any particular cloud provider offers a specific security control, as long as you know precisely what they do offer and how it works. The CSA provides two tools to help meet these requirements: The Consensus Assessments Initiative Questionnaire (CAIQ). A standard template for cloud providers to document their security and compliance controls. & the CCM, which lists cloud security controls and maps them to multiple security and compliance standards. The CCM can also be used to document security responsibilities. In this session we would take a look into the above and talk about some of the controls critical to owning you data on the cloud. |
Disclaimer : The ordering & timing is subject to change