Identity is the New Perimeter

The Cloud: Privacy and ID Management Considerations

PCI compliance has become a business requirement for any company involved in the processing of credit card information. It requires strong security controls over all systems and applications that process or store cardholder information. The PCI Council released new Guidelines for Virtual Environments on June 2011 that include new requirements for PCI compliance. These new requirements require security capabilities not mandated by the original PCI Guidelines. In this session we will review the new requirements and see how CA Security solutions may help customer complying those new challenges.


Guy Balzam has over 12 years of experience in IT and Information Security both as a developper and consumer of IS products. In his past roles Guy specialized in enterprise security, managed the ELAL airlines IT security unit and led their PCI certification process. With his vast knowledge of identity and access management Guy is now a Principal Product Manager of leading security products for CA Technologies.

Eric Chiu is CEO and co-founder of HyTrust, Inc. (http://www.hytrust.com/), a virtualization security company based in Mountain View, CA. He brings significant executive experience in high tech management and finance to this role. Previously serving as Vice President of Sales and Business Development at Cemaphore Systems, a leader in disaster recovery for Microsoft Exchange, Chiu built these departments from the ground up, consistently delivering significant quarter-over-quarter revenue growth and putting in place key OEM partnerships. Before that, he led Business Development at MailFrontier until its successful acquisition by SonicWALL. Formerly a Venture Capitalist for Brentwood (now Redpoint) and Pinnacle, he also served in the M&A Group for Robertson, Stephens and Company. Chiu holds a BS in Materials Science and Engineering from UC Berkeley.

With the emergence of Cloud Computing, mobility and consumerization of IT and the sophistication of new attacks, there is a clear need for a more granular security trust model. What are the implications for authentication, what changes are required, what are the benefits and how can it combat the new breed of threats?

Join ISC(2), Forrester Research and CA Technologies as they discuss current strategies and best practice approaches to securely embrace evolving trends and protect against emerging threats:

-Why should you move beyond the aging hardware tokens to a new generation of layered software-based authentication?
-How are organisations today increasingly relying on risk-based authentication to better support business initiatives while minimizing exposure to fraud and attacks?
-Holistic Identity & Access Management (IAM) is greater than the sum of its parts- What are some of the compelling use cases and incremental benefits of integrating advanced authentication with other IAM disciplines?

As the adoption of cloud computing and consumerisation of IT continues to accelerate, many IT organisations are forced to revisit their traditional security models in order to address the new risks being introduced. This session explores the impact of cloud computing and consumerisation of IT on security and how these emerging trends are reshaping the evolution of identity & access management (IAM), information protection, and compliance-related technologies and architectures.

In this session, we’ll look at:
•Understanding the various cloud security approaches – security to the cloud, for the cloud and from the cloud – and the key challenges facing them
•Security considerations for embracing cloud computing, consumerisation of IT and social computing
•The growing trend towards context- and content-aware IAM and the key role it plays in bridging the traditionally separate identity management and information protection silos

Speaker Biography
Shirief Nosseir is EMEA product marketing director of security management solutions at CA Technologies. With 25 years in the software industry, Shirief’s experience ranges across the fields of security management, service and infrastructure management, application lifecycle management and business intelligence. This allows him to have insightful understanding of how to assist enterprises in developing business-oriented architectures, while melding traditionally disparate technologies into whole solutions. Shirief is a regular speaker at conferences and educational events and presents frequently on the impact of emerging trends and technologies on enterprise security architectures.

Speaker details:
Shirief Nosseir
CA Technologies (www.ca.com)
EMEA Product Marketing Director, Security Management, CA Technologies

Longstanding concerns around cost, complexity and ease of use of second factor authentication have been compounded by jitters emanating from the RSA breach. With a new era of consumer driven technologies dawning, what are leading organizations doing both to take advantage of dynamic, flexible working practices and to improve security at the same time?

In this webinar you will learn:
• What organizations are doing to securely take advantage of consumer driven technologies
• Which new authentication techniques offer the best security while also being cost effective, convenient and user-friendly?
• How risk based authentication technologies are proliferating outside of traditional web environments

Advanced Authentication: Embracing Expansion, Evolution and Mobile Devices

Overcoming the Impending Cloud Stall – The Central Role of Security Management

Traditional Identity and Access Management (IAM) platforms were built with one primary scenario in mind, to run on an enterprise’s premises for their tightly scoped user community.

The business and technology world has moved on, businesses want to be more innovative and agile. Gaining a competitive edge means exploiting technologies such as cloud, virtualisation, worker mobility enablement, personal device adoption, and business collaboration tools. IAM has become pivotal in enabling business innovation.

The session discusses:
•Challenges for IAM from the business and technology perspective – current and future
•How will IAM evolve to meet the new requirements and demands.

The economies of cloud computing promise great rewards. But these rewards will only become reality if the associated risks of cloud computing are addressed. And preferably these risks should be addressed early on, ideally during the design of these services. In this session you will learn about a ground breaking new way to design, build and run new, reliable and secure cloud services. In the age of cloud computing, leveraging virtualization, abstraction and sourcing are key to delivering greater returns. See how this can be achieved in a simple and repeatable way.

Top practical security tips when outsourcing to a private cloud software as a service (SaaS). A cloud service has many advantages for business, however, it is easy to forget the lessons learned from years of outsourcing. In addition, there are some unique security challenges, which should be addressed before migration. During this presentation, we will highlight a case study and the steps, which were taken to mitigate risks, prior to deployment.

•The evolution from grid; to mesh; to cloud
•A case-study around the security and audit response
•The four-step process for delivering secure cloud services

While server virtualisation offers many benefits, security is often seen as a major concern. Many identity management & information protection problems seem to magnify in virtual environments. This educational session will bring you up to speed with today's major risks and provide you with advice on how to avoid them.

Cybercrime is a global business but not all crime is committed by organized criminals. As well as the much reported production and exploitation of malware, employees steal or misuse corporate data and systems, and individuals expose themselves to prosecution through misuse and mistake. This presentation focuses on the importance of managing identity and access in the Cloud as a means to prevent crime and protect your business assets against malice, misuse and mistake

Virtualization Security Trends & Insights: Results from KuppingerCole´s Recent Survey

This webcast will highlight key challenges and business drivers in managing not only user identities and access, but also their use of your sensitive information. It will highlight the benefits that a content-aware IAM approach can provide, with particular emphasis on reduced risk of information loss, and easier compliance audits.

A New Model for Managing Privacy in Today’s Cloud Infrastructures

The security of the cloud is a hot topic that is being widely debated, but typically more from a threat and data privacy perspective. By contrast this session will focus on the issues and opportunities around identity and access management (IAM) and the cloud. Whether your organization is a current or prospective cloud consumer or cloud provider, IAM and its interoperability across the Internet needs to be central to your security management strategy. In the absence of this, we security professionals will be struggling to manage the security of application silos (now in the cloud) until the end of time.