Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance

  • Date
  • Rating
  • Views
  • Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler Recorded: Nov 29 2016 54 mins
    The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore different perspectives on how the guidance can best be used by organizations seeking to secure IoT products. We will also discuss how to prioritize your security engineering efforts based on schedule and funding constraints.

    Speakers:
    Steven Markey, nControl LLC
    Brian Russell, Leidos
    Drew Van Duren, Security Innovation
    Ron Del Rosario, Five9
    Elizabeth Lawler, CEO Conjur
  • CSA SDP for IaaS Initiative: Research Preview CSA SDP for IaaS Initiative: Research Preview Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage Recorded: Nov 15 2016 47 mins
    Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting from the seamless protection it offers, whether on-premises or in the cloud. SDP can better protect IaaS services for Enterprise usage, and deliver uniform and seamless protection of on-premises and IaaS resources, enabling cost savings and agility, and a more dynamic infrastructure.

    In this webinar, the leaders of the SDP-for-IaaS initiative will provide a preview of the forthcoming research and use cases that this working group has developed. This research focuses on how SDP can uniquely address security, compliance, IT administration and management challenges for cloud service providers and enterprises alike. If you’d like to hear more about securing your IaaS workloads, you’ll want to attend!
  • Conducting Security Investigations in Minutes (or Less) Conducting Security Investigations in Minutes (or Less) Doron Shiloach, Senior Product Manager at IBM Recorded: Nov 8 2016 55 mins
    Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking a threat intelligence source and making it work with your security practice. Join the session to learn how to make the most of threat intelligence, what to look for in a threat intelligence feed, and best practices for integrating feeds into your existing solutions.
  • Developing a Proactive Approach to GDPR Compliance Developing a Proactive Approach to GDPR Compliance Yael Nishry and Doug Lane of Vaultive Recorded: Nov 3 2016 49 mins
    As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total annual turnover.

    Yael Nishry and Doug Lane from the Vaultive team have extensive backgrounds in risk management and enterprise security technologies. Join them for this event as they discuss what organizations should be doing to prepare for this new regulation.

    During this webinar you'll learn:

    · The key cloud data security takeaways from GDPR

    · What steps can you take to mitigate risk and reduce the notifications required in the event of a data breach

    · The challenges of data transfers under the new regulation and how to overcome them

    · What is the role and expectation of your cloud provider when it comes to GDPR

    · How your company can enforce best-practice segregation of duties between your data and the cloud service provider processing it
  • Defeating the Insider Threat:  Don't Have Your Head in the Clouds Defeating the Insider Threat: Don't Have Your Head in the Clouds Evelyn De Souza and Mary Beth Borgwing Recorded: Oct 19 2016 44 mins
    Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new research to understand the extent of this issue.

    Join the Cloud Security Alliance Strategy Advisor, Evelyn de Souza, Mary Beth Borgwing, President of LemonFish Technologies...
    -Uncover the extent of insider threats
    -Learn what happens to data after its being exfiltrated
    -Tools to mitigate insider threats going forward.
  • IT Security & Privacy Governance in the Cloud IT Security & Privacy Governance in the Cloud Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE Recorded: Oct 18 2016 61 mins
    After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.

    While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
  • Working the Numbers: Learn How to Make the Case for a CASB Working the Numbers: Learn How to Make the Case for a CASB Palerra Recorded: Oct 13 2016 43 mins
    58% of security professionals expect their budgets to stay the same next year. If you’re like them, you’re trying to secure a growing number of cloud services and infrastructure without a bigger budget.

    What do you do? Make a bulletproof business case for a Cloud Access Security Broker (CASB).

    In this webinar you'll learn:
    -How to demonstrate the financial exposure of not having a CASB
    -How to align cloud security spending with business objectives
    -How to demonstrate savings in cyber security expertise through
    automation
  • 20 Months to a New Global Data Privacy Law – What You Need To Do 20 Months to a New Global Data Privacy Law – What You Need To Do Nigel Hawthorn of Skyhigh Recorded: Oct 11 2016 59 mins
    The GDPR Covers Anyone with Data on European Residents

    In May 2018, a new data privacy law comes into effect and any organisation with data on the 500+ million citizens of the European Union (EU) has to comply. Fines can be up to 4% of revenue, mandatory data loss notification to regulators and users comes into force, and class action lawsuits will land on the desk of anyone unfortunate enough to lose data. As with any data loss incident, these costs may be dwarfed by the loss of brand image and customers choosing not to do business with you again.

    Unmanaged cloud could be your weakest link, so what do you need to do?

    Join us for this webinar where the author of “GDPR – An Action Guide for IT” will speak and you will learn:

    · The top ten points of the new regulation
    · Which departments in your organisation need to be part of the GDPR-Readiness Team
    · What you need to do today, what you can leave until tomorrow
    · Policies for collecting, processing, transferring and deleting data
    · 25 questions to ask yourselves to ensure you are ready
  • Scared of implementing a data protection solution? Scared of implementing a data protection solution? Rich Mogul of Securosis and Terence Spies of HPE Security--Data Security Recorded: Oct 6 2016 62 mins
    Data protection has a tendency to be intimidating for organizations, users and implementers. Organizations see the value of having a data protection program but the challenges of applying a data protection solution often upsets the balance and work flow within the organization, users and create challenges for those implementing. Wouldn’t it be great if there were solutions that took the guesswork out of data protection and key management?

    Data moves in a non-linear way. Data protection and key management needs to interact with the data and the users in a seamless way that doesn’t disrupt their processes or destroy the characteristics of the data.

    Fortunately, in today’s data driven environment, there are strategies and technologies to protect data that do not have to be the high-risk propositions feared by organizations, users and implementers - IT professionals. By thinking of data protection and key management as data t protection enablers instead of obstacles, you can easily protect data across the infrastructure and beyond.

    Join this session and learn how HPE Security – Data Security offers unintimidating data protection and key management solutions that take the guesswork out of data protection. Protecting data through a layered security approach: from data-at-rest to data-in-motion and data-in use.
  • CSA Research: Mitigating Top Cloud Threats CSA Research: Mitigating Top Cloud Threats Salim Hafid and Rich Campagna of Bitglass, and John Yeoh of CSA Recorded: Aug 30 2016 57 mins
    With cloud adoption on the rise, IT leaders are looking to peer organizations to understand security best practices in the cloud. Bitglass and CSA surveyed infosec professionals to uncover the top threats to cloud security and the tools most often used to secure cloud apps.

    In this webinar, John Yeoh, Senior Research Analyst at CSA, joins Bitglass to discuss the results of the "Mitigating Risk for Cloud Applications" report and to explore the major issues facing organizations in their move to the cloud, from Shadow IT and inadequate visibility to concerns around government access.