Digitization processes are accelerated in many sectors by the COVID-19 crisis. Increased employee and company usage of services from the cloud are making secure and reliable cloud services a basic requirement of the digital world. Concerns about system breaches, privacy and compliance with regulations are key factors that delay the rapid implementation of a cloud strategy, especially in the public sector.
The Cloud Security Alliance’s Virtual EU Summit will address trust building measures such as certification, risk management, and privacy protection to support agency missions, and the private sector, in a secure and trusted cloud environment.
Earn up to 12 CPE Credits:
To download your viewing certificate, navigate to the “Viewing History” section of your BrightTALK Account.
You can find more information about this here
Day 1: Cloud Security Certification
The enactment of the Cybersecurity Act in Europe established an EU-wide framework for the IT security certification of products, services and processes. At the end of 2019, ENISA received the mandate to work on the creation of a security certification framework for Cloud Computing. Sessions on this day will include an update on the state of play from the privileged stand point of the experts involved in the ad-hoc working group coordinated by ENISA.
Toward a European Certification Scheme for Cloud Services
In 2019, the Cybersecurity Act became law in Europe, establishing a European Certification Framework. In November 2019, the European Commission tasked ENISA with designing a candidate scheme for cloud services. This work is currently underway. This presentation will first describe the Cybersecurity Act’s Certification Framework, and then provide a high-level status on…
Cybersecurity Certification Framework under the EU Cybersecurity Act
This talk will look at the Cybersecurity Certification Framework under the EU Cybersecurity Act (2019), give an overview of the new European cybersecurity certification schemes under development and offer an outlook on the implementation and use of such schemes for 2021 and beyond.
Continuous Audit-based Certification
Certifications or attestations championed through the CSA STAR program, ISO/IEC, or AICPA, have been a critical driver in the adoption of cloud service across the globe. However, for some cloud customers insensitive or highly-regulated industries such as banking or healthcare, these certifications or attestations are not sufficient because they do not provide…
Day 2: Risk Management and Governance
Cloud Computing is entering a mature phase from both the market share and technical evolution standpoint. However, one area that could achieve better results is security and privacy governance. Modernizing the risk management approach, improving the organizational accountability program and streamlining compliance are to be considered key goals for companies that want to optimize their cloud investments and reduce the likelihood of security and privacy incidents. Two of the foundational pieces for this optimization process are compliance with solid standards and a skilled and knowledgeable workforce.
Panel: Risk Management and Governance
Cloud Computing is entering a mature phase from both the market share and technical evolution standpoint. However, one area that could achieve better results is security and privacy governance. Modernizing the risk management approach, improving the organizational accountability program and streamlining compliance are to be considered key goals for companies that want…
Establishing a Modern Foundation for Advanced Insight
An effective governance, risk and compliance program should enable all stakeholders across business units to break down traditionally siloed risk areas and replace them with a connected, holistic view of risk that spans their organization and relationships. However, the data sprawl and scope of GRC initiatives can make this seem like a…
European Banking Federation on Cloud
Alexandra will share insights on the multi-level work of the European Banking Federation (EBF) to facilitate the adoption of cloud computing in the European banking sector. The EBF supports the efforts of European institutions and agencies to promote security for cloud usage, contributing the banking industry’s input in shaping processes and standards.…
Oh $*!%: Security Doesn’t Have to Be a Four-Letter Word for Developers
Join Chris Hertz, VP, and Jeremy Snyder, Sr. Director, DivvyCloud by Rapid7 to learn how to achieve full lifecycle cloud security. They will discuss how cloud security challenges manifest in DevOps and how cloud security and developer misalignment creates friction and makes security a four-letter word. Additionally, they will provide guidance on…
Day 3: Privacy and GDPR Compliance
In today’s world of rapidly changing regulatory and security requirements, it is incumbent upon all members of EU agencies to be properly educated to maintain compliance. This session hosted by the CSA EMEA Privacy Center of Excellence will address accountability under GDPR and how Codes of Conduct and certifications are being leveraged by organizations to drive transparency, compliance, and trust.
Introduction to the Code of Conduct
GDPR Fundamentals & CSA Code of Conduct: Objectives, Scope and Methodology.
Panel Discussion: GDPR with the CSA Center of Excellence
This session hosted by the CSA EMEA Privacy Center of Excellence will address accountability under GDPR and how Codes of Conduct and certifications are being leveraged by organizations to drive transparency, compliance, and trust.
Day 4: Emerging Trends Impacting the European Union
With cloud as the dominant IT environment and nearly every organization and government leveraging it to some degree, it is not enough to stay on top of what’s happening today. The need to look beyond tomorrow and stay ahead of Emerging Trends is paramount to an organization’s security. Sessions on this day will focus on future trends in cybersecurity from the perspective of the Cloud Security Alliance and other experts.
Emerging Trends Impacting the European Union
Ten years after the formation of the Cloud Security Alliance, cloud computing is a proven and globally accepted enterprise delivery and operational technology model. According to a January 2019 IDC report, the spending on Cloud IT infrastructure may have reached a tipping point in the third quarter of 2018 by surpassing traditional…
“Security as code” for automated development pipelines
How to avoid letting supply chain attack compromise your most sensitive machines. Supply-chain attacks affecting software development when a malicious code is introduced into legitimate software through supply chain poisoning is an effective tool for cybercriminals. It has been used many times in the wild, successful attacks generating hundreds of thousands of…
Serverless Security in 2020 and what is the future for Serverless
Serverless platforms enable developers to develop and deploy faster, allowing an easy way to move to Cloud native services without having to manage infrastructure – including container clusters or virtual machines. This presentation covers security for the serverless applications, focusing on best practices and recommendations for security professionals. We will also talk…
Lead Certification Expert
Director, Cybersecurity & Innovation
European Banking Federation
Analyst & CEO
GRC Consulting Director
VP Cloud Security Sales
DivvyCloud by Rapid7
Senior Product Marketing Manager, Hybrid Cloud Security
Business Lawyer & Partner
ICT Legal Consulting
Head of Data Protection, Public Policy & Government Relations EMEA
Chief Technology Officer
Chief Information Security Officer (CISO) EMEA
Founder and CEO
EMEA Managing Director
Cloud Security Alliance
Cloud Security Alliance
International Standards Officer
Capital One Audit
Chief Technology Officer
Cloud Security Alliance
Independent Cyber Security Consultant
Lubin School of Business Center for Excellence in Financial Reporting
Head of Container Security & Chief architect Cloud
Senior Director Executive, Cloud Security Services