Hi [[ session.user.profile.firstName ]]

Towards a Secure Cloud Ecosystem in Cambodia

Towards a Secure Cloud Ecosystem in Cambodia
Recorded Nov 25 2020 23 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Hing-Yan LEE (EVP APAC, CSA )
Presentation preview: Towards a Secure Cloud Ecosystem in Cambodia
  • Channel
  • Channel profile
  • Securing the Cloud via CCSK Dec 9 2021 6:45 am UTC 30 mins
    Faisal YAHYA (Chair, CSA Indonesia Chapter)
    (in Bahasa Indonesian)

    As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The Certificate of Cloud Security Knowledge (CCSK) is widely recognized as the standard of expertise and provides an individual with the foundation they need to secure data in the cloud. Learn how CCSK can bridge the gap and provide an important first step in establishing baseline knowledge for individuals in cloud security.
  • Cybersecurity in the Quantum Era Dec 9 2021 6:00 am UTC 30 mins
    Bruno HUTTNER & Ludovic PERRET (Co-chair, CSA Quantum-Safe Security WG)
    As emphasized by the recent announcements on the quantum advantage, quantum computers can already perform computations, deemed impossible or at least very lengthy with classical computers. Having access to improved computing power is great news in many areas. However, this also represents a threat for most of our communications. Indeed, cryptography, which is underpinning the security of our communication infrastructure, is based on some hard mathematical problems, which will become tractable with a quantum computer. Our complete cybersecurity infrastructure has to be revamped.

    ​In this talk, we start with a brief explanation of the quantum computer and explain the quantum threat. We then present possible solutions. Some solutions are based on new algorithms. They are known as quantum-resistant algorithms. These can be complemented with quantum solutions, which utilize the same peculiar properties of the quantum world to thwart the quantum computer threat. Together, they will be part of a new quantum-safe infrastructure. Any organisation or person relying on secure communication for his business or personal life has to start taking this new threat into account.
  • Hybrid Cloud Security : Risks & Mitigation Dec 9 2021 4:45 am UTC 45 mins
    Ekta MISHRA, Jevon HURA, Siddharth DESHPANDE, Volvin Irawan & Ricky SETIADI
    Panel Discussion

    Timothy Grance (NIST) shared that no hybrid cloud existed when he co-authored the landmark NIST definition of different clouds. He has never expected hybrid clouds to become so pervasive and popular. This panel of experts will endeavor to address the following issues: What are the differences between hybrid and multi clouds? What are the risks in a hybrid cloud environment compared to on-prem and how does one go about mitigating each of these risks. How does one assess the effectiveness of these mitigation measures? And finally how would these mitigation measures benefit organizations/businesses?

    MODERATOR : Ekta MISHRA (Country Manager India, CSA)

    PANELISTS :
    - Jevon HURA (Security Consultant, Indonesia, Thales Group, CPL)
    ​- Siddharth DESHPANDE (Field CTO, Palo Alto)
    - Volvin Irawan (Head IT Security, OCBC NISP Bank)
    ​​​- Ricky SETIADI (AVP Information Security, Blibli) ​
  • Hybrid Cloud and Its Associated Risks Dec 9 2021 4:00 am UTC 30 mins
    Narudom ROONGSIRIWONG (Co-chair, Hybrid Cloud Security WG, CSA)
    As businesses are developing rapidly, many cloud consumers find that a single public/private cloud or traditional on-premises data center is no longer able to meet service requirements. Organizations are increasingly choosing hybrid cloud environments and services to meet their needs. However, hybrid clouds pose different risks and thus bring on a different set of challenges to security.This presentation will provide the overview of Hybrid Cloud, demonstrate its risks, threats and vulnerabilities, and give examples of Hybrid Cloud use cases.
  • Keynote Address Dec 9 2021 3:15 am UTC 30 mins
    Ibnu SINA (Regional Cybersecurity Cloud Specialist, Fortinet)
    TBC
  • Current Cyber Threat Landscape in Indonesia Dec 9 2021 2:30 am UTC 30 mins
    Dr. Rudi LUMANTO (Chairman, CSIRT Indonesia)
    Keynote Address (in Bahasa Indonesia)
  • Welcome Remarks, Welcome Address & Opening Address Dec 9 2021 2:00 am UTC 30 mins
    Dr. Hing-Yan LEE, Faisal YAHYA & Jim Reavis
    Welcome Remarks
    ​Dr. Hing-Yan LEE (EVP APAC, CSA)

    Welcome Address
    Faisal YAHYA (Chair, CSA Indonesia Chapter)

    Opening Address
    Jim REAVIS (Co-Founder & CEO, CSA)
  • Holiday Cloud Incidents: Don't Let Them Ruin Your Holiday Cheer Dec 8 2021 5:00 pm UTC 60 mins
    Jonas Eichinger and Rob Floodeen, Mitiga, and Ross Durrer, Allstate
    With billions on the line during the holiday season, hackers are at the gate, using all their tools, including ransomware, to take advantage of the chaotic nature of the season and already overburdened security teams to attack your valuable cloud assets.

    While high-profile ransomware attacks caught our attention around July 4th and Halloween, we all know that cyberattacks have increased dramatically over the last couple of years. A recent report showed that 40% of organizations globally have experienced a cloud-based data breach in the past 12 months. With the holiday season right around the corner, it makes sense to think about preparing your organization.

    So how can you make sure the attackers don’t ruin your holiday cheer? Learn the three critical ways you can prepare for holiday hacking incidents:
    - New security considerations for cloud environments
    - Forensic data you need to enable incident response in the cloud
    - Incident readiness approaches that help prepare for an attack

    Join Mitiga’s Senior Incident Responder Jonas Eichinger and VP Delivery Services Rob Floodeen for a discussion of cloud incidents, what to expect this holiday season, and what you can do now to get through the holiday season and beyond without an incident.
  • Actionable Cloud Security Governance using the CSA CCM and AWS Dec 7 2021 6:00 pm UTC 60 mins
    Jonathan Villa, Cloud Security Practice Director, GuidePoint Security
    Many organizations have attempted to align their cloud security programs to existing industry standards but seek to build their controls using cloud-native services. Unfortunately, because the standard was written for brick-and-mortar data centers, many requirements become “not applicable” or are deferred to the CSP.

    The Cloud Security Alliance’s Cloud Controls Matrix is a cloud-purposed controls framework dedicated to managing risks in the cloud and used by many to build cloud security governance programs through identifying cloud-specific security controls. GuidePoint Security will discuss how organizations can implement CSA CCM controls using AWS services by walking through examples of people, process and technology within the specific scope of cloud computing.
  • Cloud Migration 101 (for Non-Technical Managers and Executives) Dec 7 2021 5:00 pm UTC 60 mins
    Jeffrey Westcott, Chief Financial Officer, Cloud Security Alliance
    The thought of migrating any organization, large or small, to the cloud can be rather daunting. However, a basic understanding of the cloud and its underlying concepts and principles can make this cloud journey much less stressful by avoiding any pitfalls while enjoying the increasingly compelling benefits of a cloud presence.
  • And the Clouds Break: Continuity in the 21st Century Dec 3 2021 6:00 pm UTC 60 mins
    J. Wolfgang Goerlich, Advisory CISO, Duo Security at Cisco
    In this webinar you will learn how to:
    • Establish continuity and recovery with cloud services
    • Avoid common mistakes that can stop clouds in their tracks
    • Contextualize continuity within the business mission and objectives
    • Gain executive buy-in and support using continuity and recovery programs

    The promise of cloud computing was a utility; always up, always-on, just a click away. But we've seen many outages. It's clearly time to blow the dust off the continuity handbook and revisit recovery for the twenty-first century.

    Join Duo Security Advisory CISO Wolfgang Goerlich for an overview of business impact analysis, business continuity, disaster recovery, and revisiting these concepts in the day and age of utility computing and cloud services. After all, the cloud breaks — so what do you do when it does?
  • Automating Threat Detection and Response with Azure Sentinel Recorded: Dec 1 2021 53 mins
    Kurtis Armour, Director, Product Management, eSentire
    As more businesses move to Azure for their cloud computing, there is a growing gap in visibility of the security of cloud resources. Azure Sentinel is the cloud-native SIEM solution from Microsoft. Turning it on potentially means another location for piles of logs and noise.

    Attend this session to learn how to get the most from Sentinel at the least cost. Threat hunting, vulnerability discovery, and advanced analytics will all be covered. Learn how to use “Azure Sentinel Analytics” to identify correlations and anomalies in data from hybrid and even multi-cloud environments.
  • Are we losing or gaining control of SaaS Data Access? Recorded: Nov 23 2021 46 mins
    Justin Somaini, Chief Security Officer, Unity, and Adam Gavish, CEO, DoControl
    Organizations use SaaS apps to drive business enablements across all departments and workforce. Collaboration with 3rd party vendors, customers, and partners over SaaS data is the new normal - and we just love it when things get done quickly right?

    This poses two threats for security practitioners:

    1. Insider threats
    • Leaving employees share SaaS data with their personal accounts which not only exfiltrate company data with personal accounts but also pose extra risk since personal account in most cases don’t have multi-factor authentication set up
    • Employees overexpose sensitive data internally (finance and engineering can consume each other’s information)
    • Sensitive data is being shared with the wrong 3rd party

    2. External threats
    • 3rd party collaborators have access to your company data forever
    • Your vendors share your company data with their vendors, who were never gone through a 3rd party risk assessment by you
    • 3rd party collaborators with your company data with their personal accounts which in most cases don’t have multi-factor authentication set up

    This is a candid discussion on the threat models above and beyond. Our goal is to raise awareness on what’s going on as well as suggest industry best practices and “war stories” so that you will walk away with better knowledge and tools to remediate such risks in your organization.
  • Transforming Enterprise Cloud Security to Supercharge Developer Velocity Recorded: Nov 19 2021 61 mins
    Josh Stella, CEO and Co-Founder, Fugue, and Rajat Sharma, Co-Founder, CWS
    Security has become the rate-limiting factor for how fast software development teams can go in the cloud. Security reviews, remediations, and audits soak up valuable engineering resources and steal away the speed and agility that the cloud promises.

    That's because cloud security is still laden with inefficient and ineffective manual processes. But with automation using Policy as Code, enterprises can create a security-first culture that collapses the time and investment required to deliver secure infrastructure and applications much faster.

    In this session, Josh Stella (Founder, Fugue) and Rajat Sharma (Founder, CWS) will outline why cloud security isn't the same as datacenter security—it's about tuning your processes with policy-based automation rather than intrusion detection or network monitoring.

    Attendees will walk away with actionable insights and strategies on:

    * Assessing your current cloud security posture and developing a prioritized roadmap to bring your environment into compliance
    * Implementing automation using Policy as Code to build security into every aspect of cloud operations, from design to production
    * Empowering developers with tools that help them find and fix issues in infrastructure as code, when making changes is easier and faster
    * Putting guardrails in place that prevent dangerous misconfiguration vulnerabilities without slowing anyone down
    * Creating security awareness within your cloud engineering team to avoid costly technical debt and significant remediations

    If it takes your organization months to deploy new environments and weeks to update them because of security, this session is for you.
  • Securing the Cloud via CCSK Recorded: Nov 19 2021 22 mins
    Ekta MISHRA (Country Manager India, CSA)​
    As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The Certificate of Cloud Security Knowledge (CCSK) is widely recognized as the standard of expertise and provides an individual with the foundation they need to secure data in the cloud. Learn how CCSK can bridge the gap and provide an important first step in establishing baseline knowledge for individuals in cloud security.
  • Watching the STARs Recorded: Nov 19 2021 36 mins
    Sanjeev GUPTA (Country Manager, Certification Partners Global)
    This presentation will review what certification means, why it is the most important criterion for a business, sales. How does a Certification Program achieve this? And what are the costs, not just direct. How should an organisation begin this process, what to look out for, and what do you get at the end? We also review the differences of the CSA STAR with other Cloud Security programs.
  • ​Introduction to the Cloud Controls Matrix v4.0 Recorded: Nov 19 2021 37 mins
    Lefteris SKOUTARIS (Program Manager, CSA)
    The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4.0, a greater insight into its development and new components, the current activities of the CCM working group (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0.
  • Mitigation Measures for Risks, Threats & Vulnerabilities in Hybrid Cloud Recorded: Nov 19 2021 32 mins
    Feng ZOU (Director, Cybersecurity Planning and Compliance, Huawei & Co-chair, Hybrid Cloud Security WG, CSA)
    Hybrid clouds are often the starting point for organizations in their cloud journey. However, any cloud model consists of risks, threats, and vulnerabilities. Earlier this year, the Hybrid Cloud Security Working Group examined hybrid cloud model risks, threats, and vulnerabilities in its Hybrid Clouds and Its Associated Risks white paper. However, after this review of risks, threats, and vulnerabilities, it’s critical to identify adequate mitigation controls. This presentation will cover countermeasures organizations can implement to improve hybrid cloud risk management and cybersecurity practices.
  • Threats of Cloud Computing and Cloud Security Posture Management Recorded: Nov 19 2021 18 mins
    Se-Eun LEE (Member, CSA Korea Chapter)
    In Korean Language

    Cloud Computing has completely different features from the existing on-premise environment. Assets are in flux and complex. In addition, it is difficult to identify assets because of limited visibility. In this session, we will learn about the major threats and risks in the cloud environment resulting from these features and CSPM(Cloud Security Posture Management), one of Gartner's proposed solutions.
  • Software Defined Perimeter (SDP) and Zero Trust Recorded: Nov 19 2021 17 mins
    JJ Lee (Protem Committee Exco Member, CSA Korea Chapter)
    In Korean Language

    The new era of remote work demands the change of cyber security practices for enterprises and institutions to secure sensitive data in the face of digital transformation and the loss of the traditional network perimeter. This presentation will highlight the significance of Zero Trust architecture and how SDP enables powerful network security for remote work in cloud, on-premises, and hybrid networks.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Towards a Secure Cloud Ecosystem in Cambodia
  • Live at: Nov 25 2020 1:45 am
  • Presented by: Dr. Hing-Yan LEE (EVP APAC, CSA )
  • From:
Your email has been sent.
or close