Name: Standards-based Cloud Security Governance Automation: CIS-CSA-NIST collaboration
Start: 2023-05-26T21:41:00Z
End: 2023-05-26T21:41:50.000Z
Location: BrightTALK

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Security teams are drowning in data. Alerts, findings, metrics, dashboards — all technically “useful,” yet often failing to answer the most important question: what actually matters right now, and why? As artificial intelligence becomes more accessible across security programs, many organizations are experimenting with AI-driven tooling in the hope that it will bring clarity. But used inefficiently, AI can often amplify existing problems rather than solving them.

This discussion explores how AI is reshaping data-informed security decision-making — not as a silver bullet, but as a force multiplier that depends heavily on human judgment, context, and intent. We’ll examine why most AI in use today more closely resembles advanced machine learning than true autonomous intelligence, and why outcomes are still largely driven by the quality of inputs, assumptions, and program maturity.

Through an operational and security lens, the speakers will unpack how teams can move from raw signal volume to meaningful narratives that support better prioritization and risk decisions. We’ll discuss common failure modes, including over-reliance on automation, misinterpreted insights, and resistance from skeptical stakeholders. The conversation will also address how organizations can responsibly incorporate AI into existing security workflows without compromising trust, transparency, or accountability.

To ground the discussion, we’ll walk through a practical vulnerability management example, illustrating how an AI assistant can help surface recommendations that improve efficiency and decision quality — while still keeping humans firmly in control of outcomes. Ultimately, this session aims to help security leaders separate signal from noise, hype from value, and automation from understanding as they navigate an evolving AI landscape.

From Noise to Narrative: How AI Is Reshaping Data-Informed Security Decisions

AI agents are rapidly becoming the most powerful “users” inside the enterprise. They provision infrastructure, move data, and call APIs with broader and more persistent access than human employees, yet they operate outside traditional safety nets. Unlike human access, there is currently no clear ownership, no certification process, and no accountability model for these machine identities.

In this session, we examine how agentic AI has quietly broken the assumptions identity governance (IAM/IGA) was built on. We will explore:

-The Velocity Gap: Why traditional controls fail at machine speed.
-Inherited Risk: How AI agents bypass oversight by inheriting "ghost" permissions.
-The Auditor’s Dilemma: The uncomfortable question CISOs will soon face from boards: “Who approved this access, and who is accountable for what the AI actually did?”.

Your AI Agents Have More Access Than Your Employees. No One Is Accountable

As AI adoption accelerates across organizations, traditional security approaches focused solely on license management and non-human identities are missing the bigger picture. This webinar explores a comprehensive framework for AI security that recognizes the full spectrum of AI identities in your environment, from AI users and builders to AI agents, and provides actionable strategies for discovery, protection, and defense.

We'll examine how AI security can be looked at through an identity security lens and demonstrate how runtime intelligence reveals dramatically more AI usage than static configuration approaches. Attendees will learn practical methodologies for inventorying their complete AI footprint, identifying risky access patterns, and implementing high-fidelity detection capabilities that enable faster SOC response.

Key Takeaways:
- Understand the three critical categories of AI identities: users, builders, and agents
- Learn why runtime detection reveals 5x more AI activity than static license tracking
- Discover how to identify shadow AI usage and over-privileged AI identities
- Implement a governance framework aligned with NIST AI security guidelines
- Build detection strategies that go beyond traditional NHI approaches

AI Users, Builders, and Agents: Securing the Next Generation of Identities

AI adoption in the cloud is surging, with over 70% of organizations using managed AI services—but security risks are growing just as fast. This latest report uncovers key trends, including the rapid rise of DeepSeek, widespread AI experimentation, and critical security gaps that organizations must address now.

AI Series: The State of AI in the Cloud

The cloud has redefined what is possible in technology, enabling organizations to move faster, scale effortlessly, and innovate without boundaries. Yet the cloud’s defining qualities of speed, scalability, and elasticity have outpaced traditional security models that were built for static, on-premises environments rather than dynamic digital ecosystems. The next phase of cloud security requires a mindset shift that embraces the cloud’s speed, scale, and ephemeral nature as the foundation of a more adaptive and intelligent defense strategy. 

This session explores the next stage in the evolution of cloud security, moving from fragmented visibility and static configuration checks toward real-time insight, automated investigation, and adaptive response. Attendees will learn how automation and AI can help teams embrace the ephemeral nature of the cloud, gaining clarity and control without slowing innovation. 

Participants will gain practical insight into assessing cloud security maturity, identifying visibility gaps, and understanding how intelligent automation enables security teams to analyze activity across thousands of assets, reconstruct events within minutes, and make faster, more confident decisions. We will also discuss how different layers of security, including posture management, threat detection, and incident response, work together to deliver a unified, adaptive approach to securing modern environments. 

The session will inspire participants to view the cloud’s dynamic nature as an opportunity to transform it into an ally in defense, rather than a source of endless complexity.

Redefining Cloud Security in the Era of AI and Automation

Security operations are entering a new era, where AI doesn’t just automate tasks, but understands context, collaborates, and learns. The foundation of this evolution is the Agentic System: a connected network of AI entities designed to make coordinated decisions in complex environments.

In this session, we’ll break down what an agentic system truly is—from its core components to how they operate in a dynamic security operations center. We’ll explore the architecture behind agentic personas, skills, tools, and memory, and show how their interplay leads to faster, smarter, and more predictive defense.

Through practical examples and security-specific use cases, you’ll see how agentic systems are transforming the way teams detect, analyze, and respond to threats, and how to start thinking about building agentic principles into your own environment.

Key Takeaways:
- What defines an Agentic System and why it represents a new model for SecOps
- What makes up an agentic persona and how they can collaborate for a greater outcome.
- How skills, tools, and memory operate in real-time as an agentic system and why this beats standalone automation.
- The outcomes agentic systems can deliver — speed, precision, foresight, and scalability
- Real-world examples of how agentic architectures are reshaping modern security operations

The Anatomy of an Agentic AI System: Understanding the Architecture Behind Faster, Smarter, and Predictive Security

The Cloud Security Alliance recently released the first independent benchmark study of AI agents in the SOC. With 148 analysts across two investigation scenarios, the study delivered hard evidence on how AI makes analysts faster, more accurate, and more consistent.

Hear from CSA CEO Jim Reavis, former Robinhood CISO Caleb Sima, and Dropzone AI CEO Edward Wu as they unpack the results for SOC leaders deciding how to adopt AI today.

What you’ll learn:

• What the data really shows about AI-augmented analysts’ performance in accuracy, speed, and consistency
• Where AI delivers the most value in the SOC today, from Tier 1 triage to Tier 2 investigations
• How analysts felt about AI after hands-on use—and why 94% said their opinion of AI improved
• What SOC leaders should do next to turn research insights into operational advantage

AI in the SOC: Expert Perspectives on the CSA Benchmark Study

As of May 2024, the Wiz Research team has analyzed over 200 cloud security incidents, identified 65 threat actors, and tracked 155 attack techniques alone. With cloud adoption on the rise, security teams now need to understand the threat landscape to stay ahead of evolving risks. Watch the Wiz Research team's insights in this on-demand webinar, featuring an in-depth look at today’s cloud landscape, the latest industry trends, and the most notable threats, including: 
- Who’s targeting the cloud 
- The top 5 most common cloud threats 
- What your organization should prioritize today

How to Find Your Most Critical Risks in the Cloud

MCP servers serve as the backbone that enables AI agents to access the tools, data, and context they need to operate.

By connecting these agents to everything from internal APIs and databases to third-party SaaS systems, MCP turns isolated AI models into fully capable, action-driven agents.

New research by Astrix Security analyzed more than 5,200 open-source MCP servers and surfaced systemic risks:
1. 53% rely on static API keys or PATs
2. Only 8.5% use OAuth applications
3. 79% pass keys via simple environment variables

In this webinar, we will unpack the data, methodology, and what it means for your attack surface.

To help tackle these challenges, Astrix introduces its new open-source MCP Secret Wrapper, a practical way to eliminate hardcoded credentials by fetching secrets from a vault at runtime.

In this session, you will learn how to apply the wrapper for quick wins, how to enforce least-privilege and short-lived access at scale, and how to align with compliance without slowing down your teams.

State of MCP Server Security 2025: What 5,200 Servers Reveal, and the Open-Source Fix You Can Use Today

“What do we actually own in the cloud?” It’s a question security leaders ask every day—yet answers are rarely clear. 

In today’s cloud-driven world, assets, identities, and resources change faster than manual tracking can keep up, creating critical blind spots that attackers can exploit through misconfigurations or overprivileged accounts. For security operations, this speed demands an equally fast response. However, legacy asset management and siloed security tools often fall short, leaving gaps in visibility and costing precious minutes during detection and response.

Join us to see how modern SecOps can outpace attackers by unifying on-prem and cloud telemetry, identifying exposures inside and outside their firewall, and leveraging agentic AI and automation throughout detection, investigation, and response—ensuring cloud blind spots never become entry points.

Key Learnings:
• Why legacy asset management and manual processes can’t keep up with the speed of cloud
• The real risks behind inaccurate cloud inventories, invisible SaaS assets, and cloud exposures
• How AI and automation enable continuous discovery, faster detection, and smarter response in cloud security operations

Cloud Asset Blind Spots: Closing Gaps Before They're Exploited

You’re juggling multiple endpoints. Your remote workforce is creating security gaps. And identity attacks jumped 442% last year alone. In this webinar, you'll hear from Jason Kikta (CISO/SVP, Product at Automox) and Dmitri Alperovitch (Automox Chairman of the Board, co-founder of Crowdstrike) discuss pressing security concerns and real solutions, like:
- What’s actually happening in the current threat landscape
- How autonomous endpoint management eliminates security gaps
- Where Automox is headed next (Spoiler alert: It’s game-changing.)

State of Cybersecurity: A Reality Check

Every day, another AI “agent” for security operations emerges: a playbook runner, a data enricher, a script executor. But stitching together a few task-specific bots doesn’t solve the complex problems facing the SOC—it exacerbates them. On the other side, there’s this promise of an “Autonomous SOC” leveraging agents, but these generic systems don’t have the best understanding or oversight about your environment.

In this webinar, we’ll explore a more effective evolution: Autonomous, role-based, agentic AI personas. Join ReliaQuest President of Field Operations Colin O’Connor, ReliaQuest CTO Joe Partlow and guest speaker Forrester Principal Analyst Allie Mellen for a forward-looking conversation that cuts through the noise to uncover how agentic teammates reframe what’s possible for AI in the SOC. 

In this webinar, you'll learn:
• What distinguishes a task-based agent from a true teammate—and why that matters 
• The architecture of a hybrid human + AI SOC (and what it’s not: autonomous) 
• How to evaluate when to use agentic teammates—and when not to 
• What a future-ready operating model looks like in live use-case walkthroughs

The Case for Agentic Teammates: Moving Beyond Task Bots

The 2025 Identity Automation Crisis: What 500+ Leaders Exposed
Enterprises have never had more identity tools—SSO, password managers, privileged access controls, and governance platforms. On paper, the identity stack looks mature. But beneath the surface, a critical problem persists: the last mile of identity still runs on manual execution.

The new 2025 Identity Automation Gap Report, based on insights from 500+ IT and security leaders, shows just how wide the gap really is:
• 58% of former employees keep access to systems after leaving
• 41% still share passwords manually (yes, spreadsheets)
• Fewer than 4% of enterprises have fully automated core identity workflows

Join Matt Chiodi, CSO at Cerby, and Aaron Turner, Faculty at IANS, as they unpack what the data reveals and share practical ways to:
• Spot and close your biggest identity blind spots
• Extend automation to disconnected apps (without ripping out your stack)
• Turn manual execution into automated protection that’s secure, scalable, and resilient

The 2025 Identity Automation Crisis: What 500+ Leaders Exposed

The transformative power of AI is undeniable, yet unlocking its full potential requires enterprises to secure their enterprise data to safely scale AI systems. Building trustworthy AI Assistants and Agents necessitates a comprehensive understanding of your organization's data landscape – especially unstructured data – coupled with fine grained access controls to protect against accidental leakage of sensitive data, clever cyber attacks and inappropriate internal access.

Join Nikhil Girdhar from Securiti and Shanmugam Kandaswamy from AWS  as they discuss how to apply Securiti DSPM to accelerate the safe deployment of enterprise AI assistants and agents with Amazon Q Business. Gain technical insights on how to establish proactive data security and governance, and mitigate emerging AI risks, such as OWASP Top 10 for LLMs.

Attendees will learn how to:

• Create comprehensive Data+AI mapping with full data lineage and provenance
• Prevent unintended data access by users of AI Assistants by enabling stronger data access controls
• Mitigate emerging AI risks such as prompt injections and sensitive data exposure
• Improve the efficacy of AI responses by minimizing redundant, obsolete, and trivial (ROT) data

From Data to Deployment: Safeguarding Enterprise AI with Security and Governance

Conquering Cloud Security Pain Points addresses the critical security challenges enterprises face in the cloud. The agenda includes a discussion of the promise versus the reality of cloud security and a deep dive into six key pain points. The session will also present strategic approaches to overcome these challenges, such as fostering unified visibility and control, implementing consistent policy enforcement, and streamlining security change workflows. The presenter, David Geffen, CMO at AlgoSec, will also cover achieving continuous compliance, bridging the cloud security expertise gap, and embracing proactive risk prevention. The presentation concludes with key takeaways and next steps for a holistic security strategy.

Conquering Cloud Security Pain Points

Securing your organization is no longer just an IT issue; it's a financial necessity. This webinar explores how identity security can help companies reduce global cyber losses by billions. We'll discuss how these findings are reshaping corporate budgets and influencing how insurers assess risk.

Key Takeaways
• Financial Impact: Learn how strong identity security directly reduces your financial exposure to cyber threats.
• Evolving Threats: Discover how the changing the threat landscape and the security strategies needed to combat it.
• Actionable Advice: Get practical guidance on where to start with identity security and how executives can use this data to justify critical investments.

Join us to learn how to turn identity security from a cost into a competitive advantage.

From Risk to ROI: The business case for identity security

Generative AI tools like ChatGPT are rapidly being adopted across enterprises to drive efficiency, but they come with real and immediate security implications.

Recent studies show that 15% of employees are pasting data into GenAI tools, and 1 in 3 are unknowingly sharing sensitive information. These behaviors create a new layer of risk: inadvertent data leaks, compliance violations, and exposure of confidential assets.

As a result, most organizations face a blunt choice: block GenAI entirely or allow it unchecked. Neither option is valid in today’s world. But GenAI security and productivity shouldn’t be an “either-or” choice.

In this webinar, LayerX security leaders will break down how to secure GenAI usage without sacrificing its value. You’ll get a clear understanding of how these tools are being used, what risks they create, and what practical steps you can take to mitigate them.

Register for this webinar to learn:
• Industry Insights: See how and where GenAI is being used across the enterprise—by whom, for what, and how often.
• Risk Breakdown: Learn what kinds of sensitive data are being exposed, and what that means for your security and compliance posture.
• Protective Actions: Walk away with specific policies, controls, and tools to reduce risk while enabling safe GenAI adoption.
• Real World Lessons: Hear how leading security teams are addressing these challenges in real-world environments.

Whether you’re a CISO, a security architect, or part of the compliance team, this session will give you clear, actionable guidance to secure your organization’s GenAI usage—before it becomes a problem.

Register now and take control of GenAI security before it takes control of you.

Preventing GenAI Data Leakage: Enabling Innovation Without Compromising Security

This webinar offers cloud network security experts an in-depth look at the paradigm shift from traditional perimeter-based security to a modern application-centric approach. Discover why conventional data center security models, relying on static policies and firewalls, are ill-suited for the dynamic nature of cloud environments, which are characterized by the explosive growth of IaaS, PaaS, and SaaS. We will explore the critical challenges posed by vanishing perimeters, lack of visibility into cloud environments, and the complexities of securing highly dynamic resources like VMs, containers, and microservices. The session will detail the core principles of application-centric security, including achieving granular visibility into application dependencies, implementing Zero Trust frameworks with verification and validation checkpoints, and leveraging microsegmentation for enhanced isolation. Furthermore, learn how automation and orchestration are essential for consistent policy enforcement, faster response times, and increased efficiency in managing cloud security at scale across diverse multi-cloud and hybrid infrastructures.

The Evolution of Cloud Network Security: From Silos to Service-Centricity

In an era where cloud adoption is accelerating, building trust and achieving compliance with data protection regulations is critical. This abstract highlights a joint presentation by Daniele Cattadu, the Chief Technology Officer (CTO) for the Cloud Security Alliance (CSA), and Gabriela Mercuri, the Managing Director of SCOPE Europe, focused on "Building Trust in the Cloud: Find Your GDPR Compliance Path through the STAR Program."
The presentation explores the importance of the CSA's Security, Trust, and Assurance Registry (STAR) Program as a means to navigate the complex landscape of General Data Protection Regulation (GDPR) compliance in cloud environments. Both Cattadu and Mercuri provide valuable insights, emphasizing its role in establishing trust and transparency between organizations and cloud service providers.
By incorporating insights from Cattadu and Mercuri, organizations can confidently navigate the complexities of GDPR compliance, ensuring the privacy and security of personal data while fostering trust in cloud environments.

Trust in the Cloud: Find your GDPR Compliance Path with the STAR Program

In the past governments use of public cloud was limited, today the use of public cloud infrastructure both by governments and organizations is rising and transforming the digital services provided by them.

Adoption of the “cloud first” strategy by governments is one of the accelerators of digital transformation and cloud adoption. The Israeli government adopted the “cloud first” strategy in 2021 and promotes cloud adoption across government through the Nimbus project.

This presentation will introduce the audience to the Nimbus project and the national journey to build trust in cloud computing.

National Roadmap to Cloud Adoption The Trust Factor: Trust in Cloud Computing

In this fireside chat, we will discuss the importance of Cloud Assurance Programs and Ecosystems, specifically focusing on the role of auditors, technology, and education. Cloud computing has become a critical component of modern businesses but presents unique security and compliance challenges. The panelists will delve into how organizations can ensure the security and reliability of their cloud systems by implementing robust assurance programs and ecosystems. The discussion will also explore the latest technological advancements in cloud security, including automation and artificial intelligence, and how they can be leveraged to strengthen cloud assurance. Additionally, the panelists will discuss the importance of ongoing education and training for auditors, IT professionals, and business leaders to keep up with the ever-evolving cloud security landscape. This fireside chat aims to provide insights and practical advice for organizations seeking to establish and maintain effective cloud assurance programs and ecosystems.

A Fireside Chat: Roles of Auditors, Technology, and Education in Cloud Assurance

Large organizations continue to fall for credential-based phishing attacks, which often lead to costly breaches. Traditional multi-factor authentication (MFA) methods are increasingly under attack and are especially prone to phishing. Join us to learn about the journey Okta and its customers are taking to phishing resistant authentication.

Defend your workforce with phishing-resistant MFA

This topic will highlight the transformative power of compliance assurance in today's competitive business landscape. It will explore the shift from compliance as a mere regulatory burden to a strategic business opportunity. The session will delve into the critical components of a robust compliance framework, including risk management, process improvement, and continuous monitoring. Avani will share her insights and experience in building compliance frameworks that help businesses achieve their objectives while mitigating risk through assurance. Attendees will learn how to leverage compliance assurance as a competitive advantage and leave with practical tips and strategies to implement in their own organizations.

Transforming Compliance into Competitive Advantage: Building a Robust Framework

Data privacy and security issues arise as cloud computing becomes increasingly important to enterprises. The Cloud Security Alliance's Security, Trust, Assurance, and Risk (STAR) initiative helps enterprise CISOs handle these concerns. This talk will discuss how the STAR program improves cloud security, risk management, industry standards, continuous improvement, and security culture. CISOs can assess cloud service provider security controls, streamlining vendor risk management, and comply with industry requirements using the STAR program. Attendees will learn the CSA STAR program's benefits and uses, enabling them to make informed decisions about their organization's cloud security strategy.

Discover the Cloud Security Alliance's STAR Program: Enterprise CISOs Must Know

The CSA STAR Program has finally become a widespread, mature and globally accepted point of reference regarding governance, risk management, compliance, assurance and transparency in the cloud market. The early adopters of the program were the pioneers and the first ones to understand the strategic, technical and business value of the Program.  In this panel, with the support of those STAR Champions, we’ll articulate the business, strategic and technical values of the STAR Program;  how organizations of any size, geography and business sector can reap the benefits of the program and take advantage of the experience of the mature adopters are.

Examining the business, strategic, and technical values of the STAR Program

Addressing cybersecurity risk can be a complex challenge. Governments around the world are implementing regulatory measures to raise mandatory minimum cybersecurity standards, including requirements to report cyber incidents to the relevant government authorities. Furthermore, each business sector has its own set of cybersecurity standards to adhere to: ranging from ISO 27001 to PCI DSS to FedRAMP and beyond. This talk is intended for security professionals, cloud architects, and IT leaders who are responsible for developing and implementing cloud assurance programs. It will provide them with an overview of the challenges and opportunities associated with cloud security, and some of the best practices that have been developed to address these challenges.

Simplify Regulatory & Compliance Requirements in the Cloud

Cloud computing has become an essential aspect of the motion picture industry, but it brings new security challenges that must be addressed to protect intellectual property. In this fireside chat, the Cloud Security Alliance and the Trusted Partner Network discuss best practices for cloud security, leveraging CSA's guidelines for risk assessment, data classification, access control, and incident response. TPN provides standardized assessments for service providers involved in media creation and distribution. The chat provides insights on implementing effective cloud security practices, emphasizing the significance of collaboration between industry players, standards organizations, and security experts.

Cloud Security and Best Practices in the Motion Picture Association

In this panel, we'll discuss the cloud security governance, compliance and supply chain risk challenges in this Financial Sector. We'll introduce the missions and goals of the European Cloud User Coalition (ECUC), a leading organization in the Europen Financial sector of the Cyber Risk Institute, and discuss how the collaboration with the Cloud Security Alliance might help the financial sector address the above-mentioned challenges.
The panellists will discuss the role of CCM in supporting FIs in their cloud journey and the possible extension of the framework so as to better satisfy the specific need of global financial service institutions.

The CCM for Financial Services

The Cloud Security Alliance (CSA) and the Information Security Forum (ISF) have teamed up on a new initiative to provide the cloud/cyber security community with new resources to map and integrate CSA’s Cloud Controls Matrix (CCM) and ISF’s Standard of Good Practice 2022. This presentation topic will enable organizations to have an insight into a CSA-ISF jointly conducted mapping project, involving a mapping and requirements comparison between the two frameworks. The outcome of the project constitutes a valuable tool for cloud organizations to identify the equivalent (overlapping) security requirements between CCM and SOGP, and more importantly the missing (deltas) cloud-specific CCM security requirements in SOGP and vice versa, especially when seeking to integrating these with their cloud security and compliance programs.

CSA-ISF Partnership: CCM and SOGP Framework and their Mapping Alignment

In this panel, we’ll discuss, with some relevant members of the CCM community (CCM leadership and co-authors), the current state of play and upcoming evolutions of the matrix and its components, Implementation and Auditing Guidelines, the Shared Security Responsibility Model (SSRM) Guidelines, Metrics and the CCM Lite. We’ll explain the goal, objectives and target audience of the CCM and its components and address critical questions such as: Why should organisations adopt CCM? How can they best take advantage of the framework? How can CCM be used to satisfy industry-specific governance, risk and compliance needs?

The Current State of Play and Upcoming Evolutions of the CCM

The National Institute of Standards and Technology (NIST) is working with the community to update the widely used NIST Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape. Hear from NIST on the process to update the Framework and potential considerations to reflect the increasing use of cloud computing.

Journey to the NIST Cybersecurity Framework 2.0

2023 Cloud Trust Summit

The panel will discuss the importance of a standard-based approach to Cloud Security Governance automation, the role and value of OSCAL as the standardized language to harmonize the assessment and compliance, the role and value of security frameworks such as CIS Controls, and CSA Cloud Control Matrix, the importance of the mapping between the various industries security framework, international standards, legal and regulatory requirements, compliance mechanisms, and the key role of a standard approach to mapping in the OSCAL language to allow effective and efficient assurance interoperability at scale.

Standards-based Cloud Security Governance Automation: CIS-CSA-NIST collaboration

Cyber Security

Information Security

Cloud Security

Cloud

Security

IT Security

Data Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Standards-based Cloud Security Governance Automation: CIS-CSA-NIST collaboration

Presented by

About this talk

Cloud Security Alliance: CloudBytes