Hi [[ session.user.profile.firstName ]]

Emerging Trends Impacting the European Union

Ten years after the formation of the Cloud Security Alliance, cloud computing is a proven and globally accepted enterprise delivery and operational technology model. According to a January 2019 IDC report, the spending on Cloud IT infrastructure may have reached a tipping point in the third quarter of 2018 by surpassing traditional IT revenues with slightly more than a 50% market share.
Looking at the European market, on one hand cloud computing appears not to have achieved maturity and expressed its full potential, yet on the other we see several new emerging and converging trends (Industrial IoT, Blockchain and AI). This session will address emerging technology trends and the risk and opportunities in the aftermath of the COVID 19 pandemic.
Recorded Jun 12 2020 69 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniele Catteddu (CSA) Raj Samani (McAfee), Rich Mogull (Securosis).
Presentation preview: Emerging Trends Impacting the European Union

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Serverless Security in 2020 and what is the future for Serverless Recorded: Jun 12 2020 32 mins
    Vishwas Manral
    Serverless platforms enable developers to develop and deploy faster, allowing an easy way to move to Cloud native services without having to manage infrastructure - including container clusters or virtual machines. This presentation covers security for the serverless applications, focusing on best practices and recommendations for security professionals. We will also talk briefly of the need for CICD and to help secure serverless workloads.
    As part of the presentation we will also talk of the evolution of serverless and what we think the future of serverless security holds.
  • "Security as code" for automated development pipelines Recorded: Jun 12 2020 45 mins
    Andrey Pozhogin Senior Product Marketing Manager, Hybrid Cloud Security Kaspersky
    How to avoid letting supply chain attack compromise your most sensitive machines.
    Supply-chain attacks affecting software development when a malicious code is introduced into legitimate software through supply chain poisoning is an effective tool for cybercriminals. It has been used many times in the wild, successful attacks generating hundreds of thousands of downloads leading to successful pipeline compromise and backdoored software distribution. Such attacks tend to target the most sensitive production environments and are enabled and augmented by sub-par security practices and miscommunication between DevOps and InfoSec. The results are long-lasting, impacting the company image, relations and often bottom line. Let’s discuss how DevOps can introduce on-demand security to their CI/CD pipelines without hindering their KPIs.
  • Emerging Trends Impacting the European Union Recorded: Jun 12 2020 69 mins
    Daniele Catteddu (CSA) Raj Samani (McAfee), Rich Mogull (Securosis).
    Ten years after the formation of the Cloud Security Alliance, cloud computing is a proven and globally accepted enterprise delivery and operational technology model. According to a January 2019 IDC report, the spending on Cloud IT infrastructure may have reached a tipping point in the third quarter of 2018 by surpassing traditional IT revenues with slightly more than a 50% market share.
    Looking at the European market, on one hand cloud computing appears not to have achieved maturity and expressed its full potential, yet on the other we see several new emerging and converging trends (Industrial IoT, Blockchain and AI). This session will address emerging technology trends and the risk and opportunities in the aftermath of the COVID 19 pandemic.
  • Panel Discussion: GDPR with the CSA Center of Excellence Recorded: Jun 11 2020 54 mins
    Linda Strick (CSA), Nathaly Rey (Google), Marc Lueck (Zscaler), Neil Thacker (Netskope), Blake Brannon (OneTrust)
    This session hosted by the CSA EMEA Privacy Center of Excellence will address accountability under GDPR and how Codes of Conduct and certifications are being leveraged by organizations to drive transparency, compliance, and trust.
  • Introduction to the Code of Conduct Recorded: Jun 11 2020 22 mins
    Paolo Balboni
    GDPR Fundamentals & CSA Code of Conduct: Objectives, Scope and Methodology.
  • Oh $*!%: Security Doesn’t Have to Be a Four-Letter Word for Developers Recorded: Jun 10 2020 58 mins
    Chris Hertz VP Cloud Security Sales DivvyCloud by Rapid7 Jeremy Snyder, Sr. Director DivvyCloud by Rapid7
    Join Chris Hertz, VP, and Jeremy Snyder, Sr. Director, DivvyCloud by Rapid7 to learn how to achieve full lifecycle cloud security. They will discuss how cloud security challenges manifest in DevOps and how cloud security and developer misalignment creates friction and makes security a four-letter word. Additionally, they will provide guidance on how to integrate cloud security into DevOps with pipelines and Infrastructure as Code to improve developer productivity and cloud security.
  • European Banking Federation on Cloud Recorded: Jun 10 2020 32 mins
    Alexandra Maniati, European Banking Federation
    Alexandra will share insights on the multi-level work of the European Banking Federation (EBF) to facilitate the adoption of cloud computing in the European banking sector. The EBF supports the efforts of European institutions and agencies to promote security for cloud usage, contributing the banking industry's input in shaping processes and standards. Emphasis is attributed on the need for a future-proof risk-based approach, alleviation of fragmentation and establishment of a common security level.
  • Establishing a Modern Foundation for Advanced Insight Recorded: Jun 10 2020 65 mins
    Scott Bridgen GRC Consulting Director OneTrust GRC
    An effective governance, risk and compliance program should enable all stakeholders across business units to break down traditionally siloed risk areas and replace them with a connected, holistic view of risk that spans their organization and relationships. However, the data sprawl and scope of GRC initiatives can make this seem like a daunting or unattainable task. When reviewing today's roles, responsibilities and technology across today’s data driven landscape, there are three key aspects that set the foundation for establishing an insightful GRC program. In this session, we’ll review modern day GRC-drivers as well as the challenges of operating in the age of digital enterprises. We’ll breakdown practical applications and lessons learned in building a risk-based culture, proactively monitoring compliance, and mapping digital enterprises for GRC success.
    −Define business outcomes to own risk within each line of business and encourage support across leadership
    −Understand how to harmonize regulatory obligations and business objectives to effectively balance compliance and risk
    −Learn how to eliminate overlap across systems to work together and add greater business value to every layer of an organization.
  • Panel: Risk Management and Governance Recorded: Jun 10 2020 69 mins
    Daniele Catteddu (CSA); Steven Mezzio (Director Lubin School), David Frei (Capital One Audit), Craig Balding
    Cloud Computing is entering a mature phase from both the market share and technical evolution standpoint. However, one area that could achieve better results is security and privacy governance. Modernizing the risk management approach, improving the organizational accountability program and streamlining compliance are to be considered key goals for companies that want to optimize their cloud investments and reduce the likelihood of security and privacy incidents.
    Two of the foundational pieces for this optimization process are compliance with solid standards and a skilled and knowledgeable workforce.
    In this session Daniele Catteddu, Global CTO at CSA, will moderate a panel of key experts on cloud auditing, risks management and governance from the Financial Services sector and Accademia.
  • Cybersecurity Certification Framework under the EU Cybersecurity Act Recorded: Jun 9 2020 24 mins
    Andreas Fuchsberger
    This talk will look at the Cybersecurity Certification Framework under the EU Cybersecurity Act (2019), give an overview of the new European cybersecurity certification schemes under development and offer an outlook on the implementation and use of such schemes for 2021 and beyond.
  • Continuous Audit-based Certification Recorded: Jun 9 2020 24 mins
    Alain Pannetrat Senior Researcher Cloud Security Alliance
    Certifications or attestations championed through the CSA STAR program, ISO/IEC, or AICPA, have been a critical driver in the adoption of cloud service across the globe. However, for some cloud customers in sensitive or highly-regulated industries such as banking or healthcare, these certifications or attestations are not sufficient because they do not provide a continuous level of assurance as they rely on annual or bi-annual audits only.
    To address the concerns of this segment of the industry, the Cloud Security Alliance (CSA) is building a continuous auditing framework designed to provide assurance to customers on a monthly, daily, or even hourly basis. This framework can be applied either to self-assessments or third-party certifications.
  • Cybersecurity Certification Framework under the EU Cybersecurity Act (2019) Recorded: Jun 9 2020 24 mins
    Andreas Fuchsberger, International Standards Officer, Microsoft
    This talk will look at the Cybersecurity Certification Framework under the EU Cybersecurity Act (2019), give an overview of the new European cybersecurity certification schemes under development and offer an outlook on the implementation and use of such schemes for 2021 and beyond.
  • Toward a European Certification Scheme for Cloud Services Recorded: Jun 9 2020 24 mins
    Eric Vétillard Lead Certification Expert ENISA
    In 2019, the Cybersecurity Act became a law in Europe, establishing a European Certification Framework. In November 2019, the European Commission tasked ENISA with designing a candidate scheme for cloud services. This work is currently underway. This presentation will first describe the Cybersecurity Act's Certification Framework, and then provide a high-level status on the ongoing work on the scheme for cloud services.
  • Toward a European Certification Scheme for Cloud Services Recorded: May 28 2020 42 mins
    Eric Vétillard, ENISA
    In 2019, the Cybersecurity Act became law in Europe, establishing a European Certification Framework. In November 2019, the European Commission tasked ENISA with designing a candidate scheme for cloud services. This work is currently underway. This presentation will first describe the Cybersecurity Act's Certification Framework, and then provide a high-level status on the ongoing work on the scheme for cloud services.
  • Continuous Audit-based Certification Recorded: May 26 2020 41 mins
    Alain Pannetrat, Cloud Security Alliance
    Certifications or attestations championed through the CSA STAR program, ISO/IEC, or AICPA, have been a critical driver in the adoption of cloud service across the globe. However, for some cloud customers insensitive or highly-regulated industries such as banking or healthcare, these certifications or attestations are not sufficient because they do not provide a continuous level of assurance as they rely on annual or bi-annual audits only.
    To address the concerns of this segment of the industry, the Cloud Security Alliance (CSA) is building a continuous auditing framework designed to assure customers on a monthly, daily, or even hourly basis. This framework can be applied either to self-assessments or third-party certifications.
  • Fighting COVID-19 with secure & private location tracking application Recorded: Apr 1 2020 53 mins
    Moshe Ferber, CSA Israeli Chapter and Guy Barnhart-Magen, Profero
    The Israeli ministry of health was facing a major challenge, develop fast solution for tracking the movement of citizens and alert if they been exposed to COVID-19 patients while the keeping privacy of the citizens safe. In very short time frame the ministry with the help of security community released an open source application that got the full blessing and support even from the security community. In this webinar Moshe Ferber, Chairman @ CSA Israeli Chapter and Guy Barnhart-mages, CTO @ Profero and consultant for the ministry, will be talking about the process of releasing this new application and how challenges were analyzed and solved.
  • Addressing The Top 20 Critical Controls for ERP Applications Recorded: Nov 5 2019 57 mins
    Juan Perez-Etchegoyen, CTO, Onapsis &Victor Chin, Research Analyst, CSA
    This webinar will introduce CSA's Top 20 Critical Controls for Cloud ERP Customers document. The webinar will discuss common challenges of migrating and operating ERP applications in the cloud as well as discussing the Top 20 critical controls that organizations can use to help them secure their ERP applications in the cloud.
  • Software Defined Perimeter Architecture Guide Recorded: Oct 1 2019 17 mins
    Jason Garbis
    SDP combines well-proven technical and architectural components to protect networked applications and infrastructure, more efficiently and effectively than with traditional network security tools.
    This document serves to explain SDP, educate readers on its benefits, and encourage its adoption.
  • Mitigating the Quantum Threat with Hybrid Cryptography Recorded: Sep 6 2019 11 mins
    Roberta Faux, Director of Advanced Cryptography, Black Horse Solutions
    In this webinar, the lead author for CSA's "Mitigating the Quantum Threat with Hybrid Cryptography," Roberta Faux, will give the document background and an overview of what you can expect in the document itself.
  • Application Containers and Microservices: Challenges and Best Practices Recorded: Aug 9 2019 15 mins
    Anil Karmel, Application Containers and Microservices Working Group Co-Chair, CSA & Co-Founder and CEO, C2 Labs
    Application containers and a microservices architecture are being used to design, develop and deploy applications leveraging agile software development approaches such as Development Operations. Security must be embedded into these software development approaches. CSA has recently released two documents that outline the challenges and best practices in securing application containers and microservices to provide guidance on the engineering of trustworthy secure systems through the lens of the Developer, Operator and Architect.

    In this webinar, Anil Karmel, co-chair for the CSA Application Containers and Microservices Working group will cover....
    - define application containers and microservices
    - background on the research and development of the artifacts
    - container security challenges and best practices
    - microservices challenges and best practices
    - overview of the document contents
Exploring the latest research from CSA.
Go in depth into CSA's latest research on everything from IoT to containers to blockchain. Webcasts will break down the research, provide use cases, instructions for implementation, and further insights.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Emerging Trends Impacting the European Union
  • Live at: Jun 12 2020 7:00 am
  • Presented by: Daniele Catteddu (CSA) Raj Samani (McAfee), Rich Mogull (Securosis).
  • From:
Your email has been sent.
or close