Hi [[ session.user.profile.firstName ]]

CCAK Webinar Series: Modules 3 & 7

This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

Learning Objectives- Module 3: Introducing CCM and CAIQ
- Describe the CCM and CCM domains.
- Explain the Consensus Assessment Initiative Questionnaire (CAIQ).
- Outline the CCM and CAIQ structure.
- Recall the CCM relationship with other frameworks: the mapping and gap analysis.
- Compare transition changes from CCM V3.0.1 to CCM V4.

Learning Objectives- Module 7: CCM Auditing Guidelines
- Describe CCM Auditing Guidelines.
- Define the CCM Audit Scoping Guide.
- Explain the approach used in the CCM Risk Evaluation Guide.
- Evaluate the CCM Audit Workbook.
- Apply the CCM Auditing Guide.
Recorded Aug 25 2021 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniele Catteddu, Agnidipta Sarkar, and Sanjeev Gupta
Presentation preview: CCAK Webinar Series: Modules 3 & 7

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The State of Cloud Security Risk, Compliance, and Misconfigurations Oct 22 2021 5:00 pm UTC 60 mins
    TBD
    CloudHealth partnered with the Cloud Security Alliance (CSA) to survey nearly 1,090 IT and Security professionals to assess organizations’ readiness for mitigating public cloud security and compliance risks due to configuration mistakes. In this webinar, we will drill deeper into this complex topic of misconfiguration risks, discuss the key findings from the research, and provide actional recommendations for organizations focused on strengthening their cloud security and compliance posture.

    Join us on Friday, October 22 at 12PM CT for a webinar discussion with the Cloud Security Alliance and CloudHealth Secure State, where you’ll hear:
    - Key findings from The State of Cloud Security Risk, Compliance, and Misconfigurations report
    - Prescriptive recommendations for successful cloud security and configuration management
    - Important considerations when choosing a cloud security and compliance solution
  • Whitepaper: Practical Preparations for the Post-Quantum World Oct 13 2021 3:00 pm UTC 60 mins
    Ludovic Perret, Co-chair, Roger Grimes, Roberta Faux, & Edward Chiu, CSA QSS Working Group, and William Barker, NCCoE
    Cryptographically significant quantum computers, computers that can break traditional asymmetric cryptography and significantly weaken popular symmetric encryption, will likely appear in the near-term future. If you have digitally stored and/or transmitted secrets you need protected for more than a few more years then you need to begin your post-quantum project now!

    Join this webinar to learn more about CSA Quantum-Safe Security Working Group's latest release titled Practical Preparations for the Post-Quantum World including:
    - Steps organizations can take now to protect long-term secrets
    - Near-term actions to prepare
    - Post-quantum alternatives to current methods
  • Data Security & Encryption: raccomandazioni, soluzioni in ottica Privacy Recorded: Sep 23 2021 75 mins
    Alberto Manfredi, Valerio Vertua, Luca Calindri, Luigi Vezzoso
    La sicurezza del dato, ovvero dell’informazione é ormai un requisito fondamentale per usare consapevolmente e in sicurezza le opportunità del mercato Cloud. Tuttavia molte organizzazioni, pubbliche e private, evidenziano difficoltà nel gestire in cloud grandi quantità di informazioni in modalità differenziata secondo livelli di criticità e privacy dell’informazione e quindi nello scegliere servizi cloud appropriati e sicuri. La crittografia e’ sicuramente una delle misure di sicurezza più importanti per indirizzare questo problema.

    CSA Italy e Thales presenteranno alcune raccomandazioni e soluzioni in ambito data security, privacy e crittografia che sono utilizzate per impostare un’adeguata strategia di sicurezza del dato ed una appropriata selezione dei fornitori cloud.
  • Using SDP-based Zero Trust to thwart ransomware attacks Recorded: Sep 22 2021 58 mins
    Juanita Koilpillai, Technical Advisor, and Bob Flores, Jason Garbis, and Junaid Islam, Co-Chairs, SDP Zero Trust WG
    Ransomware attacks have continued to increase and have become a major risk for both private and public enterprises. This session will provide an overview of ransomware attacks and the utilization of a SDP-based Zero Trust Architecture as an effective countermeasure.
  • CCAK Webinar Series: Module 8 Recorded: Sep 8 2021 45 mins
    Rich Mogull
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 8: Continuous Assurance and Compliance
    - Explain continuous assurance and compliance.
    - Define DevOps and DevSecOps.
    -Apply DevOps and DevSecOps to security.
    -Outline auditing deployment/CI/CD pipelines.
    - Describe DevSecOps automation and maturity.
  • CCAK Webinar Series: Modules 5 & 6 Recorded: Sep 1 2021 63 mins
    Andrew Williams, Doug Barbin, and Vince Campitelli
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 5: Cloud Auditing
    - Describe the compliance program evaluation approach.
    - Recall the governance perspective.
    - Outline the perspectives of legal, regulations and standards.
    - Define service changes.
    - Explain the need for continuous assurance -and continuous appliance.

    Learning Objectives- Module 6: Evaluating a Cloud Compliance Program
    - Outline audit characteristics, criteria and principles.
    - Describe auditing standards for cloud computing.
    - Define auditing an on-premise environment vs. cloud.
    - Recall differences in cloud services and cloud delivery models.
    - Explain audit building/planning and execution.
  • CCAK Webinar Series: Modules 3 & 7 Recorded: Aug 25 2021 61 mins
    Daniele Catteddu, Agnidipta Sarkar, and Sanjeev Gupta
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 3: Introducing CCM and CAIQ
    - Describe the CCM and CCM domains.
    - Explain the Consensus Assessment Initiative Questionnaire (CAIQ).
    - Outline the CCM and CAIQ structure.
    - Recall the CCM relationship with other frameworks: the mapping and gap analysis.
    - Compare transition changes from CCM V3.0.1 to CCM V4.

    Learning Objectives- Module 7: CCM Auditing Guidelines
    - Describe CCM Auditing Guidelines.
    - Define the CCM Audit Scoping Guide.
    - Explain the approach used in the CCM Risk Evaluation Guide.
    - Evaluate the CCM Audit Workbook.
    - Apply the CCM Auditing Guide.
  • CCAK Webinar Series: Modules 4 & 9 Recorded: Aug 18 2021 60 mins
    Jon-Michael Brook and John DiMaria
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 4: A Threat Analysis Methodology for Cloud Using CCM
    - Describe threat analysis essentials.
    - Use the Top Threat Analysis Methodology to analyze attack details.
    - Document attack impacts based on the Top Threat Analysis Methodology.
    - Apply Threat Analysis Methodology for cloud using CCM.
    - Evaluate a Top Threats method use case.

    Learning Objectives- Module 9: Security Trust Assurance and Risk (STAR) Program
    - Outline the components of the STAR program.
    - Explain the security and privacy implications of STAR.
    - Describe the Open Certification Framework.
    - Recall CSA STAR attestation and certification.
    - Detail STAR continuous auditing.
  • CCAK Webinar Series: Module 2 - Cloud Compliance Program Recorded: Aug 11 2021 62 mins
    John Guckian, Jaques Nack, Jon-Michael Brook
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 2:
    - Explain the fundamental criteria for cloud compliance programs.
    - Build and design a cloud compliance program.
    - Describe legal and regulatory requirements and standards and security frameworks.
    - Define controls and identify technical and process controls.
    - Recall CSA certification, attestation and validation.
  • CCAK Webinar Series: Module 1 - Cloud Governance Recorded: Aug 4 2021 61 mins
    Moshe Ferber and Craig Balding
    This is your chance to get up close and personal with some of the authors of the CCAK Modules by listening to our free meet the author webinar series

    You can hear directly from the authors in an informal setting where you’ll be able to learn and ask questions. Each session is around 60 minutes and will give you a better understanding of the Study Guide, the research behind it and the authors themselves. If listening live you'll also get the chance to submit your own questions during the question and answer portion at the end.

    Learning Objectives- Module 1:
    - Describe cloud governance concepts.
    - Explain cloud trust, transparency and assurance.
    - Identify cloud governance frameworks and requirements.
    - Discuss cloud risk management and cloud compliance considerations.
    - Distinguish between cloud governance tools and their use.
  • Zero Trust Security: An Enterprise Guide Recorded: Jul 14 2021 58 mins
    Jerry W. Chapman, Optiv Security
    Zero Trust security has become a major industry trend, and yet there still is uncertainty about what it means. Register today to learn from Jerry Chapman from Optiv Security as he provides the realistic guidance and requirements your security team needs to successfully plan and execute a journey to Zero Trust while getting more value from your existing enterprise security architecture.
  • Getting Sassy With SASE Recorded: May 20 2021 61 mins
    Mike Jordan, Founder/Principal of 23Advisory and contributing Cloud Security Alliance | Delaware Valley Board Member
    Join the CSA Delaware Valley and Triangle chapters and our panel of experts in discussing the emerging technologies and challenges around SASE (Secure Access Service Edge).


    By tuning in to this panel discussion one can expect to come away with an understanding of what SASE is, the problems it solves, and what a well thought out implementation looks like. Our panel of experts will discuss multi-cloud use cases, how to operationalize the service and the impact SASE has on digital transformation initiatives.
    Confirmed Speakers

    Panelist – Larry Bilker, EVP CIO of Pyramid Healthcare
    Panelist – Barrett Gobeyn, CISO for UnitedHealthcare
    Panelist – Richard Scott, Chief Security Architect at Optum
    Panelist – Greg Young, VP of Cybersecurity of Trend Micro

    Moderator – Mike Jordan, Founder/Principal of 23Advisory and contributing Cloud Security Alliance | Delaware Valley Board Member
  • Hyperledger Fabric 2.0 Architecture Security Controls Checklist and Report Recorded: May 13 2021 42 mins
    Urmila Nagvekar & Carlos Dominguez, Lead Authors, CSA Blockchain/DLT Working Group
    Learn about the latest releases from CSA's Blockchain and DLT Working Group titled "Hyperledger Fabric 2.0 Architecture Security Controls Checklist" and "Hyperledger Fabric 2.0 Architecture Security Report"
  • Blockchain in the Quantum Era Recorded: Apr 30 2021 12 mins
    Ashish Mehta, Co-chair for Blockchain Working Group, and Bruno Huttner, Co-chair for Quantum Safe Security Working Group
    CSA recently released a document provides an introduction to DLT/blockchain technology, some of its representative applications, and an overview of the leading post-quantum algorithm candidates that are actively being pursued. In this webinar, Ashish Mehta, Co-chair for the Blockchain/DLT Working Group, and Bruno Huttner, Co-chair for the Quantum-safe Security Working Group, talk about what to expect in the document.
  • C-Suite Success in an Age of Digital Transformation Recorded: Apr 15 2021 23 mins
    Illena Armstrong, CSA
    It’s no surprise that organizations of all sizes have embraced the cloud in some capacity, especially this last year as we all contend with a global pandemic. What may be surprising to some of CISOs and other executive stakeholders, however, have been the myriad challenges they face as they move their organizations’ journeys along in their digital transformations. For instance, not only do concerns about network security or regulatory compliance come up when embracing cloud environments, worries concerning a lack of cloud security expertise on staff, too few team members to manage the migrations of various workloads to the cloud, and integrations with current IT infrastructures also plague their embrace of often multiple cloud offerings. With the goal of better supporting the C-suite and the evolution of their cloud strategies, CSA is in the throes of establishing a C-level initiative to help address these and still other challenges. During this talk, we’ll share an initial look at the pillars underpinning this offering and just a few of the components that it ultimately may comprise.
  • Cloud Controls Compliance Assessment for Small and Mid sized XaaS Providers Recorded: Apr 15 2021 66 mins
    Ricky Arora, BP; Rolf Becker, UBS; Friedrich Rub, Raiffeisen Group; Nicolas Weibel, Swiss Re
    Many small service providers have seemingly great and good value service offerings, which are mostly cloud-based. Yet, it is often that exactly these small service providers may have limited security awareness, resulting in uncontrolled and unwanted exposure of sensitive data. The European User Group Enterprise & Cloud Data Protection, together with the Cloud Security Alliance are proposing to establish a trusted cloud controls assessment and certification service for such small service providers who may not be in a position to run through a comprehensive CSA STAR L2 or SOC2 certification but still want to be able to offer an acceptable level of assurance to their clients. The intention is to raise security standards for small cloud-based services, establish an industry-standard trusted assurance level, and reduce overall effort spent by service providers and their clients due to multiple and extensive assessments performed for the same service.
  • The CSA Enterprise Architecture Recorded: Apr 15 2021 30 mins
    Jon Michael Brook
    Overview of the CSA Enterprise Architecture.
  • Cloud Security Under the NIS Directive Recorded: Apr 15 2021 30 mins
    Marnix Dekker, ENISA
    Marnix will speak about the cloud security provisions in the NIS Directive, the work ENISA has been doing with the EU Member States on implementing these provisions, and briefly touch on other relevant policy developments like the EU cloud certification scheme and the Commission's NIS2 proposal, which aims to update the current NIS DIrective, and which brings cloud services into the category of essential services.
  • On the Road to Zero Trust Recorded: Apr 15 2021 32 mins
    Bob Flores & Juanita Koilpillai, CSA Zero Trust WG
    In this session you will learn how to navigate the various technologies and processes to transform your organisation to fundamentally change the effectiveness of security and data sharing across DoD networks.
Exploring the latest research from CSA.
Go in depth into CSA's latest research on everything from IoT to containers to blockchain. Webcasts will break down the research, provide use cases, instructions for implementation, and further insights.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CCAK Webinar Series: Modules 3 & 7
  • Live at: Aug 25 2021 2:00 pm
  • Presented by: Daniele Catteddu, Agnidipta Sarkar, and Sanjeev Gupta
  • From:
Your email has been sent.
or close