Name: Bon Appetite: Determining Cyber Risk Appetite Pertinent to Cloud Computing
Start: 2023-09-15T17:00:00Z
End: 2023-09-15T17:00:46.000Z
Location: BrightTALK
Rating: 4.8

Go in depth into CSA's latest research on everything from IoT to containers to blockchain. Webcasts will break down the research, provide use cases, instructions for implementation, and further insights.

In cybersecurity it is important to understand all aspects of best practices and controls: what risks and threats are they solving, what regulations and standards are prescribing them, how to apply them, and how to test for them. Currently, this information is scattered across many different standards and publications in a complex and ever-changing security, legal, and regulatory landscape. OpenCRE solves this problem by connecting standards at the level of common requirements. One of the connected standards is CSA's Cloud Control Matrix. In this webinar you'll learn how to use OpenCRE as a gateway to all the available knowledge around your security controls.

OpenCRE: Simplifying Cybersecurity Standards

With CISA’s recent release of the second version of the Zero Trust Maturity Model V2, and the publication of the US Department of Defense's Zero Trust Strategy and roadmap, public and private sector organizations on a Zero Trust journey are curious about the similarities, differences, implications, and future plans for both and the impact on implementations.  

The CSA has assembled a panel of CISA and DoD experts to review their recent publications and provide a summary analysis of the fundamental commonalities and distinct aspects of their respective frameworks and approaches going forward.

Understanding the CISA Maturity Model and DoD's Zero Trust Strategy

While #chatgpt user traffic is plateauing, there is a growing number of other Generative AI IaaS, PaaS and SaaS apps being built by enterprises. Cloud is the backbone for the Generative AI revolution. The responsibility for the Enterprise is different for each of the different service models. We will talk of the key apps in each service category, and how to govern and secure these AI applications.

Governance of AI in the Cloud - Why CISOs Should Care

Scientific computing is a field that is becoming increasingly important as an engine for modern science as algorithms, computer models, and simulations become an increasingly common way to investigate hypotheses and perform analysis against large data sets.  Moreover, the growing shift of the HPC systems that perform these computations to the cloud or to systems with a Web front end means that these systems now face an increased risk of cyber-attacks making it critical to begin to develop ways to secure these systems.  This presentation discusses some recent work of the HPC working group on using tabletop exercises to get the security conversation going with scientific research teams and explores how application security can be used to enhance quality and reliability of scientific software making for not just better security but better science as well.

Aligning HPC Researchers and Security Teams

Over 55% of security executives report that they have experienced a SaaS security incident in the past two years. The attack surface in the SaaS ecosystem is widening and organizations need to know how to secure their SaaS data.

Deeply understanding the state of SaaS security and what steps organizations are taking is therefore essential for organizations to protect themselves from today’s SaaS risks. 

This webinar will discuss:
• The complexity of today’s SaaS security ecosystem 
• The key findings and insights from this year's annual SaaS Security Survey Report
• How organizations can stay on top of their SaaS stack and automate the process

CISOs Plans & Priorities for 2024: Dive into this Year’s SaaS Security Survey

As Artificial Intelligence (AI) continues to revolutionize industries, organizations are increasingly integrating AI technologies into their products and services. While AI promises innovation and efficiency, it also introduces unique security challenges that demand vigilant attention. Ensuring the trustworthiness and resilience of AI-based products and services is critical to safeguarding sensitive data, maintaining user privacy, and mitigating potential risks.

Security Architecture Review of AI-Based Products and Services

Cloud security constantly evolves, so it’s critical that organizations understand how their cloud security postures can impact overall business success. 

Expel commissioned the Cloud Security Alliance (CSA) to develop a survey and report to better understand the industry’s knowledge, attitudes, and opinions regarding security’s relationship to innovation, the outcomes of security-enabled innovation, and trends in cloud use. 

This webcast will review the key findings from the report, which cover: 
• The disconnect between C-suite leadership and security staff on the role of cybersecurity in innovation
• Trends around multi-cloud adoption and the associated challenges security teams face
• The surprising indications that some workloads are moving from the cloud and going back on-prem
• The increasing popularity of containers and its alignment with the “shifting left” trend in DevSecOps

Join Hillary Baron, the lead author of the report and senior technical director at CSA, and Matt Dubie, principal product marketing manager for Expel, to learn more about this enlightening data on some of the most important trends in cloud security.

A Cloud Crossroads: Trends to Know in Innovation, Multi-Cloud, and Kubernetes

CISA recently released version 2 of their Zero Trust Maturity Model. There is a lot of interest across the public and private sectors to understand the differences and similarities between the CISA Maturity Model and earlier frameworks published by Forrester as developed by John Kindervag and Chase Cunningham. The CSA is convening the authors to join a panel discussion moderated by Jason Garbis to elaborate the background thinking, illuminate the similarities and distinctions between them.

Understanding the Two Zero Trust Maturity Models: CISA & Forrester

In this session, we will explore the essential aspects of AI readiness and discuss the necessary steps for successful AI solution deployment with a focus on security, trust, ethics, and compliance. Join us for this informative session to gain a comprehensive understanding of AI readiness. Learn about the essential considerations, actionable steps, and effective countermeasures required to deploy AI solutions securely, ethically, and in compliance with regulations.

AI Readiness Deployment Strategy

AI is the new must have technology, and we don’t have years to learn how to use and deploy it securely. The good news is that there are numerous direct parallels between AI and cloud security, both for producers and consumers of these services. Using the last 14 years of Cloud Security Alliance research and guidance, we can effectively speed run AI security, allowing you to reuse a lot of your existing policies, procedures, tools and knowledge so you can rapidly embrace AI, securely.

Speed Running AI Security – 14 years of I/P/SaaS Cloud Security Guidance

The usage of Generative AI models in the enterprise is expected to rapidly increase. However, it is crucial to control its usage and the data provided to them due to potential security, privacy, governance, and compliance issues. To responsibly harness the full potential of Generative AI, a disciplined approach with automated controls for data and GenAI models are necessary.

Join Rehan Jalil, CEO of Securiti, as they explore how security and privacy leaders are navigating governance around these emerging technologies, and how a framework of unified data controls across silos can enable safe adoption. They will explore:

- The risks associated with the the new Generative AI era
- Policies and controls required to govern sensitive data used in LLMs
- The emerging need of a Data Command Center that provides contextual and automated controls around data 
- Effective collaboration across silos of privacy, governance and security

Managing Security and Privacy Risks in the Generative AI Era

Back in the data center days, companies had a single application that a single engineer deployed and never modified. If a vulnerability was found, the engineer could log into a server and fix it. Today, with the industry spending close to a trillion dollars on cloud infrastructure, operations, and applications, the attack surface has changed dramatically. Modern cloud development is making it faster than ever to build applications, but also more complicated to protect them. How can security and development teams use generative AI to automatically discover and fix cloud vulnerabilities at root causes? Will humans still need to approve changes before they are pushed into production? When will the promise of GenAI be a reality? Join this session and learn how to benefit today, while building a strategy for autonomous remediation in the future.

The Road to Autonomous Cloud Security Remediation

Hyperscalers - the giants of the digital world - are leveraging AI and machine learning to transform the realms of data management and cybersecurity. This panel will delve into how hyperscalers like Amazon Web Services, Microsoft Azure, and Google Cloud are pushing the boundaries of AI and ML capabilities, both for internal operations and their enterprise clients. We'll discuss the innovative security solutions these platforms are pioneering, the role of AI in scaling these solutions, and the implications for businesses looking to fortify their data security in the age of the hyperscalers.

Supersizing Security: Harnessing Hyperscalers in the AI-Driven Era

As sophisticated General AI and Machine Learning technologies become increasingly entwined into everyday business operations, understanding their fundamental principles, how they work, and the associated security implications has never been more crucial. In this engaging seminar, we'll present a business-friendly overview of GenAI and Large Language Models (LLMs), shedding light on their practical security implications and risks, rather than focusing on futuristic applications.

We'll pull back the complex veil on LLMs, simplifying its operations without oversimplifying the technology. Through this, attendees will understand the risk of uncontrolled disclosure of Personally Identifiable Information (PII) using an LLM is carefully managed. We'll then explore various LLM deployment scenarios, namely Public LLMs, Private LLMs, LLMs as a service, and potential LLM abuse by malicious agents.

We aim to provide participants with practical knowledge, discuss common fears with data ingestion and extraction, and recommend actionable strategies.

Demystifying GenAI and LLMs: A Practical Guide to Managing Risks and Security

In this eye-opening keynote, Nic Chaillan, the former Chief Software Officer for the U.S. Air Force and Space Force, and founder of Ask Sage, will explore the transformative power of GPT technology and its potential to disrupt industries, boost productivity, and accelerate innovation.

Chaillan will discuss how GPT is not just a buzzword, but a game-changing technology that brings tangible value to organizations, saving them 40 to 80% of their time on average. He will emphasize the importance of embracing GPT and its advancements, as those who fail to adapt risk being outpaced by their competitors. Chaillan will also address the concerns surrounding the negative aspects of GPT, highlighting how these issues are being rapidly addressed and should not deter organizations from harnessing the technology's full potential. Join Nic Chaillan as he unveils the future of AI-driven solutions and shares insights on how to stay ahead in the rapidly evolving world of GPT.

Embrace the Generative AI Wave or Be Left Behind

This presentation delves into the transformative power of AI in the cloud and its wide-ranging implications. It begins by introducing generative AI tools, such as autoregressive models like ChatGPT and AutoGPT, and the concept of BabyAGI. We then examine how AI automation streamlines routine tasks and enables data analysis at scale, leading to improved user experiences and the emergence of new services and business models. 

Furthermore, we discuss the crucial aspect of enhanced security and the potential risks posed by AI attacks. To counter these threats, we explore the evolving field of AI defenses. Amidst these advancements, we emphasize the importance of the human element in shaping AI systems. Lastly, we peer into the future, discussing different types of AI and the potential of self-aware AI.

Harnessing Artificial Intelligence in Cloud Security

In this talk, Cloud Security Alliance CEO Jim Reavis shares his thoughts around the viral adoption of AI solutions such as ChatGPT, how he anticipates malicious actors using it, how cybersecurity will be transformed by it and what is truly different, necessitating innovations in best practices. Jim will outline recommendations for an industry call to action to tame and leverage Generative AI to benefit all.

Generative AI: the Next Frontier for Cybersecurity and the Cloud

A well-defined cyber risk appetite is foundational to building any firm's information security program in alignment with a firm’s business objectives and values. Yet guidance on what makes a cyber risk appetite effective--especially for firms that will significantly rely on cloud platforms--is arguably lacking, including standards for establishing risk appetite compliance thresholds from KPIs, KRIs, and KCIs. This talk will share current and forthcoming guidance and practices for developing a cyber risk appetite pertinent for firms that will rely on secure critical cloud-based operations.

Bon Appetite: Determining Cyber Risk Appetite Pertinent to Cloud Computing

Cyber Security

Information Security

Cloud Security

Cloud

Financial Services

Risk Management

Risk Assessment

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Bon Appetite: Determining Cyber Risk Appetite Pertinent to Cloud Computing

Presented by

About this talk

More from this channel