Name: The Cloud Trust Paradox: Trusting Cloud Computing More Requires Trusting it Less
Start: 2020-12-09T18:00:00Z
End: 2020-12-09T18:00:58.000Z
Location: BrightTALK
Rating: 5

The Fortanix Data Security Expert webinar channel contains educational content related to data security topics including encryption, key management, tokenization, secure devops, and confidential computing.

Financial services need to constantly innovate to compete and grow, while simultaneously facing an increasingly hostile cyber environment and an ever-stringent regulatory regime such as the recent announcement of DORA in addition to other mandated compliance. 

Join Dr Richard Searle and Rob Stubbs as they explain how Confidential Computing holds the key to unlocking innovative new financial solutions based on AI, multi-party analytics and web 3.0, underpinned by game-changing security technology, to protect privacy and ensure compliance.

Confidential Computing in Finance -Bridge Innovation, CyberSecurity & Regulation

Unlock data portability and win with Zero Trust through Fortanix tokenization. Learn how to secure your assets through this free webinar. Watch now.

Tokenization: Make data portable and win at zero trust

Are you confident that all your sensitive data is protected everywhere? Are you meeting data privacy and compliance obligations? Can you enforce least privilege access both now and in a post-quantum era? How well you protect customers’ sensitive data shapes your business and reputation and is a common priority for data, security, and business leaders. Despite companies taking traditional security measures, data breaches continue to result in unwanted headlines and millions in damages. 

At Fortanix, we have a new approach that protects your data at rest, in motion, or moving from application to application. Register now for the must-attend event of the summer and learn how you can unify crypto and security operations, enforce governance and compliance, and manage data masking and tokenization at scale with industry-first SaaS data security and privacy platform, powered by Confidential Computing.

So, grab your seat, don’t forget your mask, and get ready to transform your data security and privacy operation.

At the event you will:
- Hear from Fortanix and our Partners on how to keep data private, wherever it is
- Catch a live demo
- Have the opportunity to ask questions

Fortanix Mask-arade

Digitally signing code is critical to the software development process to validate the integrity of the code and authenticity of the software. However, lax code signing processes and the mishandling of certificates and private keys has led to many high-profile software supply chain vulnerabilities and attacks.
 
To address this, new code signing requirements from the CA/Browser Forum went into effect on June 1, 2023. This major change now requires the use of FIPS 140-2 Level 2 or Common Criteria EAL 4+ hardware security modules (HSMs) or tokens to store and protect private keys associated with all publicly trusted code signing certificates.
 
While this change is initially disruptive, it can also be used to modernize and improve your code signing process. By implementing a SaaS code signing solution backed by a compliant cloud-based HSM, you can seamlessly integrate secure and compliant code signing into your CI/CD pipeline.  
 
Join experts from AppViewX and Fortanix as we discuss this change, the impact to you and an integrated cloud signing and HSM solution you can deploy today. 
Here’s what you’ll learn by attending:
 - Instant SaaS deployment and rapid time to value
 - Fully compliant HSM and secure code signing process
 - Seamless integration with CI/CD pipeline to boost performance
 - Accelerate agile and secure software development

Accelerating DevOps with Secure Code Signing and Key Storage in the Cloud

Due to the bearer nature of tokens, Web3 businesses have unique security requirements. Once you lose control of a token, there is no point in trying to recover it. Secure wallet seed and key management practices are crucial for Web3 businesses. Not only should wallet seeds and keys be created and used securely, but quorum-based access control over wallets is necessary.  

Join our speakers, Shashi Kiran, Chief Marketing Officer - Fortanix, Pralhad Deshpande, Senior Solutions Architect - Fortanix, Faisal Faruqui, VP Solutions Engineering - Fortanix, and Jaydeep Korde, Co-founder and CEO – Launchnodes, as they discuss enterprise-grade confidential computing powered next-gen security infrastructure for Web3. This infrastructure provides strong protection against insider and outsider threats by not only protecting secrets but also critical business logic that interacts with the secrets.

Next-Gen Security Infrastructure for Web3

Multi-cloud and hybrid environments have become the gold standard for business agility globally - and the banking & finance sector is no exception. However, when it comes to data security the space is still nascent with rapidly evolving security standards and architectural patterns.  

Bottomline - The traditional perimeter-based security as we know it is not adequate in the new cloud-world order.

The complexities around global and regional compliance combined with the bid to secure and process sensitive client data create a complex setup that’s often prone to data blindspots that are easy to exploit. The need of the hour commands Data to be the focal point of security initiatives and not fluctuating environments.

Join our experts, Rob Soh, Sales Engineering, Abhinav Nagpal, Regional Sales Manager, APAC and Aroop Menon, Product Marketing as they walk you through the nitty-gritty of how the Banking & Financial Services sector can enable pervasive, scalable, and dynamic security across clouds with Fortanix.

We will discuss:

- Cloud migration and its impact on data security and compliance within Banking
- The resulting security challenges- Why the traditional data security framework may not be adequate?
- What's required - The must-have data security capabilities for Banking
- How has Fortanix supported Banking organizations on their cloud migration journey?

Secure Your Cloud Data Without Breaking The Bank

In today’s fast-moving world where everything is connected, a company’s data has become a highly precious commodity that is critically important to ensuring a company’s future success.  The threat of losing your company’s data, or even the risk of losing access can cause Security Professionals concerns about how they can best safeguard their organization's sensitive data and reputation.

Imperva and Fortanix have joined forces to offer the best of both worlds, from identifying where your sensitive data resides, classifying all data to determine the most critical data, through to encryption for data throughout its lifecycle: ‘at-rest’, ‘in-transit’ and ‘in-use’. The challenge however is how to do that at scale, ensuring that all data held in disparate locations and in various states are catered for.

Join our Security Subject Matter Experts as they discuss:
• How to protect sensitive data-at-scale, 
• Explore the potential pitfalls and how to be assured that your data is in safe hands. 
• How to satisfy all the regulatory requirements and data privacy laws.

Protecting Sensitive Data at Scale with Imperva and Fortanix

With the increased proliferation of privacy regulations and compliance requirements, Tokenization has become a critical security mechanism to secure data within healthcare databases, payment cards, mobile wallets and SaaS applications. Tokenization can also be combined with data encryption to provide an additional layer of security that protects against insiders having access to decrypted sensitive data. 

Regulated industries like Banking, Healthcare etc. deal with vast volumes of digital data, which now more easily flow across regional or national boundaries. Security teams and developers face the challenge of balancing the fluid data flows with strict privacy and security regulations in these industries like GDPR, Schrems, SOX, HIPAA etc. And most regulations have come out with clear specifications for safeguarding Personally Identifiable Information using Tokenization. Organizations can use tokenization to solve several loopholes within their security apparatus and have better risk management in place.

Join our speakers Divya Mehra, Senior Director, Product Management, Fortanix and Aroop Menon, Principal PMM, Fortanix, as they explain how organizations can adopt Tokenization to secure PII. They will also delve into the industry-first data-centric architecture offered by Fortanix to secure data, wherever it resides.

This webinar will give you insights into:
- Cybersecurity and data privacy challenges
- Why Tokenization could be the gamechanger for securing PII
- What's required while evaluating a Tokenization solution? 
- Overview of Fortanix Tokenization solution

Securing Personally Identifiable Information With A Data-Centric Architecture

The Securities and Exchange Board of India (SEBI) announced a new framework for the Adoption of Cloud Services by SEBI Regulated Entities (REs) on Mar 6, 2023. The new framework requires regulated entities to:

- Compulsorily use Hardware Security Modules (HSM) and Key Management Systems (KMS) to store encryption keys and to secure cloud data effectively
- Ensure "In-USE" data protection by implementing encryption in use
- Retain control of Keys when using cloud services with either Bring-Your-Own-Key (BYOK) or Bring-Your-Own-Encryption (BYOE) approaches

Join Fortanix experts Ted Hendriks, Head of Sales Engineering, Ganesh Prasad, Head of Sales Engineering, Imperva, India, and Aroop Menon, Product Marketing, as they provide an educational overview of the SEBI framework, what it mandates, and why it's critical for entities moving to the cloud. You will also learn how Fortanix can help meet the SEBI mandates with its Confidential Computing powered unified data security platform.

The Securities and Exchange Board of India Framework for Cloud Services Adoption

The changing dynamics of the data security and threat landscape has made certificate and key lifecycle management more complex and notably harder to keep track of.  There are multiple certificates for different operations, often unique to each device and with varying lifecycles.  Then there are passwords, tokens, secret tokens, digital certificates, cryptographic keys, machine identities and a myriad of other IAM credentials to be managed and secured. 

When these variables are scaled across a global enterprise, certificate management becomes a nightmare for IT Professionals —often susceptible to expiration, revocation, or mismanagement when managed manually.

Join this webinar and live demo to:
• Discover how to simplify operations through automating certificate renewal and provisioning across all devices and workloads in hybrid and multi-cloud environments.
• Explore how to protect Private Keys, from key generation and storage through to management, using FIPS 140-2 Level 3 certified Fortanix HSM on-prem or in the cloud.
• See how to integrate EJBCA with Fortanix Data Security Manager (DSM) in a live demo.

Key Management requirements for PKI deployments

AWS brings a lot of innovations, including a Key Management System (KMS) to keep track of your cryptographic operations. However, many organizations hold back on migrating workloads to AWS because they need more control of their keys to satisfy the many regulatory and privacy requirements that exist in the Asia Pacific region today.

These regulations require organizations to ensure PII data from its citizens remain within its borders. To achieve this, data must be protected using state-of-the-art encryption, and the encryption keys must be in the sole custody of the data importer.

Fortanix functions as an AWS external key store to enable organizations to move sensitive data to the cloud with the highest level of security and control for their keys.

Join our speakers Anand Kashyap, CEO, Fortanix and Gerry Sillars, VP, Sales - APAC, Fortanix, as they discuss how AWS KMS External Key Store (XKS) helps elevate data privacy, sovereignty, and compliance in the cloud. We are also joined by Meg Peddada from AWS. Meg is a senior security consultant working for AWS Professional Service practice, focusing on security, risk and compliance.

This webinar will give you insights into:

- Data protection + compliance concerns: What does GDPR and other APAC-specific regulations demand
- Security framework in the cloud to meet the complex compliances – Separating keys from data
- AWS and Fortanix: A perfect combination to secure your data in the cloud.

AWS + Fortanix: Elevate Data Security and Privacy with Cloud External Key Store

Multi-cloud and hybrid environments have become the gold standard for business agility globally - and the banking & finance sector is no exception. However, when it comes to data security the space is still nascent with rapidly evolving security standards and architectural patterns.  

Bottomline - The traditional perimeter-based security as we know it is not adequate in the new cloud-world order.

The complexities around global and regional compliance combined with the bid to secure and process sensitive client data create a complex setup that’s often prone to data blindspots that are easy to exploit. The need of the hour commands Data to be the focal point of security initiatives and not fluctuating environments.

Join our experts, Faisal Faruqui (VP, Engineering) and Sander Temme (Senior Director, Product Management) as they walk you through the nitty-gritty of how the Banking & Financial Services sector can enable pervasive, scalable, and dynamic security across clouds with Fortanix.

We will discuss:

Cloud migration and its impact on data security and compliance within Banking
The resulting security challenges- Why the traditional data security framework may not be adequate?
What's required - The must-have data security capabilities for Banking
How has Fortanix supported Banking organizations on their cloud migration journey?

Secure Cloud Data Without Breaking The Bank

Regulations like the Schrems II ruling and the GDPR require organizations to ensure PII data from citizens in the European Economic Area (EEA) remains within these borders. This data must be protected using state-of-the-art encryption, and the encryption keys must be in the sole custody of the data importer.

By using a centralized, external key store, customers get full custody of their keys with complete control over the data encryption policies on AWS or other cloud providers.

Join our speakers Hildegard von Waldenfels, Regional Sales Manager Central Europe, Fortanix and Wolfgang Joppich, Senior Solutions Architect, Fortanix, as they discuss how AWS KMS External Key Store (XKS) helps elevate data privacy, sovereignty, and compliance in the cloud. We will also be joined by Patrick Palmer, Senior Security Specialist with AWS, as he explains why organizations should leverage this groundbreaking security innovation.

Join us for the practical demonstration of Fortanix integration with AWS S3 buckets and witness how the misuse of keys can be prevented by applying multi-control and role-based access control (RBAC) systems.

This webinar will give you insights into:

- Data protection + compliance concerns: What does GDPR and Schrems II demand?
- Security framework in the cloud to meet the complex compliances – Separating keys from data
- AWS and Fortanix: A perfect combination to secure your data in the cloud
- Learn how to create an AWS external key store and connect it to Fortanix DSM
- Learn how Fortanix DSM can manage keys for AWS cloud services through XKS

AWS & Fortanix: Supporting Digital Sovereignty in the Cloud

Businesses across industries are eager to harness value from their internal as well as external data ecosystems (public and private). Myriad of security, privacy, sovereignty and intellectual property constraints related to sensitive data have hampered that ambition. Learn more about how to address these challenges and pivot to optimization, innovation, and growth.

Join the webinar to explore how data collaboration can present opportunities for cost-saving and to grow your business, with industry examples of how it is being used today.

During this webinar, we will cover:
• Perspective and Insights on the challenge, approach and value of Confidential Data Collaboration
• Introduction to Confidential Computing
• Case studies in Financial Services, Healthcare and Government
• How you can get hands-on experience with this technology, use cases and access to experts

The webinar will be led by industry experts including:
• Parviz Peiravi, Global CTO/Principal Engineer, Financial Services Industry Solutions, Intel
• Harsh W. Sharma, Data-AI Business Growth Leader, Microsoft Industry Solutions
• Richard Searle, Vice President of Confidential Computing, Fortanix
• John Bottega, Moderator, President, EDM Council

Confidential Data Collaboration: Burden or Opportunity for Growth?

The Biden Administration’s Executive Order and Mandate(s) emphasize cybersecurity as a national priority and lays out new requirements. Wondering how your Department or Agency will meet these time-sensitive requirements?

Join Steve Grewal, CTG Federal’s CTO (and former CIO/CTO/CISO at GSA, ED, HHS, and DOT), and Steve Foley, Fortanix’s Federal Director for an exclusive session.

What you will learn:

- How data security has evolved and the challenge of managing encryption keys and certificates no matter where your data lives
- How Federal Departments and Agencies with On-Prem, Hybrid, and/or Cloud deployments are utilizing Fortanix to consolidate administrative tasks onto one easy platform
- The most critical capabilities to look for when evaluating a key management system
- Why you should remove your keys from the data
- Importance of securing your encryption keys
- Meeting Federal data privacy and compliance requirements (EO14028) in cloud and hybrid infrastructures
- How to centrally manage your cloud keys (AWS, Azure, GCP)

Best Practices for Securing Federal Data in Hybrid/Multi-Cloud Environments

While the GDPR and Schrems II mandates accelerated the need for external key management solutions in Europe, it is clear that these needs are expanding to become global requirements. Other countries and even states are jumping into the fray with clear specifications for safeguarding Personally Identifiable Information (PII). For example, Schrems-II doesn’t allow keys that provide access to the encrypted data, to be hosted outside of the European Economic Area (EEA). Privacy and compliance are calling the shots on the data protection lifecycle.

By using a centralized, external key store, customers get full custody of their keys with complete control over the data encryption policies on AWS or other cloud providers.

Join our host Shashi Kiran, CMO at Fortanix, and our speakers Jeremy Stieglitz, Principal PM, Cryptography, AWS, and Anand Kashyap, CEO & Co-founder, Fortanix, as they discuss how AWS KMS External Key Store (XKS) helps elevate data privacy, sovereignty and compliance in the cloud. Join us as we discuss best practices to secure sensitive data and meet compliance in the cloud.

What you will learn:

- Data protection + compliance concerns: What are we hearing from customers?
- Security framework in the cloud to meet the complex compliances – Separating keys from data
- AWS and Fortanix: Better Together
- Learn how our customers are meeting compliance challenges with Fortanix DSM for AWS KMS Extended Key Store

AWS + Fortanix: New Innovations to Accelerate Cloud Adoption

The Australian companies and government were rattled by a massive privacy breach earlier this year that exposed about 10 million customer records—almost half the Australian population.

At least eight other companies in the region have reported breaches since then.

Such incidents beg the critical question - How do Australian and New Zealand enterprises handle data and privacy, and what more can be done?

While governments are already stepping up their regulatory compliance reforms, the recent events had them push the pedal to the metal and respond quickly with new compliance requirements for organizations to adhere to.

Amid this raft of new regulatory requirements, the risk of a compliance breach can be magnified. Is your business ready for it?

Join Gerry Sillars, VP APAC, and Nils Westman, Senior Sales Engineer, as they team up to give you an overview of the ANZ data security and privacy landscape and walk you through the security and compliance best practices adopted by leading businesses globally.

You will learn more about:

- The ongoing threat landscape in Australia & New Zealand
- The role of regional compliance
- Where businesses lag behind
- How Fortanix can help

Defending Data Breaches in ANZ - Lessons from the Front Lines

Organizations of all sizes and across industries are on a digitization spree, globally. “Cloud first” has become the mantra, and perhaps the most strategic initiative in today’s IT environment, with more than two-thirds of businesses leveraging cloud services in one way or another. Also, of the petabytes of data coursing through public clouds, almost 71% is considered "sensitive," and governed by privacy regulations, according to a recent report by KPMG.

Protection of sensitive data with encryption and separating the encrypted data from the keys is a very important security best practice. With this in mind, Google has partnered with Fortanix to deliver “External Key Management” to help organizations leverage the full power of trusted, cloud-native collaboration – while ensuring full control over their data.

Join Sunil Potti, SVP, Google Cloud, and Ambuj Kumar, CEO & Co-founder, Fortanix, as they discuss how External Key Manager (EKM) can help elevate data privacy, sovereignty, and compliance in the cloud. Also joining the conversation will be Raj Jagesar, Project Lead, University of Groningen, one of our marquee customers, who will share best practices to secure sensitive data and meet compliance in the cloud.

What you will learn:

- Data protection + compliance concerns: What are we hearing from customers?
- Security framework in the cloud to meet complex compliances – Separating keys from data
- Google and Fortanix: Better Together
- Learn how our customers are meeting compliance challenges with Cloud EKM

Elevate Data Security, Sovereignty, and Privacy in Google Cloud with EKM

Today the very concept of “using public cloud” is inseparably connected to “trusting your cloud provider.” While many have taken that leap of faith, there are important workloads that organizations and regulatory bodies are reluctant to move to the cloud because they can’t verifiably prevent the cloud provider from getting access to their data. 

What if you could move data to the cloud without your cloud provider having access to the data or the encryption keys?

Google Cloud Platform (GCP) is the first public cloud to announce the availability of External Key Manager (EKM) with early adopter PayPal, using Fortanix to store and manage encryption keys off-cloud for data encrypted in GCP. One year later, this webinar will examine how customers are using GCP EKM and Fortanix to move sensitive data in financial services, healthcare, and government onto the public cloud, while ensuring that the organization maintains control of the encryption keys and data at all times. 

In this webinar, you will learn about:
- Real-world use cases where customers are using external key management to solve data security challenges
- A cloud data security control model for understanding the differences and trade-offs between public cloud data security options. 
- Using virtual data sovereignty to solve regional data residency requirements
- Compliance interpretations that require or encourage External Key Management 
- How to implement centralized key management for multicloud data security

The Cloud Trust Paradox: Trusting Cloud Computing More Requires Trusting it Less

multicloud

Key Management

Cloud Security

Public Cloud

External Key Management

multicloud data security

Google Cloud Platform

google cloud

Data Encryption

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Cloud Trust Paradox: Trusting Cloud Computing More Requires Trusting it Less

Presented by

About this talk

More from this channel