Hi [[ session.user.profile.firstName ]]

Securing Cloud Access with Continuous Access Evaluation Protocol (CAEP)

Seamless authentication and continuous access to online resources has been an elusive target. While many have tried, few have been able to achieve it. The ones who claim success have built it on proprietary protocols and niche implementations that only address a small spectrum of digital security industry. In this talk we describe Continuous Access and Evaluation Protocol (CAEP), a new approach to cybersecurity using a user’s complete online footprint collected through a collaborative exchange of events and signals between multiple parties. CAEP was started by Google, and now has support of many key players in identity and security industry including Microsoft, Cisco, SailPoint, Amazon, Ping and Thales. We will explain how CAEP can help deliver Zero Trust by providing signals and events as input to machine learning capabilities, and thereby address current challenges around continuous access to online resources.
Recorded Sep 24 2020 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Asad Ali, Senior Technologist, Thales; Atul Tulshibagwale, Software Eng., Google; Haider Iqbal, Dir. of Biz Dev, Thales
Presentation preview: Securing Cloud Access with Continuous Access Evaluation Protocol (CAEP)
  • Channel
  • Channel profile
  • A Single Platform to rule them all - Control your data, encryption and keys Jul 20 2021 10:00 am UTC 60 mins
    Axel Debray - Cyber Security Specialist, Thales UKI
    Encryption has shown to be one of the strongest solutions to support most organisations' data protection strategy. However, the growing number of data encryption tools (and respective key managers) for on-premises and cloud systems, increases complexity and reduces visibility. Ultimately resulting in unexpected costs and security risks.

    Join Axel Debrary to discover:
    • How you can centrally manage all your encryption keys from a single pane of glass and simplify auditing
    • How CipherTrust Manager can help you gain full control and visibility over your encryption keys
    • How CipherTrust Manager delivers enterprise-grade key management and encryption for leading software and hardware vendors solutions
    • The added benefits of a unified data security platform to reduce cost and minimise risk
  • Mission Possible - Luna 7 HSMs land to deliver the way forward Jun 15 2021 10:00 am UTC 60 mins
    Manoj Bhati - Cyber Security Specialist, Thales
    The Thales Luna 5/6 HSMs are going end of life in Sept 2022 and as such we have released the latest version of Luna HSM's i.e. Luna 7 Network HSM's. These HSM’s are not only faster than their predecessors but are packed with additional features to provide a more efficient offering and are also the HSM’s that we have submitted for FIPS 140-3 certifications.

    There are different ways to upgrade your legacy Luna HSM’s to the latest ones. Join the session to learn more about the FIPS roadmap and explore the different ways to upgrade to the latest HSM.
  • Securely run critical workloads in the Cloud with Microsoft, Dell and Thales May 19 2021 3:00 am UTC 60 mins
    • David Siroky, Dell APJ • Jay Doyle, Microsoft • Trichy (Prem) Premkumar, Dell APJ • Brian Grant, Thales CPL
    Organisations who rely on SAP, Oracle and other critical workloads want to leverage the benefits of operating in the Cloud, with optimal performance, resilience and security. Join Microsoft, Dell and Thales as we share with you how Enterprises can leverage the integrated capabilities of Microsoft Azure, Dell Data Protection and Thales CipherTrust Data Security to achieve the best possible solution for mission-critical workloads.

    • Microsoft will share how Azure is the perfect high performance cloud platform on which to run your critical workloads
    • Dell will explain how to build a highly resilient, yet efficient, backup for critical Azure data with Dell Data Protection
    • Thales will show how to easily embed enterprise-wide data security into Azure and Dell to achieve security and compliance
  • Trends, Technologies and Challenges of Payments Industry May 18 2021 10:00 am UTC 60 mins
    Simon Keates, Head of Payment Strategy and Radovan Bruncak, CyberSecurity Specialist
    The payments industry is undergoing intense transformation caused by customer demands, technology advancements, globalisation, disintermediation by new entrants, and increasing regulatory requirements. On top of this, fraud by cyber criminals continues to evolve with attacks becoming increasingly sophisticated.

    Join this webinar where will discuss evolving trends, technologies and regulations affecting the payments industry and how Thales can help meet these challenges.
  • Own your Own Risks - Modern Manufacturers on-prem security journey to the Cloud May 12 2021 9:00 am UTC 60 mins
    Paul Hampton, Cyber Security Specialist, Thales and Tomas Gustavsson, CTO, PrimeKey
    Primekey will showcase how adopting Thales technology can help manufacturing organisations meet industrial-specific regulations, ensure business continuity for their services, scale their businesses and remain flexible to market conditions. Multiple factors can influence the decisions on which security infrastructure to implement and we will explore the options and benefits available.

    Learn how:
    • a flexible implementation of PKI can support both “silos” and “centralized” models.
    • a hybrid approach can offer the robust security of on-prem with the scalability and coverage benefits afforded by the cloud
    • to achieve greater control and flexibility with a unified interface for on-prem and cloud-accessible HSMs
  • Bring Your Own Encryption Strategies for a Multicloud World May 5 2021 12:00 pm UTC 60 mins
    Eric Wolff, Data Protection Product Marketing
    Are companies prepared to protect their sensitive data in the cloud? According to Thales Data Threat Report 2020 Global Edition 50% of all corporate data is store in the cloud and 48% of is sensitive data.

    This informative webinar will cover:

    Latest Cloud Security trends 
    Who is responsible of the data
    The approaches for taking responsibility and control of the data
    The advantages of BYOE
  • Jak szybko i sprawnie zaimplementować idee BYOK w chmurze MS Azure Apr 28 2021 9:00 am UTC 45 mins
    Jarosław Ulczok, CEE Pre-Sales Consultant w firmie Thales
    Gwałtowny wzrost wykorzystania usług w chmurze i ilość wrażliwych danych przechowywanych w chmurze stwarza nowe ryzyka i zagrożenia, z którymi organizacje nigdy wcześniej nie musiały się zmierzyć.
    Cloud Security Alliance i analitycy branżowi twierdzą, że klucze szyfrujące powinny być przechowywane przez klientów, co to oznacza? Jak łatwo zarządzać cyklem życia klucza i jak łatwo zaimplementować idee BYOK?

    W tym webinarze Jarosław Ulczok opowie o odpowiedzialności jaka spoczywa na właścicielu danych wrażliwych przechowywanych w chmurze oraz o sposobie na trzymanie kontroli nad kluczami szyfrującymi.
  • Nejčastější příčina kybernetických útoků a jak jim předcházet Apr 28 2021 8:00 am UTC 45 mins
    Petr Kunstat, CEE Presales Consultant ve společnosti Thales
    Co nám hrozí, pokud nám někdo zcizí uživatelské heslo neboli přístup k uživatelské identitě? V soukromém prostoru nejčastěji hrozí, že například náš facebookový profil bude zaplaven sprškou inzertních “postů” nebo útočník osloví přátele pod naší identitou se snahou získat profit nebo nás kompromitovat. Ve firemním prostředí jde ale o víc! Mluvíme o ztrátě kredibility společnosti, případně o přímé finanční ztrátě nebo finančním postihu.

    Nejsnazším způsobem získání cizí identity je Phishing - získání důvěry přes sociální sítě nebo přes email, případně Lazy Phishing, který podvrhne logovací “okno” nebo DeepFake, který umožní útočníkovi vydávat se za někoho jiného. Způsoby útoků bývají různorodé.

    Připojte se na náš webinář, kde Vám představíme, jak těmto útokům předcházet a zabránit a jaké jsou možnosti řešení. Představíme si trendy v oblasti IAM a ukážeme si některé use casy naživo.

    Agenda :
    • Identity and Access management
    • Safanet Trusted Access
    • Demo
    • Q&A
  • So schaffen Sie Sicherheit für Ihre Digitalisierungsprojekte Apr 22 2021 9:00 am UTC 60 mins
    Armin Simon, Regional Sales Director Germany, Thales
    Digitalisierungs-Initiativen und Cloud-Nutzung gehen in Unternehmen Hand in Hand. Grundvoraussetzungen für eine erfolgreiche Umsetzung digitaler Initiativen sind dabei Vertrauen in den Service, Unabhängigkeit von den jeweiligen Cloud-Anbietern und natürlich die Einhaltung gesetzlicher Datenschutz-Vorgaben. Allerdings zeigt das EuGH-Urteil Schrems II auch Grenzen und Risiken der Cloud-Adaption in Verbindung mit den großen Anbietern auf.

    Die Praxis zeigt, dass gesetzliche Vorgaben sowohl Cloud-Anbieter als auch deren Kunden schnell in datenschutzrechtliche Zwickmühlen bringen können. Betroffen von möglichen Sanktionen sind dabei nicht nur große, global agierende, sondern durchaus auch mittelständische Unternehmen.

    Der Europäische Datenschutzausschuss (EDSA) empfiehlt Unternehmen die Verschlüsselung der Daten in Verbindung mit der vollständigen Kontrolle über die Schlüssel. Mit den zukunftsorientierten Verschlüsselungslösungen von Thales können sie diesen Herausforderungen in verschiedensten Cloud-Plattformen begegnen und Risiken aktiv entgegenwirken.

    Armin Simon behandelt unter anderem die folgenden Themen:
    • Die zentralen Security-Herausforderungen der digitalen Transformation
    • Die Auswirkungen von Schrems II
    • Welchen Schutz bieten die Cloud-Service-Provider?
    • Verschlüsselung als strategische Entscheidung
    • Lösungsbeispiel: Deutsche Bahn
  • Moderní způsob ochrany citlivých dat pomocí HSM a Double Key Encryption Apr 22 2021 8:00 am UTC 45 mins
    Petr Kunstat, CEE Presales Consultant ve společnosti Thales
    Ochrana citlivých dat pomocí šifrování závisí nejvíce na způsobu ochrany tohoto klíče. Nejbezpečnější metodou je samotný klíč generovat a ukládat v tzv. HSM - Hardware security modulu. Takový klíč nikdy neopustí HSM, všechny šifrovací operace se provádějí v HSM a navíc je samotné HSM chráněno proti útokům – tamper protection.
    Pokud se citlivá data spravují lokálně, může být proces šifrování integrován s HSM jednoduše a bezpečně. Pokud chceme chránit data v cloudu např. v MS Azuru, nabízí se šifrování pomocí klíčů generovaných v Key Vaults. Zde ale zákazník nemá plnou kontrolu nad klíči. Řešením je DKE – Double Key Encryption, který oba přístupy šifrování kombinuje a poskytuje jistotu, že se k šifrovaným datům nedostane nikdo, kdo nemá přístup k lokálnímu HSM.

    Připojte se na náš webinář a dozvíte se, jak šifrování pomocí HSM funguje. Představíme si nejčastější use casy a podíváme se na Thales řešení pro Double Key Encryption.


    • Šifrování dat
    • Potrebuji HSM nebo Enterprise Key Management
    • Řešení Double Key Encryption
    • Demo
    • Q&A
  • Schrems II and the Security of International Data Flows Apr 21 2021 2:00 pm UTC 60 mins
    Rob Elliss, VP EMEA, Thales; Enza Iannopollo, Senior Analyst, Forrester; Arjen Slim, Managing Director, Security, Accenture
    In July of 2020 the Court of Justice of the European Union issued the Schrems II decision in the case Data Protection Commission v. Facebook Ireland. That decision invalidated the EU-U.S. Privacy Shield Framework, on which more than 5,000 U.S. companies rely to conduct transatlantic data flows in compliance with EU data protection rules. The Schrems II decision not only impacts EU-U.S. data transfers, but also affects data transfers of EU data across the world. However, the level of the impact depends on the geography and the strategic privacy planning they have done to maintain compliance with GDPR.

    In this webinar, panelists from Accenture, Forrester and Thales will discuss data transfers in a post-Schrems II and post-Brexit era and examine how the current rules and regulations for securing information and maintaining privacy will impact organizations that rely on global access to data. The panelists will address the organizational and technical measures organizations can adopt, including encryption and key management, to ensure GDPR level compliance for data moved out of the EU. In addition, this webinar will discuss how the work and lifestyle changes brought about by COVID-19 will affect the regulations that organizations need to plan for.
  • How to Build End-to-End IoT Device Security at Scale Apr 21 2021 1:00 pm UTC 45 mins
    Ted Shorter (CTO), Ellen Boehm (VP, IoT Strategy), Kim Bybjerg (VP at Tata Communications), Paul Hampton (Sr. Product Mgr.)
    Connected things include a variety of IoT endpoint devices across several critical infrastructure segments, including utilities, automotive, healthcare, retail, and building automation. Complex manufacturing supply chains make it difficult to build electronic devices that can be trusted – forcing security to be bolted on as a feature rather than being a critical element designed at the start of a product’s lifecycle.

    By adopting a Zero Trust approach, IoT manufacturers can ensure device trustworthiness and security at scale through their product's end-to-end lifecycle.

    In this panel with device security experts, discussion topics will include:

    -How businesses can gain a competitive advantage by embedding security in the devices they manufacture
    -Regulations relating to IoT security that manufacturers should be aware of
    -Where secure crypto fits into the product design and lifecycle process
    -Common IoT device security challenges that require a zero trust manufacturing approach

    Device security experts in this panel include:

    -Ted Shorter, Co-Founder & CTO at Keyfactor
    -Ellen Boehm, VP of IoT Strategy and Operations at Keyfactor
    -Kim Bybjerg, VP/Head of Continental Europe at Tata Communications & Chairman of IMC (IoT M2M Coucil)
    -Paul Hampton, Senior Product Manager, Thales
  • Uwierzytelnianie bezhasłowe – rozwiązanie czy proces? Apr 21 2021 9:00 am UTC 45 mins
    Jarosław Ulczok, CEE Pre-Sales Consultant w firmie Thales
    Sposoby uwierzytelniania użytkowników, ich dostępu do aplikacji i systemów stanowią zasadniczą warstwę obrony w strategii bezpieczeństwa firmy.
    Mobilność pracowników, praca zdalna spowodowana pandemią i nowe sposoby kradzieży danych wymuszają powszechne stosowanie silniejszych, zaawansowanych metod uwierzytelniania. Metody bezhasłowe (passwordless) wydają się w tym kontekście bezpieczniejsze i pożądane.

    Podczas seminarium omówimy jak zmodernizować system uwierzytelniania w przedsiębiorstwie o metody bezhasłowe.
  • Data embarking beyond your secure control (Data in Motion Survey) Apr 20 2021 10:00 am UTC 60 mins
    Axel Debray - Cyber Security Specialist, Thales UKI
    Only 54% of enterprises feel confident their network security will protect them against cyber threats.
    As organisations of all sizes continue to adopt connected technologies in support of Cloud Services, Mobility, CCTV, BYOD and Business Continuity; their increased network traffic expose them to increased data in motion security risks.

    Thales has commissioned a global survey of IT and Cyber Security decision-makers and the findings are in. It highlights serious concerns about the security of data in transit across enterprise networks. Security vulnerabilities issues such as, emerging technologies and cyber-threats; the impact of legacy approaches to encrypting data in motion on business systems’ performance should be evaluated and acted upon immediately by organisations

    Join our Cyber Security Specialist as we reveal the survey findings. Assess where your organisation ranks amongst these findings. Learn:

    - How to take a more modernised approach to network encryption
    - Why legacy approaches are not fit for our modern networks
    - The advantages of a purpose built encryption solution for data in transit
    - How separation of duties and policy-based management can support full data sovereignty
    - Quantum readiness with Quantum Key Distribution (QKD)
  • Why Is Double Key Encryption Essential to Protect Sensitive Data? Let's Find Out Apr 20 2021 8:00 am UTC 60 mins
    Ignacio Berrozpe, Cyber Security Specialist and Senior Engineering Consultant, Thales
    A best practice for organisations focused on protecting sensitive data and adhering to compliance is to maintain control and own the keys used to encrypt sensitive data in all applications.

    This is especially true for organisations looking to embrace online collaboration solutions like Microsoft 365 while working remotely, or that operate in highly regulated industries such as financial services, governments and healthcare and their sensitive data requires the highest level of control and security.

    Join Ignacio Berrozpe, Cyber Securit Specialist and Senior Engineering Consultant to hear how Thales is helping enterprises protect sensitive data. During the session Ignacio will discuss:
    • What exactly is Microsoft Double Key Encryption (DKE)?
    • How does DKE help your Encryption Strategy?
    • How to gain enhanced control and security over sensitive data in Microsoft Azure with Luna HSMs
    • Best practice guidance for enterprises looking to adopt DKE
  • Protecting Cross-Border Data Flows with Quantum-Safe Security Recorded: Apr 15 2021 62 mins
    Stan Mesceda, Senior Product Manager, Thales and Eric Hay, Director of Field Engineering, Quantum Xchange
    Multinational organizations face difficult and unique compliance challenges to successfully meet the ongoing waves of government regulations for data privacy and security. The most sweeping and aggressive regulation, the European Union’s General Data Protection Regulation (GDPR), went into full force in May 2018. Things get even more complicated with the July 2020 Schrems II decision from the EU’s top court that the EU-U.S. Privacy Shield was unlawful.

    These new restrictions have many companies looking into more advanced encryption methods – like post-quantum crypto and Quantum Key Distribution (QKD) – to ensure data transmissions across the Internet or network are protected, secure, and compliant with local laws and regulations now and for years to come.

    Data security experts from Thales and Quantum Xchange have come together to discuss how to create a dynamic, crypto-agile infrastructure for future-proofing the security of your data and communications networks.
  • Bringing Your Own Data Security to the Cloud Recorded: Apr 5 2021 20 mins
    Sol Cates, Principal Technologist, Thales; Garrett Bekker, Senior Research Analyst, 451 Research
    One of the core reasons organizations migrate to the cloud is its ability to simplify various operations and improve business agility – although this is often not the case for security. According to 451 Research’s latest Voice of the Enterprise: Cloud, Hosting & Managed Services, Workloads and Key Projects study, security remains the number one barrier to adoption of public cloud ahead of cost, reliability and performance. This webinar will discuss the advantages, both technical and operational, of bringing your own security to the cloud especially for sensitive workloads.
  • Where is my Data? Let’s find out... Recorded: Mar 23 2021 32 mins
    Axel Debray, Cyber Security Specialist, Thales
    The number 1 barrier to a successful data protection strategy is the ability to discover where sensitive data resides. Still over 60% companies are unable to analyze all the data they collect. Thales brought to the market the industry first Next Generation Solution: Data discovery, classification, and protection in a single, integrated Data Security Platform.

    This webinar will discuss one of the first steps to protect your data - find and know what your sensitive data is.

    Join Axel Debray, Cyber Security Specialist, Thales to learn:
    - What do Data Privacy regulations demand with implications on Data Security strategy
    - How can companies streamline the path to compliancy
    - Can you effectively discover both structured and unstructured data?
    - Gain visibility into data classification and risk analysis
    - What is next in the data security life cycle?
    - How can you Discover, Protect and Control with Thales CipherTrust Data Security Platform
  • Beyond Zero Trust: The Future of Continuous and Granular Access Recorded: Mar 18 2021 59 mins
    Asad Ali, Senior Technologist, CTO Office, Thales
    The concept of Zero Trust security is not new. The term itself was coined more than a decade ago at Forrester with a general premise that all network traffic should be considered untrusted. Over the years we have seen refinements to this idea by Google in their BeyondCorp publication, Gartner in their definition of CARTA framework, and to complete the circle by Forrester again in Zero Trust eXtended report that explained Zero Trust in the light of current cybersecurity challenges. One of these challenges is fine grained and continuous access to resources and data.

    This Talk will review the history of Zero Trust and then explore how Zero Trust applies to continuous authentication and access. We will discuss the historical trends that have shaped our authentication evolution, and then look at Continuous Access Evaluation Protocol (CAEP) a nascent but promising technology that can fundamentally change how we define and implement Zero Trust in web applications. The role of major players in this effort, such as Thales and Google will be explained.
  • Four steps to modernizing your IAM environment and moving to cloud-based AM Recorded: Mar 18 2021 40 mins
    Cas Liddle Senior Solution Architect Africa
    Before the onset of COVID-19, enterprises already had Identity Access Management (IAM) controls in place for company stakeholders working remotely. Enterprises secured applications and digital assets through Single Sign On (SSO), Virtual Private Networks (VPN) or Web Access Management (WAM). But this architecture was designed for only a small number of employees to work outside of company headquarters — with limited access to applications beyond the on-premises network perimeter. However, the pandemic forced enterprises to adapt quickly as most of the workforce shifted to working at home. This posed new challenges for IT teams and CIOs who had not planned on such a massive change.

    Join this webinar, Danna Bethlehem, Product Marketing Director for Authentication, will discuss why Access Management and Authentication is at the heart of enterprise security, how drives a Zero Trust architecture and creates synergies across IT modernisation programs.
Decisive Technology for Decisive Moments
Today’s enterprises depend on the cloud, data and software in order to make decisive decisions. That’s why the most respected brands and largest organizations in the world rely on Thales to help them protect and secure access to their most sensitive information and software wherever it is created, shared or stored – from the cloud and data centers to devices and across networks. Our solutions enable organizations to move to the cloud securely, achieve compliance with confidence, and create more value from their software in devices and services used by millions of consumers every day.

We are the worldwide leader in data protection, providing everything an organization needs to protect and manage its data, identities and intellectual property – through encryption, advanced key management, tokenization, and authentication and access management. Whether it’s the securing the cloud, digital payments, blockchain or the Internet of Things, security professionals around the globe rely on Thales to confidently accelerate their organization’s digital transformation. Thales Cloud Protection & Licensing is part of Thales Group.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securing Cloud Access with Continuous Access Evaluation Protocol (CAEP)
  • Live at: Sep 24 2020 3:00 pm
  • Presented by: Asad Ali, Senior Technologist, Thales; Atul Tulshibagwale, Software Eng., Google; Haider Iqbal, Dir. of Biz Dev, Thales
  • From:
Your email has been sent.
or close