Cloud Computing: Best Practices for Public, Private or No Clouds At All

Critical IoT networks can’t survive on cloud storage alone. The storage needed to support many use cases will be distributed in a hierarchy of nodes spanning the IoT endpoint devices, several layers of edge computing, and the cloud, all working together to optimize performance, reliability, capacity and cost. This talk will start with some example IoT use cases that can benefit from hierarchal storage. It will explore the requirements and architectural tradeoffs used to decide which part s of the application data set should be stored at each level. Next, we will investigate the trustworthiness of data storage in IoT networks and how edge computing can help provide it, looking at five major components: security, privacy, safety, reliability and resilience. We will conclude with some implementation scenarios, and practical advice for optimizing the cost, performance and trustworthiness of your IoT storage infrastructures.

Demystifying API Security Mesh in 30 Mins


Dynamic cloud infrastructure means an operating model shift from traditional, statically defined, host-based identity to application-based identity in a heterogeneous environment with shared access across multiple clouds and no clear network perimeters. In this BrightTalk session, we will go through key practices on how you can apply a data centric & data-in-motion protection strategy to every distributed & cloud-native Apps and APIs. Explain what we mean by API Security Mesh and how you get the cheat sheet for every DevSecOps and AppSec administrators to succeed in Cloud Native security policy management. Furthermore, you can follow shift-left and protect right approaches by learning your application behaviors in CI/CD pipeline and use the learned API behaviors to protect Apps at run time.

Part of every technology innovation roadmap seems to include People – Process – Technology
foundational pillars. What is not well understood is how Enterprise Architectures (EA) support organizations in their strategic journeys to digitize and innovate, while nudging the culture to embrace change. Appropriate standardization is likewise required to be interoperable, portable, transparent, repeatable, efficient, effective, and secure.

Steven will discuss the DevSecOps and Cloud2.0 opportunities, the cultural challenges and how EA can “ease the pain” and reduce risk. Many EA frameworks share common elements that are widely recognized as foundational pieces of information.

Various updates will be shared from Steven’s work with various international and regional standards
groups. Real-life examples will be used to provide context, highlighting the value-proposition for EA
today and into the future.

Finally, Steven will explore how EA frameworks and standards will help drive the desired culture changes for DevSecOps and future distributed Information Technology (IT) services of the future.

90% of digital transformations fail. The digital transformation market was estimated to be worth $336.1B in 2020. That means close to $300B invested in Digital Transformation showed no ROI. In our experience, at least 25% of a digital transformation budget goes toward third-party SaaS or Cloud costs. That means companies in 2020 spent upward of $75B on SaaS or Cloud costs that showed no ROI.

A top priority for companies is aligning their cloud and digital transformation strategies. Most importantly, companies need to run both in tandem using an iterative approach to ensure investment and scale-out are based on real results. Join this webinar to learn how to take a fresh approach, including:

Putting your digital transformation in a context that your customers care about.
Developing a cloud roadmap based on iterative customer feedback.
How to turn your cloud strategy from a cost-saver to a revenue generator

2020 was a pivotal year for cloud-native, which its promises - agility, innovation, adaptability - more mainstream than ever before. But to take advantage of cloud-native and these benefits, a cloud-native DevOps approach is absolutely crucial.

Join this panel to learn how a cloud-native DevOps approach can transform your business into one where people and technology work together seamlessly, and where your business is truly modernized.

Topics of discussion will include:
- Why cloud-native and DevOps go hand in hand
- What defines cloud-native DevOps
- The challenges enterprises face incorporating cloud-native DevOps
- What benefits cloud-native DevOps bring to organizations and in turn, their customers

Speakers:
David Van Everen, VP of Marketing, StackRox (Moderator)
John Capello,VP of Product Strategy, Nasuni
Stephane Estevez, EMEA Director of Product Marketing, IT Markets, Splunk
Matt Sollie, Lead Cloud Architect, Rackspace Technology

Delivering infrastructure and applications at scale and speed has never been more important, as business race to be the first to bring new, transformative, user focused services to market.

Long seen as a blocker to successful DevOps, a lack of security resources, knowledge, and capability is now seen as holding back Enterprise DevOps teams.

DevSecOps has been positioned as a solution, but with a claimed cyber security skills shortage, how can we really provide the security support and enablement that Enterprise DevOps teams need?

In this talk, we will discuss:
- How security teams need to evolve and re-skill to support the Cloud Native needs of Enterprise DevOps.
- How we already have the skills and capabilities we need to deliver cloud-native, secure services.
- How to we can save money, time, and pain, by managing security in the same way we manage cloud-native enterprise infrastructure.

The IT industry is undergoing rapid digital transformation driven by hybrid cloud and multi cloud adoption. But regardless of whether organizations are using different variations of cloud or even private and public infrastructures, all teams can benefit from a highly agile and automated approach across dev, sec and ops teams. CI/CD is credited as being the key tool in helping practitioners achieve an agile approach. But while DevOps teams are making inroads with CI/CD, cybersecurity practitioners neither have the skills or tools to leverage the practice.

Join this webinar to learn about holistic DevSecOps with a lens on security:
1. What is IT-as-Code ™, DevSecOps and CI/CD
3. How CI/CD pipelines work for different cloud strategies
4. CI/CD strategies for cybersecurity, specifically
5. Real world use cases of DevSecOps in a hybrid cloud strategy

The Cloud Data Management Interface (CDMI™) International Standard is intended for application developers who are implementing cloud storage systems, and who are developing applications to manage and consume cloud storage. It documents how to access cloud storage namespaces and how to manage the data stored in these namespaces. In this webcast we’ll provide an overview of the CDMI standard and cover CDMI 2.0:

•Support for encrypted objects
•Delegated access control
•General clarifications
•Errata contributed by vendors implementing the CDMI standard

Many organisations are now operating with multiple clouds. Whether we use Public Cloud, Private Cloud or Software as a Service, we have multiple environments to operate and manage effectively.

We have to apply governance, security and cost management whilst constantly looking for new and innovative ways of working and keeping an eye on all the other non-IT functions that are also experimenting with different technologies and clouds. Juggling all of these demands while trying to develop and execute a coherent strategy can be challenging with the result that the strategy can become derailed in the face of daily operational demands.

This discussion will explore how to build an effective governance model that is fit for modern day IT and examines the people, process and technologies that can allow you to focus on your strategy safe in the knowledge that the operational systems are performing well.

During 2020, Covid-19 has accelerated digital transformation in many aspects of organizations and individuals´ life: work from home, remote services, online shopping, etc. In order to achieve the required agility, scalability and adaptability in such an unprecedented time, cloud services adoption has soared. Unfortunately, security has been put less emphasis on for the speed of migration.

In this talk, we wlil first investigate the state of cloud security in 2020, then, we will propose a methodology to mitigate the identified challenges. Particularly, we will propose a cloud security strategy that will support organizations in their journey to cloud.

Speaker Bio:
Atef Abdelkefi is an experienced professional in the field of cyber-security with a PhD from the Norwegian University of Science and Technology. Atef has 10 years of architecture, consultancy and R&D experience in Cyber Security including: creating security strategy and roadmap, designing security solutions, performing security risk and compliance assessments and designing and formulating security standards. Atef contributed to various security transformation programs for enterprises in Financial, Insurance, Telecommunications, Energy and Manufacturing sectors in multiple security domains ranging from on-premise, to hybrid and multi-cloud, to OT devices security. Atef is currently supporting IBM Danish account as a Lead Security Architect in their cyber security journey. Prior to that, Atef has working as a security consultant in multiple countries such as Norway, UK and Qatar. In his spare time, Atef is preparing an Executive MBA and holding guest lecturers at NTNU.

Hybrid Cloud has become synonymous with Kubernetes and “Containers” through high charged marketing campaigns from IT behemoths. However, container platforms are just one technology platform potentially included within small, medium or enterprise customer Hybrid Cloud Architectures.

This presentation describes hybrid cloud as a strategy, then as an architecture, and finally it describes the key technologies involved moving forwards and the areas of Next-Gen Hybrid Cloud still requiring standards development, products and service offerings.

Join as we discuss:
Some of the new Enterprises started with a Public Cloud strategy (e.g. Netflix, AirBnB, etc.).
As soon as most organisations are sufficiently mature to require a business O365 service, the organisation then becomes multi-cloud.
Managing a multi-cloud environment is challenging without a hybrid cloud strategy.
What principles might a hybrid cloud strategy have.
What would you expect from the Next-Gen Hybrid Cloud (what should it do).
What are the current relevant product offerings?
This is not just about containers!

In a multi-cloud/hybrid-cloud environment, security controls have traditionally been focussed on reactive detection, leveraging traditional log sources and analytics. Using a programmatic approach to controls validation and using low effort high fidelity security signals you can expand your detection, reduce the attacker dwell time and improve the return on your controls investment. In addition it is valuable to leverage threat intelligence sources that are curated to your organisation and control environment. We will discuss how you can drive the controls maturity by leveraging some simple tools and processes.

Cloud migration is a key component of the digital transformation journey for enterprises. But, it’s not possible and definitely cannot go smoothly without thinking of a solid visibility architecture across the hybrid cloud - an architecture that allows porting on-premises workflows to the cloud without disruption. [MN6][SF7] For zero-day application experience assurance and security posturing, hybrid network visibility is required during and after the migration.

In this session, you will learn:
* Why cloud-native visibility services may not be enough to avoid service disruption, security attacks, and customer churn
* The top challenges related to network dependencies for application and security teams
* How to use network visibility as a strong leverage for service agility, customer satisfaction, and operational efficiency

Prompted by the pandemic, 2020 saw an accelerated shift to cloud services, with one survey finding that there would be a 59% increase in spend on IT tools due to COVID-19. With this shift came the realization for many that their IT systems and cost management processes simply weren’t up to scratch. In the face of an urgent need to quickly adapt to a changing infrastructure environment - and all the resource, skills and budget management challenges this throws up - many organizations are in need of advice and strategies for overcoming these new hurdles.

Luckily, there’s help on hand. Join this panel of cloud management experts as they come together to share advice, insights and tips on how to overcome pressing cloud management challenges, including:

- Gaining visibility of IT budget sprawl
- How to overcome a lack of skilled resources for managing IT budgets
- Where to allocate budget for increased remote working

Speakers:
Alex Hilton, Chief Executive, Cloud Industry Forum (CIF) (Moderator)
Sean Roberts, GM Public Cloud Center of Excellence, Ensono
Tom Krantz, Cyber Security Consultant
Neil Briscoe, CTO & Co-Founder, Cloud Gateway

PLAN – DO – CHECK- ACT…
It’s really not as complicated as it appears; you’ve done it all before, on-premise.

In light of the many benefits associated with the use of cloud services, organisations are keener than ever to jump on the cloud bandwagon.
Key Cloud benefits;
Increased cost efficiency
Flexible pricing options
Easily scalable resources
Freedom to offload cumbersome IT functions
Improved collaboration
Increased user mobility
To truly reap the benefits of cloud services, and avoid falling foul of legal and regulatory requirements, many organisations need to evidence due care and diligence in their defence against the ever present threat of cyberattacks.
An effective cloud management strategy requires robust security controls at its core; it requires organisations to PLAN, DO, and CHECK; enabling them to ACT in the event of a security breach.