CSA CloudBytes

Upcoming CloudBytes

June 20, 2019

2019 Trends Report: The Zero Trust Journey

Presentation by Kelsey Nelson, Product Marketing, Okta

As your workforce becomes more distributed, security is even more critical. Protecting the network is important but it’s no longer enough to secure applications and data. That’s why adoption of a Zero Trust security framework is on the rise. Interested in more data on how your peers are adopting Zero Trust to protect their apps,…

June 26, 2019

The Nexus of Organized Cyber Crime and Cyber Terrorism

Presentation by Dr. Florian Huber, Research Manager at SYNYO & Mag. Bernhard Jäger, Research Manager and Department Lead at SYNYO

New Services and Tools for Supporting First-line-practitioners and Law Enforcement Agencies. In recent years, Europe has been at increased risk of extremist violence and terrorism – from Islamic fundamentalists, far-right fascist hate groups and others, fueled by online radicalization and encrypted communication networks. At the same time, national and international law enforcement agencies are battling…

June 27, 2019

Does WebAuthn Signal the End of Passwords for Browsers?

Presentation by Pay-al Pan, Senior Solutions Engineer, Okta & James Fang, Director of Product Marketing, Okta

Passwords have been the de-facto standard for authentication in the last 40 years, but end users hate them. Not to mention they aren't considered safe anymore - 81% of hacking-related account breaches leveraged weak or stolen passwords. While password + 2FA is a recommended approach by NIST, 2FA may still be hackable. WebAuthn promises a…

July 11, 2019

Accelerating Your Journey to Zero Trust

Presentation by Christopher Scheels, Director of Product Marketing, Cyxtera

Zero Trust is trending. Every expo show floor is inundated with this concept that promises to transform of corporate security from a well-known failed perimeter-centric model. In this session, we will discuss what is Zero Trust, why are enterprises adopting it to fix some of security’s biggest challenges and how to get started.

Previously Recorded Cloudbytes

All Regions

June 13, 2019

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

Presentation by Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope

The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for the enterprise can’t be denied, but the challenge is that security is often not considered a part of this digital transformation. The result…

June 6, 2019

Securing Cloud Infrastructure with Cyber Exposure

Presentation by Nate Dyer, Product Marketing Director, Tenable

Cloud is dramatically expanding your attack surface and introducing new visibility challenges into infrastructure security. Without foundational visibility, it’s nearly impossible to execute other cloud security programs supporting compliance, policy enforcement, and vulnerability remediation. Cyber Exposure is a cybersecurity discipline to provide visibility into traditional IT and cloud infrastructure to help you manage and measure…

June 4, 2019

CSA Study: Cloud Security Complexity

Presentation by Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

Cloud computing provides improved security, agility and flexibility. However, integrating this new service into legacy IT environments comes with great concern. The Cloud Security Alliance has recently surveyed over 700 IT and network security professionals from around the globe on security challenges in cloud environments. In this research, security, data loss and compliance were identified…

May 30, 2019

Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error

Presentation by Aaron Zander, Head of IT, HackerOne & Gen Buckley, Senior Analyst, Security, and Compliance, Okta

It's easy blame employees for poor password and email hygiene, but in reality, human error isn't going to go away. Every organization will always have a "Kanye" with poor operational security and weak passwords. IT and Security teams have to acknowledge the “desire paths” across the security landscape, and ensure that we not only keep…

May 28, 2019

GDPR: Data breach prevention & mitigation - Lessons learned in the past year

Presentation by Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance

Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous…

May 23, 2019

Scaling Cloud Forensics & Incident Response with OSQuery

Presentation by Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, Adobe

An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly and at necessary scale is imperative when incidents do unfortunately occur. After an initial compromise, attackers often move laterally in an environment, trying to establish a…

May 21, 2019

Eliminate Vulnerability Overload – take Nessus Scan data to the next level

Presentation by Robert Healey | Senior Director Marketing, Asia Pacific

Nessus has been around for 21 years now and with over 109,000 vulnerabilities in its scan database, is the undisputed global standard tool for Vulnerability Management, that everyone uses, knows and loves. Nessus is a great tool but unfortunately in any medium or large organization, with Nessus alone, you will soon be buried in a…

May 9, 2019

The Rise and Fall and Rise of the Edge: Penn State & Duo on the Zero-Trust Strat

Presentation by Steve Manzuik, Director of Security Research at Duo Labs & Keith Brautigam, Director of IAM at Penn State

In this webinar you will learn: - Real examples from Penn State of how network topology has gotten exponentially more complicated - Why attackers have shifted from systems-focused to data-focused attacks - What the evolution of IoT and BYOD-rich environments means for security teams We’ve come a long way from the days of mainframe systems…

May 2, 2019

Extending Zero Trust to the Cloud: Real-World Business Challenges and Benefits

Presentation by John Kindervag from Palo Alto Networks & Rob LaMagna-Reiter from FNTS

Much has been written and spoken about Zero Trust and the principles of “never trust, always verify” as a means for enterprises to implement effective network segmentation. As the model has been embraced, Zero Trust evolved to become a strategic Cybersecurity initiative that major enterprises align to in order to prevent successful cyberattacks. However, Is…

April 25, 2019

The Rise of Privacy in the Cloud Era

Presentation by Neil Thacker, CISO, Netskope

In a globally connected world where the number of cloud applications consumed by organisations rises daily, the challenges associated with protecting data and individual’s privacy are therefore also on the rise. In this webcast we will look at some of the challenges associated with privacy including: - Understanding contractual obligations - Managing the geolocation of…

April 18, 2019

Top “Must Do” Steps for Securing Your Public Clouds

Presentation by Greg Mayfield, Sr. Director, Product Marketing & Michael Koyfman, Principal Global Solution Architect at Netskope

Many enterprises have inadvertently exposed proprietary information by failing to properly secure data stored in public cloud environments like Amazon Web Services, Microsoft Azure and Google Cloud Platform. While cloud computing has made it simple to spin up a new server without waiting for IT, this can also be a security nightmare. A simple misconfiguration…

April 10, 2019

Organisational Behavior for Cyber Risk Governance Using Security Ratings

Presentation by Matthew McKenna, Vice President, International Operations, SecurityScorecard

This webinar will take a case study approach to demonstrate how security ratings can be leveraged to gain insight the cyber risk governance of organisations. Are organisations working in a structured manner to address cyber risk or are they purely reaction driven? We will look at organisations that have been breached in the last 12…

March 28, 2019

Preventing AWS Misconfiguration and the Risk of Data Breaches

Presentation by Josh Stella, Co-Founder and Chief Technology Officer, Fugue

Today’s enterprise needs to move fast at scale in the cloud, but the dynamic and complex nature of the cloud has introduced a significant new risk: a data breach due to misconfiguration and human error. In large enterprise cloud environments, it’s not uncommon to have tens of thousands of resources spanning hundreds of AWS accounts.…

March 27, 2019

Cloud Security Top Threats:How to Secure the Future While Learning from the Past

Presentation by Dan Hubbard, Chief Product Officer, Lacework & John Yeoh, Director of Research, CSA

IaaS/PaaS providers like AWS, Azure, and GCP are increasing the productivity of our developers-- making our organizations extraordinarily agile. That same agility must be matched with security and compliance measures of the same speed and scale. The vast majority of cloud security threats are from misconfigured IaaS instances, compromised accounts, and insider threats but there's…

March 14, 2019

BigID, AWS, & Cloud Security Alliance Webinar

Presentation by Nimrod Vax, BigID Head of Product & Bill Reid, AWS Senior Manager, Leader, Security and Compliance Solution Architecture

Protection & Privacy in the Cloud: Operationalizing Privacy in AWS Environments New privacy regulations like GDPR and CCPA make finding and protecting personal information more critical than ever. This means being able to identify both PII and contextual PI by person at scale. This Webinar featuring BigID’s Head of Product and AWS's Leader of Security…

February 28, 2019

Third-Party Cloud Management

Presentation by Sam Abadir, Vice President of Industry Solutions, Lockpath

Cloud computing offers massive scalability, availability and low-cost services as major benefits, but as with most new technologies, it introduces new risks. Because there is so much opportunity in the cloud, the cloud service provider network is continuously growing. Service providers are using different technologies, different standards, and like all companies have different competency levels.…

February 26, 2019

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of.... Case Study: Behind the Scenes of MGM Resorts’ Digital Transformation As a leader in their industry, MGM is transforming into a digital business by aggressively adopting the cloud. Hear how MGM is protecting…

February 21, 2019

Is multi-cloud a cost-cutter or complexity adder?

Presentation by Petri Kallberg, CTO at Nordcloud Finland & Markku Rossi CTO at SSH.COM

The cloud promises to bring savings, agility and scalability. All of this is attainable provided that you know which services to choose for which purpose and how to set up your environment properly. Join multi-cloud experts from Nordcloud and SSH.COM for this exclusive webinar hosted by Cloud Security Alliance where we will discuss the following…

February 19, 2019

CSA Summit at RSA Conference 2019 Preview (Part 1)

Presentation by OneTrust and Cyxtera

Want to know what you can expect at CSA Summit at RSA Conference 2019? Join this webinar to get a preview of... - From GDPR to California Privacy: Managing Cloud Vendor Risk Managing vendor risk is a continuous effort under GDPR, California CCPA and other global regulations. As organizations continue to improve their privacy and security programs,…

February 13, 2019

Avoid the Breach with Effective Application Security Testing

Presentation by Andrew Dunbar, VP of Security Engineering and IT at Shopify and Luke Tucker, Senior Director of Marketing at HackerOne

Security is a top priority for e-commerce giant Shopify, with over 800,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Join Shopify's Vice President of Security Engineering and IT, Andrew Dunbar and HackerOne as they discuss best practices for testing and securing your cloud-based web applications. The session will…

February 7, 2019

The Top 10 Things I Learned by Phishing my Company

Presentation by Steve Edwards, Manager - Corporate Security Engineering, Duo

Ninety-one percent of organizations in a recent TechValidate survey say they have seen phishing attacks on their organization in the past year. What’s more, 42% report more than 10 phishing attacks on their network in that time. What can be done to reduce these risks and protect your data and users? Phishing simulation tools are…

January 31, 2019

Want Better Management of Cloud Security Risk? Live Where Your People Live

Presentation by Julia Knecht, Manager for Security and Privacy Architecture, Adobe

Expecting your (relatively) small staff of security specialists we all have to handle security, risk management, and good governance entirely on their own is a recipe for disaster. While specialists are critical to ensuring products and processes are designed well, promote security, and ease compliance, real security and good governance requires dissemination of knowledge throughout…

January 17, 2019

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

Presentation by Jasson Casey - CTO at SecurityScorecard

Please join us on the 17th of January as Jasson Casey, CTO at SecurityScorecard, describes the state of cybersecurity in the modern world, and what best practices are for measuring it - differently. He will discuss the importance of behavioral analytics, and how to make use of an “outside-in approach” when measuring cybersecurity. He will…

January 10, 2019

Vendor Risk Management from the GDPR to California Privacy (CCPA)

Presentation by Blake Brannon, VP of Products, OneTrust

In this webinar, we will deep dive into managing the vendor lifecycle under the GDPR, California Privacy (CCPA), and other global regulations. As organizations continue to improve their privacy and security programs, streamlining third-and fourth-party vendor risk has become a priority. This includes everything from filling out vendor assessments like the CSA Consensus Assessments Initiative…

December 18, 2018

Container Security Best Practices: A How-To Discussion

Presentation by Nate Dyer, Sr. Product Marketing Manager, Tenable

Application containers like Docker help DevOps work faster and quicken time-to-market, but they also create a major Cyber Exposure gap. Traditional vulnerability management approaches can’t easily secure containers – let alone keep pace with the high-velocity world of DevOps and continuous innovation. But don’t despair. We’ve got just the thing to save you from this…

December 12, 2018

2018: The Year in Data Security Panel Discussion

Presentation by Todd Thorsen, Sr Mgr, Security; Michelle Killian, Sr Mgr, Security Risk and Compliance; and Nathan Hunstad, Dir, Security

The data security world changes so quickly it can be hard to keep up with the latest threats to corporate data. With countless stories of breaches, phishing scams, insider threats, government whistleblowers and cyber warfare, 2018 was the year all eyes turned to security teams and their role within an organization. In this webinar, a…

December 6, 2018

Zero Trust in Practice: Why Identity Drives Next-Gen Access

Presentation by Nick Fisher, Solutions Marketing at Okta

Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. As a model with many moving parts, the immediate question is where to start? This session will focus on: - The full Zero Trust reference architecture…

December 4, 2018

Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env

Presentation by Yitzy Tannenbaum, Product Marketing Manager at AlgoSec

As the network estate grows in size and complexity, the enterprise security team is responsible for ensuring a unified, comprehensive network security policy. But how can the team be sure about application connectivity and the correct implementation of change requests when applications span the breadth of on-premise, private and multi-cloud environments, each with its own…

November 28, 2018

2018 Data Exposure Report

Presentation by Molly Quinlan, Market Research Manager, Code42

Are your C-suiters putting valuable company IP at risk through careless data practices? If they're like most business leaders, they are. Nearly three-quarters of CEOs admit they’ve taken IP, ideas, and data from a former employer, and 95 percent admit to keeping a copy of their work on a personal device. A new report from…

November 20, 2018

Want to transition on-premises workloads to the cloud, but are concerned about consistently securing access? Join us for a webinar where we discuss how you can easily and effectively apply secure access policies throughout your cloud migration, regardless of your infrastructure complexity or architectural starting point. By utilizing a modern, cloud-ready security architecture, you can…

November 13, 2018

Using Machine Learning to Detect Command Line Anomalies

Presentation by Andrei Cotaie and Tiberiu Boros of Adobe

As we all know, cybersecurity is often a game of cat and mouse - attackers are always trying to outsmart us defenders. At Adobe, we face the same issues and concerns as all the other major companies. We must ask ourselves simple questions with non-simple answers: How do we ensure that all assets are protected?…

November 8, 2018

Protecting What’s Left: Cloud Security in the Serverless Age

Presentation by Edward Smith of Cloud Passage

Serverless architectures and FaaS services such as AWS Lambda make application development scalable, easy, and cheap. Plus, there’s no server to maintain or patch! But just because there’s no server doesn't mean there’s nothing to secure. Serverless services and their dependencies still need to be used and configured correctly, which is why it’s important to…

October 25, 2018

Data Breach Myths vs. Reality

Presentation by Sami Laine of Okta

Data breaches can happen to any organization, so it's important to understand your organization's risk of a data breach. But where should you start your assessment? What practical and pragmatic steps can you take? In this presentation, we'll discuss the myths vs. the realities on how: - Breaches happen - The rapidly growing cloud and…

October 18, 2018

How to Phish Your Employees For Functional Security

Presentation by Josh Green of Duo Security

More than 90% of reported data breaches and security incidents in 2016 involved a successful phishing attack*. Attackers rely on phishing as a primary strategy because it continues to be both effective and efficient, as users remain the most vulnerable attack vector. The best defense against phishing is proactively educating your users, through a shame-free…

October 11, 2018

Discovering a Competitive Advantage with ISO 27001 Certification

Presentation by Jason Eubanks, CRISC, ISO 27001 Lead Auditor, Principal Consultant, Lockpath

Organizations with mature, enterprise-wide information security risk management programs enjoy a competitive advantage, thanks to ISO 27001 certification that signifies an international standard for safeguarding information. In this webinar, Lockpath's Jason Eubanks, a governance, risk management, and compliance (GRC) consultant and former ISO auditor, will share the business case for earning ISO 27001 certification and…

October 4, 2018

Crypto Conflagration and Securing the Cryptocurrency Ecosystem

Presentation by Chris Wysopal, Co-Founder and Chief Technology Officer at CA Veracode

Not only do cryptocurrencies rely on blockchain for their security, but they also rely on an ecosystem of software that runs exchanges, wallets, smart contracts and more. This software ecosystem, as well as the infrastructure on which it runs are required to be secure. Whether you are a builder, investor, or consumer- this webinar will…

September 27, 2018

Past the Perimeter: Earned Access Through A Zero-Trust Model

Presentation by Zoe Lindsey of Duo Security

Users whose digital lives are increasingly mobile don’t want to be tied to their desks, and an effective security strategy must be flexible enough to protect access from boardrooms and bars, cubicles and coffee shops alike. To do this, companies must ensure that users and their devices meet the same security controls, whether they’re outside…

September 20, 2018

Cloud–delivered Security: Why It’s Your Best Bet

Presentation by Greg Mayfield of Tenable

On-prem vs Cloud-based security? It’s an ongoing debate that SecOps teams face daily. With cloud adoption continuing to be a top business initiative, SecOps teams must adapt or risk falling behind. As most on-prem security tools don’t work in the cloud and suffer limitations, SecOps teams are faced with a myriad of new technologies and…

September 13, 2018

Can the Maturity of Your Cloud Security Strategy Make or Break Your Organization

Presentation by Scott Hogrefe, VP of Marketing at Netskope, and Doug Cahill, Senior Analyst at ESG

New research from Enterprise Strategy Group and Netskope shows that there are business ramifications when it comes to your approach to cloud security. Join senior ESG cybersecurity analyst Doug Cahill and Netskope VP Marketing Scott Hogrefe for this webinar to get a deep dive into this research and understand how being a cloud "Discoverer," "Controler,"…

September 6, 2018

Improving Cloud Hygiene

Presentation by Scott Pack, Lead Cloud Security Engineer, and Dhwaj Agrawal, Computer Scientist at Adobe

As one of the first companies to commit wholly to the cloud, we have learned a lot about how to keep our security hygiene levels up even as we support rapid development and deployment cycles. Part of this effort is the development of an internal tool called MAVLink. MAVLink enables us to collect and analyze…

August 29, 2018

How Identity Fits Into a Security-First Approach

Presentation by Mark Bowker, Senior Analyst at Enterprise Strategy Group and Swaroop Sham, Senior Product Marketing Manager at Okta

Securing your workforce and users, in the cloud, and on the go can be difficult. A recent Enterprise Strategy Group (ESG) survey discovered that for nearly 75% of organizations, a username and password was the only barrier between a determined attacker and access to your critical resources. Identity Access Management (IAM) can help you drive…

August 21, 2018

Managing Top 6 Risks with Cloud Service Providers

Presentation by Cliff Turner, Senior Solutions Architect at CloudPassage

In this webinar, we'll cover the following... •Review top six risks with today’s cloud service providers. •We will analyze these risks, consider the business impact and show you how to proactively manage cloud risk by automating security for your cloud management accounts. •We will use the AWS CIS foundation benchmarks and the CIS Controls to…

August 14, 2018

A Path to Achieving Network Security ZEN

Presentation by Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Is it even possible to balance security and enhancement…

August 9, 2018

Next Step – Securing IaaS (AWS, Azure, GCP)

Presentation by Brandon Cook of McAfee

According to Gartner, the IaaS market grew at a blistering 42.8% in 2017 - twice as fast as SaaS. But, despite last year’s AWS data exposures at Verizon, the RNC, and Dow Jones, most cloud security projects focus on SaaS. We’ve worked with AWS and hundreds of IaaS security professionals to develop a tried and…

August 7, 2018

Extending Network Security Visibility into the Cloud

Presentation by Anner Kushnir, VP of Technology at AlgoSec

Enterprises are taking advantage of the economies of scale of cloud computing and migrating applications to public and private clouds. The new technology offers many advantages, but also requires taking a step back and evaluating whether existing network security tools and processes are relevant and effective in these new environments. To maintain their security posture,…

July 31, 2018

Eliminating Security Blind Spots in your AWS Environments

Presentation by Edward Smith of CloudPassage

As consumption of cloud services increases, security teams struggle to maintain visibility of the cloud assets in use across multiple environments throughout the enterprise. In fact, 43% of security pros say lack of visibility into cloud environments are their biggest operational headache. Cloud defenders struggle to answer two simple, but important questions: what do I…

July 24, 2018

Reducing Risk in Public Cloud Environments

Presentation by Greg Mayfield, Director of Product Marketing, Tenable

As organizations adopt their multi-cloud and hybrid cloud strategies, continuous visibility and protection of these dynamic cloud workloads remains the #1 challenge for security teams. It’s essential to gain live visibility into AWS, Azure and Google Cloud Platform assets in order to continuously assess cloud infrastructure to detect vulnerabilities, malware and misconfigurations. This webinar will…

July 12, 2018

Avoiding the Dreaded DNS Hijack

Presentation by Dhivya Chandramouleeswaran of Adobe

With increasing adoption of cloud services by organizations, there is unfortunately often an absence of decommissioning checks when such services are no longer in use. It is often up to developers and operations teams to properly clean them up. DNS records pointing to deleted cloud artifacts - not yet purged from name servers - create…

June 27, 2018

A GDPR Compliance & Preparation Report Card

Presentation by Neil Thacker, CISO, EMEA -- Netskope

With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security policies and programs. Join Neil Thacker, CISO, EMEA at Netskope for a discussion of our recent study with the Cloud Security Alliance on how organizations have prepared for meeting…

June 26, 2018

User Behavior Study Screams the Need for Backup

Presentation by Aimee Simpson of Code42

Digital transformation efforts won’t be successful unless IT accounts for the human element: workforce behavior. What’s the relationship between endpoint devices and employee work habits? We dug into the data to find out. In a new research study, Code42 examined data storage behavior across more than 1,200 laptops to learn how users get their work…

June 21, 2018

A Path to Achieving Network Security ZEN

Presentation by Den Jones, Director – Enterprise Security, Adobe

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Is it even possible to balance security and enhancement…

June 12, 2018

Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy

Presentation by David Shearer, CEO, (ISC)2; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork ; Rich Mogull, Securosis; B. Dunlap (Mod)

Certain things go together to make the sum of their parts that much better. Peanut Butter and Jelly. Lennon and McCartney. Batman and Robin. In the ever-changing world of the cloud, cyber security professionals need continuous training and certifications to stay up-to-speed and pairing (ISC)2’s CCSP (Certified Cloud Security Professional) with CSA’s CCSK (Certificate of…

June 7, 2018

The Evolution of Zero Trust Security: Next Gen Access

Presentation by Nick Fisher, Security Product Marketing at Okta

As breaches fill the headlines, more organizations are adopting a Zero Trust security model and its key principle of "never trust, always verify." Modern implementations of this model are focusing on "Next Gen Access," where identity and authentication can greatly enhance your security posture with less complexity than network-based solutions. Join Nick Fisher of Okta…

June 5, 2018

DevOps has become a competitive advantage for organizations competing in the new digital era. Increased speed, rapid experimentation, and continuous change are now guiding operating tenants to win in this market. Unfortunately, cybersecurity has been largely absent in the DevOps conversation despite the growing risks and high profile breaches over the past several years. Cybersecurity…

May 31, 2018

3 Ways to Speed Up Your Incident Response Time

Presentation by Abik Mitra of Code42

The pace of cyber attacks on business users is increasing, but the time it takes to detect and recover from them is taking longer. In this webinar, Code42's Abhik Mitra will explore the root cause of this divergence and offer three principles that, when applied, can reverse the trend. These incremental changes in process and…

May 31, 2018

Wrangling Those Pesky 3rd-party Software Vulnerabilities

Presentation by Mayank Goyal, Sr. Security Researcher, Nishtha Behal, Security Researcher, Adobe

Like many large software companies, Adobe makes use of both open source and commercial off-the-shelf software components to deliver solutions to its customers. From time to time, as with any publicly available software, vulnerabilities may be uncovered that require resolution – creating a cascading challenge in assuring that any solution we have using those components…

May 23, 2018

LIVE Cyber Attack Simulation: A Crypto Crime in Action

Presentation by Hank Schless and Christian Lappin from Threat Stack

Crypto mining and cyber crime are at the top of the list for headline-grabbing attacks. Want to see how it’s actually done? The reality of what happens on a day-to-day basis is the breakdown of people and process. Join us on May 23rd for a live simulation of hackers bypassing security controls and executing a…

May 22, 2018

GDPR: Personal Data Protection Compliance is a Business Matter

Presentation by Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting

Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted approach. Compliance with the GDPR is becoming a necessary business requirement. Only companies that will be able to reassure business partners and consumers regarding their alignment to the…

May 15, 2018

5 Steps to Boost Your Security Posture on AWS

Presentation by Neelum Khan, Tajvia Willis, and ​Sudha Iyer from Netskope

Many customers have exposed their data in the cloud without proper security solutions. Securing data in the cloud to prevent exposures can present challenges to all enterprises. Despite the rapidly growing need for cloud-native visibility into behavior and activity across AWS environments, many companies are still in the beginning stages learning about best practices and…

May 8, 2018

How to Ace Type 2 SOC 2 with Zero Exceptions

Presentation by Pete Cheslock and Pat Cable of Threat Stack

Achieving Type 2 SOC 2 compliance with zero exceptions was no easy feat for Threat Stack. However, rather than implementing stringent security protocols at every point of production, they implemented and improved SecOps processes to make it happen. Learn how Threat Stack's Head of Ops, Pete Cheslock, and Sr. Infrastructure Security Engineer, Pat Cable collaborated…

May 3, 2018

The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9

Presentation by Daniele Catteddu of CSA and Marina Segal of Dome9 Security

General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. The requirements of GDPR are substantial and the penalties for non-compliance are severe. The new regulation will require companies across the globe to rethink how they store and handle customer data. Has your organization implemented the legal and technological controls required to…

April 25, 2018

True Detective – Autopsy of latest O365 and AWS threats

Presentation by Brandon Cook, Thyaga Vasudevan, and Sandeep Chandana of McAfee

How does your organization defend against the latest O365 and AWS threats including KnockKnock and Ghostwriter? Join CSA and McAfee to see an autopsy of two recent cloud threats: KnockKnock (O365) and Ghostwriter (AWS) uncovered CSA by our Cloud Threats Lab. We’ll share practical guidance on how to address the rapidly evolving cloud threat landscape,…

April 11, 2018

Anatomy of a Cyber Security Breach: The Hero's Journey

Presentation by Sam Curry of Cybereason; Andrew Hammond and Red Curry of SSH Communications Security; Hector Monsegur of Rhino Security Labs

My mother was washing dishes in the kitchen when the glass window she was looking out shattered in front of her…she was OK but unfortunately my curve ball has never gotten better. The second law of thermodynamics dictates that you can't put together something that has fallen apart. There was no way I could put…

March 21, 2018

Understanding the Status of ERP Security in the Cloud

Presentation by JP Perez-Etchegoyen of Onapsis and Shamun Mahmud of CSA

With ERP vendors reporting double-digit growth in cloud revenue year over year, many organizations are faced with the challenging task of planning a cloud migration of their most critical assets. Because these systems are typically more complex, and also house the organization's critical data and processes, special precautions must be taken when building a migration…

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition to the expense of hiring an outside security testing team, testing for and fixing obscure security bugs is a brake on an engineer’s ability to put…

March 14, 2018

CSA Summit at RSA Conference Preview

Presentation by Jim Reavis of CSA,Wayne Anderson of McAfee, Deena Thomchick of Symantec, Jervis Hui of Netskope, and Chris Steffen of Cyxtera

Want to know what you can expect at this years CSA Summit at RSA Conference? Join this webinar to get a preview of several sessions including:  - Appetite for Destruction – The Cloud Edition Over the last two years, the multitude of data leaks and breaches in the cloud has skyrocketed. Many of these leaks…

March 7, 2018

Making Compliance Count

Presentation by Dave Lenoe and Molly Junck at Adobe

It’s a brave new world, with bug bounties and crowd-sourced penetration tests now an up-and-coming way to augment security programs. But can you do the same with your compliance and certification programs? At Adobe, our security team has been working with our internal audit team and outside vendors to see if it’s possible – and…

February 28, 2018

Are Your Containers Compliant?

Presentation by Cliff Turner, Cloud Security Evangelist, CloudPassage

If we could call out two things that are growing in importance in 2018, it’s containers and compliance. Penalties for data breaches are on the rise, all the while organizations are under increasing pressure to expand their DevOps practices and increase their agility, which leads teams to turn to containers. And while containers usher in…

February 13, 2018

Amazon, Azure and SaaS are already on everyone's mind. When your data center workloads move to cloud, is your corporate backhaul the most efficient way to get to the applications? The migration of applications from the data center to the cloud is forcing organizations to rethink their branch network and security architectures to enable local…

February 8, 2018

Automating Security for Cloud Services

Presentation by Peleus Uhley, Lead Security Strategist at Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the appropriate automation goals, creating an accurate view of the organization, tool selection, and managing the returned data at scale. This presentation will provide the details of various…

February 1, 2018

ISO/IEC 19086: An Overview and Application

Presentation by John Calhoon of Microsoft

In this webinar, we will take a look at ISO/IEC 19086 which is an international standard for cloud service level agreements (SLAs). Specifically, we’ll discuss the impetus for establishing the standard in the first place, the scope of the work, organization of the parts, key elements and putting the standard to work. 19086 does not…

January 25, 2018

Data-driven Cybersecurity Defense for Organizations and their Ecosystems

Presentation by Phil Marshall of Security ScoreCard

Many companies rely on staticpoint-in-time security assessments to measure the cybersecurity health of their enterprise and vendor ecosystem. This approach is quickly becoming obsolete in today’s dynamic cyber threat landscape, fraught with increasingly sophisticated adversaries deploying malicious tactics to compromise your data. Continuous data-driven monitoring of security in your organization and in every vendor organization…

January 22, 2018

Returning data control to users - the next frontier for cloud security research

Presentation by Ryan Ko, Associate Professor, University of Waikato

From the Uber data leakage incident to cases where photographs of young or vulnerable people are stolen and misused on inappropriate websites, there is a fundamental gap: the lack of users' control over their data once it is uploaded onto the Internet. This talk introduces some of the key challenges and scientific trends in returning…

January 17, 2018

Organizations have difficulties handling security auditing and compliance that can be scaled across many teams with varying infrastructure. Adobe found themselves in the same situation and in need of a tool that could provide a window into the complexities of their infrastructure. As a result HubbleStack was developed -- a free open source project. Just…

January 11, 2018

The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud security strategy is important to help restore visibility and reduce risk, but what is the best approach? While there are many opinions and perspectives, the…

January 4, 2018

Developing a Successful Secure Product Lifecycle (SPLC) Program

Presentation by Julia Knecht and Taylor Lobb of Adobe

A secure product lifecycle (SPLC) is integral to ensuring software is written with security in mind, but companies struggle to create a successful process with limited security resources and minimal impact to engineering teams. In this webinar, Julia Knecht and Taylor Lobb – Managers, Security & Privacy Architecture at Adobe, will explain how a team…

December 14, 2017

Top 10 Public Cloud Security Recommendations

Presentation by Matt Keil of Palo Alto Networks

Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable. With the underlying premise…

December 7, 2017

As a cloud customer, vendor, security auditor or regulator, you may have been involved with ensuring security in the cloud. Although numerous standards, regulations, and controls frameworks exist to ensure compliance with security best practices, a harmonized and cloud-focused guidance can be quite valuable. In this webinar, we will explore how the CSA Cloud Controls…

December 6, 2017

5 Steps to Prevent AWS Data Exposures

Presentation by Brandon Cook and Anant Mahajan of Skyhigh

Amazon Web Services has strong security features, but customer misconfigurations have led to a series of very public data exposures over the last few months from Verizon, Dow Jones, Accenture, and Patient Home Monitoring. And now, we are seeing different misconfigurations leading to a new AWS exposure, dubbed GhostWriter, whereby third parties can alter content…

November 23, 2017

Cloud Security for Startups - From A to E(xit)

Presentation by Moshe Ferber of CSA Israel and Shahar Maor of Outbrain

Cloud computing perform amazing things for startups, providing young companies with access to enterprise grade infrastructure . But also act as a double edge sword. Lack of proper security controls can lead to multiple challenges varying from longer sales cycles to losing customers & investors trust. The Cloud Security Alliance identified those unique challenges and…

November 16, 2017

Security Anthropology: How Do Organizations Differ?

Presentation by Wendy Nather with Duo Security

When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each…

November 2, 2017

Protecting Corporate Data When an Employee Leaves

Presentation by Michael Osterman of Osterman Research and Drew Neilson of Druva

Employees leave organizations each year, but did your sensitive data leave with them? Osterman Research found that 39% of companies are not sure that they have recovered all corporate data assets, posing a significant risk in terms of data breach, regulatory and compliance implications, while leaving IT trying to locate and contain sensitive information. This…

October 31, 2017

CISO Challenges with Cloud Computing

Presentation by Moshe Ferber of CSA Israel

Cloud computing provides companies with unprecedented access to robust, scalable infrastructure, but on the other hand, cloud adoption is accompanied with various challenges for security professionals. In this presentation, we will examine cloud security challenges according to based on the different cloud services out there, review the current trends and discuss cloud strategies based on…

October 24, 2017

Market State of Cloud Security

Presentation by Nick Mendez of Optiv

Optiv will be sharing their insights on the market state of cloud security and how enterprises should bolster their security programs for the evolution of cloud. We will cover what we see in the field from the cloud security maturity state of most organizations to the IaaS/PaaS security trends that will impact your cloud deployment…

October 17, 2017

CASB 2.0: The Next Frontier for CASB

Presentation by Deena Thomchick of Symantec

The rapid adoption of cloud applications and services has fueled the need for new security solutions, such as Cloud Access Security Brokers (CASBs). But how do these systems weave into your overall security infrastructure? There are many intersections to consider, such as DLP, Advanced Malware Protection, Web Security and Endpoint where organizations are navigating how…

October 10, 2017

Enterprises around the globe are rapidly opening up their back-end systems and databases to the outside world using APIs. Drivers for doing this include everything from improving customer service, to monetizing corporate information assets and meeting regulatory requirements. For businesses and systems, however, that were never designed to be opened up to the outside world,…

September 19, 2017

Internal Bug Hunts: Squashing Security Bugs on a Budget

Presentation by Pieter Ockers - Sr Program Manager at Adobe

Far too often, testing software for security flaws falls into the “nice-to-have” category, taking a backseat to the demands of the marketplace and inflexible feature release schedules. In addition to the expense of hiring an outside security testing team, testing for and fixing obscure security bugs is a brake on an engineer’s ability to put…

September 14, 2017

Challenges in Data Privacy

Presentation by Craig Scoon, Consultant in the Risk Advisory Service at Deloitte

There are many challenges for data privacy legislation within a boundary-less cloud computing and World Wide Web environment. Despite its importance, there is limited research around data privacy law gaps and alignment, and the legal side of the security ecosystem seems to constantly be playing catch-up. This research is supported by STRATUS (Security Technologies Returning…

September 13, 2017

State of Cloud Adoption in Asia Pacific (APAC)

Presentation by Ekta Mishra, Research Analyst of CSA and David Siah, Country Manager of TrendMicro Singapore

Cloud as the enabler of Internet of Things (IoT) and data analytics, the incorporation of cloud computing is critical for the successful implementation of these leading-edge technologies. Countries and organizations moving towards Industry 4.0 are highly dependent on cloud computing, as it is the basis for this revolutionary transition. However, complications and confusion arising from…

August 17, 2017

Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR

Presentation by Nicola Franchetto of ICT Legal Consulting

Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on…

August 9, 2017

Backup & Recovery: Your Get out of Ransomware Free Card

Presentation by Andrew Nielsen, Chief Trust Officer of Druva and Jim Reavis, CEO of CSA

Ransomware has become a major concern for organizations around the globe. The U.S. Department of Justice reports that an average of 4,000 ransomware attacks occur daily. These ransomware attacks aren’t just targeting laptops and other end-user devices either. Servers are equally at risk of ransomware attacks as well. There’s good news though - your backup…

July 27, 2017

"Cloud-First" Ransomware - A Technical Analysis

Presentation by Bob Gilbert and Sean Hittel of Netskope

Cloud services have emerged as the preferred attack vector of some of the most dangerous and innovative cloud malware exploits of the past six months. Why?  Because many organizations don't inspect their cloud SSL traffic for malware and the same functionalities of the cloud dramatically increase productivity (sync, share, collaborate, etc) also provide ransomware developers…

July 19, 2017

Cloud Services and Encryption: Facts, Myths, Perceptions

Presentation by Paul Rich of Microsoft

Encryption and terms like "BYOK" have surged to the forefront of cloud service discussions. Both security and compliance stakeholders express great interest in encryption and its apparent promises. However, the expectations built upon encryption and control of encryption keys are often founded on assumptions that fail under scrutiny. In this session we will examine the…

June 20, 2017

How and Why to Build an Insider Threat Program

Presentation by Jadee Hanson of Code42

Jadee Hanson, Director of Security at Code42, provides a behind-the-scenes look at what it's really like to run an insider threat program -- a program in which you can take steps to prevent employees from leaking, exfiltrating, and exposing company information. This webinar will provide cloud security professionals with insider threat examples (and why you…

June 15, 2017

Security Automation Strategies for Cloud Services

Presentation by Peleus Uhley of Adobe

Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the appropriate automation goals, creating an accurate view of the organization, tool selection, and managing the returned data at scale. This presentation will provide the details of various…

June 13, 2017

4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup

Presentation by Aimee Simpson of Code42, Shawn Donovan of F5 Networks, and Kurt Levitan of Harvard University

Today's organizations face complex challenges as a result of exponential data growth and rapidly evolving ​cyberthreats. Furthermore, as companies move to cloud, it's inevitable that technologies will need to be replaced -- and what may have worked five years ago is no longer a viable solution for today's mobile workforce. In this session, you'll hear​…

May 25, 2017

Though one of the most mature industries in cybersecurity, the Financial Services industry has seen some of the largest explosion of innovation and technology. While startups and innovators are focused on speed to market and leveraging cloud infrastructure and cloud platforms as a service, the need for security in financial technologies is paramount. In this…

May 17, 2017

You can stop shaking if you follow this plan for securing your data

Presentation by Terence Spies of HPE Security-Data Security and Rich Mogull of Securosis

Data security has a tendency to be intimidating for organizations, users and implementers. Organizations see the value but the challenges of applying a data security solution. Wouldn’t it be great if there were solutions that took the guesswork out of data protection and key management? In today’s data driven environment, there are strategies and technologies…

April 13, 2017

It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often results in a fractured security architecture without a centralized single policy, view or enforcement point. With this shift to hybrid, organizations need to embrace CSA’s Software-Defined Perimeter (SDP)…

March 15, 2017

Leveraging the Power of Threat Intelligence

Presentation by Ray Pompon and Sara Boddy of F5

It's becoming impossible for cyber security to keep up with paradigm-changing technological advancements which provide fertile new hunting ground for the more sophisticated cyber-criminals. You can't enumerate all possible attacks while calculating probabilities and impacts for each. We need to narrow things down. But when we reach for data, we drown in reports, dashboards, and…

March 6, 2017

BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security

Presentation by John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group

Join this in-depth interview at RSA Conference with John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group. Viewers will learn John's insights around: - Preparing for GDPR - Challenges for the new U.S. administration - Protecting our critical infrastructure - Protecting the IoT: personal accountability, product certifications, regulation - The…

March 1, 2017

Defending against human ingenuity demands a new way of thinking. With countless dollars spent and infinite alerts you still don’t have a true picture of what is going on. So when a breach happens, can you answer THE question: “How bad is it?” The inability to do so is what RSA calls the “gap of…

January 19, 2017

Which CASB Deployment Mode is Right for Me?

Presentation by Srini Gurrapu and Brandon Cook of Skyhigh

When kicking off a cloud security project, you'll quickly discover that there are multiple deployment options for a cloud access security broker (CASB) – Log Collection, API, Reverse Proxy, and Forward Proxy – delivered via the cloud, on-premises, or hybrid - and with or without agents. But which CASB deployment mode is right for your…

January 17, 2017

Cloud First, Now What?

Presentation by Palo Alto Networks

Your executive staff has made a strategic decision to move to the cloud, and your team has the seemingly monumental task of executing on this new direction. The journey to the cloud introduces many unknowns, the least of which is determining the applications and data, including precious customer information, that belong in the cloud. Yet…

December 14, 2016

The 2017 Cyberthreat Landscape

Presentation by Leo Taddeo, Chief Security Officer, Cryptzone

2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threat landscape will help you better formulate your defensive strategy and prioritize security initiatives for 2017 and beyond. This webinar will feature Leo Taddeo,…

December 6, 2016

SIEM for the Cloud? The Essentials You Need to Know

Presentation by Chris Collard and Mark Campbell of IBM Security

A cloud-delivered security intelligence platform can help you make sense out of the mountains of data collected from your expanded perimeter of cloud workloads and assets. However, it’s easy to get buried in a data avalanche. Join us as we discuss the essentials for making sense out of cloud data and keeping your workloads secure…

November 29, 2016

Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product

Presentation by Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler

The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore different perspectives on how the guidance can best be used by organizations seeking to secure IoT products. We will also discuss how to prioritize your security engineering efforts…

November 15, 2016

CSA SDP for IaaS Initiative: Research Preview

Presentation by Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage

Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting from the seamless protection it offers, whether on-premises or in the cloud. SDP can better protect IaaS services for Enterprise usage, and deliver uniform and seamless protection of…

November 8, 2016

Conducting Security Investigations in Minutes (or Less)

Presentation by Doron Shiloach, Senior Product Manager at IBM

Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking a threat intelligence source and making it work with your security practice. Join the session to learn how to make the most of threat intelligence,…

November 3, 2016

Developing a Proactive Approach to GDPR Compliance

Presentation by Yael Nishry and Doug Lane of Vaultive

As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total…

October 19, 2016

Defeating the Insider Threat: Don't Have Your Head in the Clouds

Presentation by Evelyn De Souza and Mary Beth Borgwing

Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new research to understand the extent of this issue. Join the Cloud Security Alliance Strategy Advisor, Evelyn de Souza, Mary Beth Borgwing, President of LemonFish Technologies... -Uncover the…

October 18, 2016

IT Security & Privacy Governance in the Cloud

Presentation by Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE

After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical…

October 13, 2016

58% of security professionals expect their budgets to stay the same next year. If you’re like them, you’re trying to secure a growing number of cloud services and infrastructure without a bigger budget. What do you do? Make a bulletproof business case for a Cloud Access Security Broker (CASB). In this webinar you'll learn: -How…

October 11, 2016

The GDPR Covers Anyone with Data on European Residents In May 2018, a new data privacy law comes into effect and any organisation with data on the 500+ million citizens of the European Union (EU) has to comply. Fines can be up to 4% of revenue, mandatory data loss notification to regulators and users comes…

October 6, 2016

Scared of implementing a data protection solution?

Presentation by Rich Mogul of Securosis and Terence Spies of HPE Security--Data Security

Data protection has a tendency to be intimidating for organizations, users and implementers. Organizations see the value of having a data protection program but the challenges of applying a data protection solution often upsets the balance and work flow within the organization, users and create challenges for those implementing. Wouldn’t it be great if there…

August 30, 2016

CSA Research: Mitigating Top Cloud Threats

Presentation by Salim Hafid and Rich Campagna of Bitglass, and John Yeoh of CSA

With cloud adoption on the rise, IT leaders are looking to peer organizations to understand security best practices in the cloud. Bitglass and CSA surveyed infosec professionals to uncover the top threats to cloud security and the tools most often used to secure cloud apps. In this webinar, John Yeoh, Senior Research Analyst at CSA,…

August 24, 2016

Standardization and visibility of security controls in Hybrid

Presentation by Avinash Prasad and Munish Gupta of Infosys Ltd

The needs for IT agility for business, is driving adoption of flexible computing environments including IaaS, Private Cloud among others. The challenge associated with this transformation towards the Hybrid cloud environment is the assurance around the security for the workloads and data. Specific issues arise due to the “Shared security model ” of the varying…

August 16, 2016

Protect, Detect, Respond and Recover: Mitigating the Risks of Cyber Security

Presentation by Mat Hamlin of Spanning by EMC and Will McNae of Microsoft

Information theft is the most expensive consequence of cybercrime, according to a recent Ponemon study. Business interruption following a cyberattack exacts a high price in productivity and business process failures—even greater than the cost of information and revenue losses.1 The more data you share in the cloud, the more you expose it to attack. While…

August 9, 2016

True Detective: Detecting Insider Threats and Compromised Accounts in Office 365

Presentation by Brandon Cook and Santosh Raghuram of Skyhigh Networks

How does your organization combat insider threats and compromised accounts? Join CSA and Skyhigh Networks to learn about cloud threat findings from the research of CSA and Skyhigh Cloud Security Labs. We’ll share practical guidance on how to address the rapidly evolving cloud threat landscape, starting with user behavior analysis. Specifically, we will discuss how…

August 4, 2016

Protect Against New Threats to Safely Enable SaaS

Presentation by Palo Alto Networks

The usage of SaaS applications continues to grow rapidly whether they are enabled by IT or your end users. SaaS-based application usage has grown 46 percent over the past three years as shown in the latest Application Usage and Threat Report from Palo Alto Networks. The attackers are now adapting to leverage these applications as…

August 2, 2016

Joining the Cloud Cyber Intelligence Exchange

Presentation by Patrick Coughlin, TruSTAR

CSA, along with support from key corporate members like Rackspace and Intel, has been incubating a new intelligence exchange within the CloudCISC Working Group. Join CSA and technology partner TruSTAR to discuss: - The challenges of building effective intelligence exchange - How the CloudCISC exchange is designed differently - How you can get involved in…

August 1, 2016

Insights from the 2016 Gartner Magic Quadrant for Secure Web Gateways

Presentation by Jim Reavis of CSA and Atri Chatterjee of Zscaler

According to Gartner, cloud-based security is continuing to grow at a significant rate, spiking at a 35% CAGR compared to 6% for on-premise appliances. Newer and more advanced threats are creating risks that traditional appliances are struggling to keep up with. Consequently, the report highlights a number of key priorities for your security strategy, including:…

July 26, 2016

Five Requirements for Securely Adopting Cloud Applications

Presentation by Mark D. Campbell and Brandon Whichard of IBM Security

The business benefits of cloud applications are undeniable, however security concerns can still slow their adoption. While many mainstream cloud applications offer secure platforms and excellent security capabilities, much of the security burden is still on you. You still need a strategy and the technology tools to ensure your organization can safely and efficiently utilize…

July 13, 2016

Office 365 Security and Compliance – Enforcing the 4 Layers of Trust

Presentation by Brandon Cook and Srini Gurrapu of Skyhigh Networks

Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level of granularity when users access cloud-based systems of record from a variety of networks, locations, and devices. In today’s cloud-first, mobile-first world,…

July 13, 2016

Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonly reluctant to adopt cloud technologies over concerns with security and control over enterprise data. However at the same time, many of these same organizations…

July 12, 2016

Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools…

June 30, 2016

Building the Connected Hospital - Securely

Presentation by Chris Frenz, Jennifer Cathcart, Yogi Shaw, and Gib Sorebo

The concept of the Connected Hospital offers full integration with Electronic Health Record (EHR) systems, streamlined operations, and enhanced patient safety. Secure implementation of the capabilities that enable a connected hospital is a challenge given the diverse nature of the components involved. Hospitals, integrators and developers must work together to ensure that security is considered…

June 22, 2016

It's Alive! Automating Security Response in the Cloud

Presentation by Tim Prendergast of Evident.io

The challenges facing teams responsible for creating speed and acceleration in the cloud are numerous, but the most dangerous challenge is discerning security signals from infrastructure noise. We can no longer deploy catch-all appliances or wrap hosts in countless layers of agent-based security technology in modern cloud environments. The context and approach to security has…

June 14, 2016

Infosecurity 2016: The Influence of Privacy Shield on Data Protection

Presentation by Daniele Catteddu, CTO, CSA & Josh Downs, Community Manager, BrightTALK

- Infosecurity Europe 2016 - BrightTALK were honoured to be joined by the CSA's CTO Daniele Catteddu to get his thoughts on cyber security and cloud defences in particular. Daniele walked through his thoughts on privacy shield and the sharing of EU data with the US; data protection; cyber security in the financial sector and…

June 14, 2016

Module 3 in the CSA STAR Series While the Cloud Security Alliance’s (CSA) STAR Certification has certainly raised the bar for cloud providers, any audit is still a snapshot of a point in time. What goes on between audits can still be a blind spot. To provide greater visibility, the CSA developed the Cloud Trust…

June 7, 2016

Internet of Things will lead to a future where virtually every physical item has a microprocessor and all industries will be disrupted. In this presentation, CSA CEO Jim Reavis discusses key security trends for Internet of Things and Cloud Computing. He will make the case that the cloud platform is the key strategy for attaining…

June 2, 2016

Enterprise adoption of IaaS environments has brought tremendous benefits, in terms of cost savings and agility, and enabled a more dynamic infrastructure. However, these changes have created new security, compliance, and IT administration challenges for enterprises, and management challenges for cloud service providers. The good news is that a Software-Defined Perimeter (SDP) approach can solve…

May 20, 2016

Cloud Trust Protocol (CTP) Demo

Presentation by Alain Pannetrat of Cloud Security Alliance

The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, promoting transparency and trust. This video illustrates in concrete details how CTP can be used to monitor the security level of…

May 11, 2016

There is a direct correlation between the size of an enterprise’s attack surface and its risk profile. The greater the number of networked applications supported by the enterprise and the greater number of users granted access, the greater the chance that one of those users will be compromised and hackers will gain a foothold to…

May 11, 2016

The Business Value of Operational Risk Management

Presentation by John DiMaria of BSI

Risk Management is not a standalone activity carried out by a company’s risk experts; it is part of the responsibilities of management and a concern to all of the organization’s stakeholders. Risk identification and management are vital to strategic planning, project development and change management. Correctly instituted, Operational Risk Management (ORM) is a cross-functional and…

May 10, 2016

Risky Business: Key Cloud Security Metrics your Board Needs to See

Presentation by Srini Gurrapu, Skyhigh Networks

A recent study by Ponemon showed that the likelihood of an enterprise data breach of involving more than 10,000 records is approximately 22%. This risk, with an average associated cost of $3.79 million, has catapulted cloud security into an executive and board level. What key metrics should you track and share with your board? How should you structure your…

May 5, 2016

Customers expect a seamless experience across services and devices, critical to ensure successful conversions and renewals in e-commerce. At the same time, the impact of disconnected user experience on employee productivity can have significant financial implications. Big egos, politics, a shortage of skilled talent, legacy systems and complexity can also conspire to undermine the success…

When an organization adopts cloud services, it is in fact expanding its operations from a local or regional presence to a more global one. As a result, the corresponding organizational operations’ strategy needs to be adjusted to align with these changes. You need to be in line with international requirements as well as your supply-chain.…

April 27, 2016

Cloud security threats and resolutions: A meeting of the minds

Presentation by Jim Reavis of CSA, David Baker and Arturo Hinojosa of Okta

According to the 2016 Top Threats report from CSA, the ramifications of poor cloud computing decisions is no longer an IT issue but rather a boardroom issue. Executives at the highest levels are under scrutiny about security posture, and their response to a breach, from stakeholders, regulators and consumers. The growth of cloud and mobile…

April 26, 2016

Beyond the Firewall: Securing the Cloud with a CASB

Presentation by Mike Schuricht and Salim Hafid, Bitglass

As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Organizations need the ability to protect data in the cloud, at access, on the network, and across all devices. While cloud app vendors now offer robust functionality, they lack the level of granular control…

April 26, 2016

Mind the Mobile Gap

Presentation by Dan Wolff, IBM

Throwing a safety net over mobile cloud app usage leaves the enterprise having to balance manageability and security against the user experience. This session covers how you can gain visibility into mobile cloud app usage, defend against malware and threats, and enforce corporate policies for mobile—all while enabling BYOD and protecting the user experience.

April 20, 2016

Public, Private, Hybrid…Secure Your Cloud’s Future

Presentation by Sai Balabhadrapatruni Palo Alto Networks

The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed, and adopted. The challenge has become balancing the agility needs of the business with improving the security of the applications and more importantly the data as it moves between…

April 13, 2016

Dramatically Improve Network Security using SDP

Presentation by Jason Garbis, Cryptzone

It’s time to recognize that traditional network security tools grant users too much access and therefore create a serious security gap. A typical user may be authorized to access only a few resources across the enterprise, but from a network perspective can see, and send packets to, every service running on every server on the…

April 12, 2016

The large volumes of data being stored as well as the multiple siloes, users and applications using the data, means that organizations are constantly under threat of a data breach. Certes Networks, will discuss how, despite the numerous threats and vulnerabilities currently faced by organizations, there are new ground-breaking cloud-friendly segmentation and application isolation techniques…

April 11, 2016

Best Practices for Protecting Your Data in a Hybrid Cloud Environment

Presentation by Jason Wolford of Rackspace and Imam Sheikh of Vormetric

Your business has capitalized on managed cloud services to host many of your IT workloads. Now, you need to expand your cloud IT deployments further with public cloud services using Amazon Web Services or Microsoft Azure to scale cloud computing and storage resources to meet growing IT business demands. Suddenly, you have data center and…

March 31, 2016

Cloud Security: What You Should Be Concerned About

Presentation by Raji Samani of Intel Security and Jim Reavis of CSA

Intel Security conducted a survey regarding cloud adoption and cloud security. This webcast will discuss the findings and answer questions like... -Is cloud for everyone? -How much are companies investing in cloud? -What are the top concerns?

March 22, 2016

2016 Information Security Trends and Cloud Security Alliance Priorities

Presentation by Jim Reavis, CEO of Cloud Security Alliance

An informal look at the important security trends identified by CSA experts and the activities initiated by Cloud Security Alliance to address key industry issues.

March 21, 2016

How to Determine Responsibility for Cloud Security?

Presentation by Rich Campagna, Bitglass

Rich Campagna of Bitglass explains in this short video the WSJ test -- an easy way to determine the security responsibilities of SaaS vendors and their clients.

March 15, 2016

In today's security landscape, a security breach is not a matter of "if," but "when." Is your organization prepared to minimize and mitigate the effects of a breach? Join the Cloud Security Alliance and Skyhigh Networks for a webinar discussing how to create a data-driven cloud cyber resiliency plan. In this session, you'll learn: -How…

March 15, 2016

The mass of data breaches that hit the headlines in 2015 show organizations must accept that breaches are inevitable, and breach detection and protection strategies are no longer enough to keep the hackers at bay. To prepare for a breach, organizations should put in place a breach containment strategy that assumes a breach will happen,…

March 10, 2016

The Borderless World: Bridging the Cloud with On-Prem Systems

Presentation by Farshad Ghazi and Chris Griffith, HPE Security

Learn more about the new CSA Top Threats Report and how to protect yourself. In the borderless world of Cloud computing, everything changes. You cannot deliver a cloud enabled business without a fundamental redesign of your security infrastructure. On-prem systems are increasingly integrated to cloud-based platforms which creates an abyss for data to spread to…

February 25, 2016

ShadowIT Discovery and security of SaaS are often considered key capabilities of Cloud Access Security Broker. There is, however, one critical capability which is often overlooked; security of IaaS. Many organizations are finding out the hard way that focusing on security of SaaS is only part of the puzzle. They must address the security of…

February 17, 2016

The State of Office 365 Security

Presentation by Doug Lane, Vaultive

Microsoft Office 365 adoption skyrocketed in 2015, but security and compliance questions are still keeping many organizations on the sidelines. What built-in security features does Microsoft provide, and under what circumstances are they good enough? Which industries and use cases call for a third party Office 365 security solution? Join us as we discuss these…

February 11, 2016

ROAD MAP TO CSA STAR CERTIFICATION – OPTIMIZING PROCESSES, REDUCING COST AND MEETING INTERNATIONAL REQUIREMENTS With Japan’s introduction of the quartz wristwatch in 1969, the majority Swiss market share dropped from 80% at the end of World War II to only 10% in 1974 . Ironically, it was the Swiss who had invented the quartz…

February 3, 2016

Next-Gen Mobile Security: What comes after MDM?

Presentation by Salim Hafid and Neal Mhaskar, Bitglass

BYOD is an adoption, not a rollout. In fact, 57% of employees refuse MAM or MDM on their personal devices. What are the drawbacks of MDM? How can your organization both drive adoption and effectively secure BYOD? In this webinar, we'll answer those questions and discuss next-generation mobile security solutions that can help secure corporate…

January 28, 2016

Emerging Approaches in a Cloud Connected Enterprise: Containers and Microservice

Presentation by Anil Karmel, Co-Founder and CEO of C2 Labs

Containers such as Docker and CoreOS Rkt deliver incredible capabilities to developers and operators and are powering the DevOps revolution in application development and deployment. Docker in particular has taken industry by storm, resulting in over 400 million downloads and 75,000+ containerized applications in this open source platform. With all this new found power come…

January 14, 2016

You know that every decision to use the Cloud will be challenged, whether by investors, executives, customers, or members of your own team. Behind every challenge is the same question, "Can we trust the decision?" This presentation introduces a new decision model that will transform the confidence you can earn from others that your decisions…

December 9, 2015

Cloud Access Security Brokers (CASBs) are the hottest security technologies on the market. They provide organizations with much needed visibility and control over corporate data as it moves beyond the firewall via the public cloud. In this webinar, experts from Bitglass will dive into the architecture of CASBs and explain how the wide range of…

November 24, 2015

A webinar for IT Security, Legal and Compliance Managers. The EU-US Safe Harbor agreement for data transfers has been declared invalid. Hear what this means for you, your organization and your data on EU citizens. Can you save data in US cloud services, and if so, what do you need to know to ensure you…

November 10, 2015

Keeping your Data and Applications Safe from the CSA Top Threats

Presentation by Farshad Ghazi and Chris Griffith--HP Security

The cloud presents all kinds of opportunities for today’s enterprise, from anywhere access to anything-as-a-service. Cloud computing imposes significant security risks on the corporation, network, IT and the day to day activities of the business. How do they maintain compliance, control and ownership of sensitive data as they move from the physical environment to a…

October 21, 2015

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Presentation by Matt Brunsvold of Cargill and Srini Gurrapu of Skyhigh

Skyhigh’s Office 365 Cloud Adoption and Risk report shows that the average enterprise uploads 1.37TB of data across SharePoint, OneDrive, and Yammer each month, 17.4% of which is sensitive.  With Office 365 use exploding and vast volumes of data headed to the cloud, IT Security teams are working to determine how they can enforce security,…

September 24, 2015

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. Data security, privacy and compliance have never been more at risk than in today’s social and…

August 20, 2015

Professionalizing the Cloud Security Workforce

Presentation by Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)²

(ISC)² and CSA recently developed the Certified Cloud Security Professional (CCSP) credential to meet a critical market need to ensure that cloud security professionals have the required knowledge, skills and abilities to audit, assess and secure cloud infrastructures. Join Jim Reavis, CEO of Cloud Security Alliance and David Shearer, CEO, (ISC)² on August 20, 2015…

July 15, 2015

Leveraging Data Control and GRC for Securing Data on the Cloud

Presentation by Ryan Ko- CSA APAC Research Advisor, Vibhav Agarwal – Associate Director - Product Marketing, MetricStream

Leveraging Data Control and GRC for Securing Data on the Cloud - A Practical Guide for Immediate Challenges and An Overview of Long-Term Research Challenges Data security for cloud applications is a perennial challenge due to the lost of control and oversight over data placed within clouds. As cloud becomes mainstream, various industries need to…

July 8, 2015

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

Presentation by Evelyn de Souza, Data Governance Workgroup Chair, Cloud Security Alliance & Data Privacy and Compliance Leader, Cisco Systems

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach over the next 12 months. While cloud insider threats consistently rank as a top concern, they have not been decomposed and mitigated like enterprise exploits. We will uncover threat vectors and behavioural traits and present new…

June 30, 2015

Cloud Standards - Ready for Prime-time (part 2)

Presentation by Michel Drescher, EGI; John Messina, NIST; Peter Deussen, Fraunhofer FOKUS

Cloud computing will not reach its full potential without fully developed and stable management and context standards. Customers indeed expect freedom of choice, increased control and interoperability, as a tool for fair competition and unfettered innovation. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance. While part one…

June 25, 2015

Lessons Learned From the Biggest Security Breaches

Presentation by Jim Reavis, CSA; Michael Sutton, Zscaler

Learn about the biggest security breaches and what it means for your organization. The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest profile companies have been compromised including Anthem, Sony, Home Depot, JPMorgan Chase, Target and more. 2015 is turning out to be…

June 9, 2015

Cloud Standards - Ready for Prime Time

Presentation by Michel Drescher, EGI; Alan Sill, OGF, Texas Tech University; Alex McDonald, NetApp; David Wallom, Oxford e-Research Centre

Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as a tool for fair competition and unfettered innovation in cloud services. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance.…

May 19, 2015

How to Negotiate a Proper SLA

Presentation by Jesus Luna, CSA; Frederic Engel, Market Engal SAS;Daniele Catteddu, CSA; Arthur van der Wees; Arthur's Legal; Said Tabet, EMC

The typical cloud customer easily grasps perceived advantages and user-friendliness in the cloud, but they are not security experts. Matching an customer's security requirements with what is being offered by CSPs can be the biggest challenge. Even though most CSPs include security provisions in their SLAs (Service Level Agreements), the variety of customer requirements make…

May 12, 2015

Preparing for 2015: Internet security best practices from the Global 1000

Presentation by Jim Reavis, CEO at the Cloud Security Alliance & Dan Druker, CMO at Zscaler

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. So what can you do today to keep your security ahead of these trends? In this…

March 19, 2015

Platform as a Service: Build Cloud Applications Rapidly and Reliably

Presentation by Jonathan Sage, IBM; Mike Edwards, IBM; Achille Pinson, PrepMyFuture.com

CloudWATCH webinars aim to evangelise the merits of cloud services to SMEs and governments. This particular session on building cloud applications will explain Platform as a Service. Cloud technologies, such as Bluemix, make app development easier, more practical, and cost effective. Also, Achille Pinson, founder of PrepMyFuture.com, will share his experience as a cloud service…

February 17, 2015

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

Presentation by Peter Wood (moderator); Prof. John Walker, James Brown (Alert Logic), Bernd Jaeger (Cloud Security Alliance)

Join this exciting panel session with some of the industry's leading thought leaders including: Peter Wood, CEO, First Base Technologies Prof. John Walker, Researcher, Writer & Speaker, Cyber-Vault Stephen Coty, Chief Security Evangelist, Alert Logic Bernd Jaeger, Cloud Security Alliance The panelists will discuss topics ranging from predictive security, real-time threat intelligence, combining structured and…

February 5, 2015

Cloud CISC Virtual Summit

Presentation by Paul Kurtz, Dave Cullinane

The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharing. CSA has selected a partner, TruSTAR Technology, to create what we are calling the industry’s first Cloud CISC (Cyber Incident Sharing Center). We believe it is…

February 4, 2015

An Approach to Cloud Services Risk Management for Today’s Enterprises

Presentation by Deepayan Chanda, Wesley Cheng, Security Solutions Architects, Advanced Services, Cisco Systems

This session provides a methodology and a Business Risk Framework for assessing the risk of an ever-increasing number of cloud services. It builds upon the Cloud Security Alliance Cloud Controls Matrix by enabling users to add new controls and address risk vectors such as the financial viability of a cloud service provider, traffic data, and…

February 4, 2015

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

Presentation by Derick Fogt, IT Risk Management, Cisco Systems

A great many enterprises leverage the Cloud Security Alliance Cloud Controls Matrix as a primary component for identifying cloud service provider risks. What’s also needed is a way to measure these risks. This session will focus on building a risk rating framework and on better quantifying and operationalizing risk management activities. Presenter: Derick Fogt, IT…

January 29, 2015

Service Management: What Standards Can Do For Business – The Example of FitSM

Presentation by Dr. Thomas Schaaf, Dr. Michael Brenner, Owen Appleton, Sy Holsinger

To meet customer needs and provide valuable services, it is important to maintain a high quality of service, which in itself requires a well-structured approach to IT Service Management (ITSM). Existing approaches such as ITIL and the ISO/IEC 20,000 standard are useful but not always well suited to the challenges of providing cloud or other…

December 4, 2014

IoT Security Challenges for Early Adopters

Presentation by Brian Russell, Chief Engineer CyberSecurity Solutions at Leidos

The Internet of Things (IoT) offers enhanced technology capabilities in diverse industries. In the health care setting, IoT will bring new connected medical devices that support near real-time monitoring of patient health information. In the transportation industry, connected vehicles will communicate securely with each other and with the environment surrounding them, offering safer commutes. In…

November 26, 2014

Monitoring in a Cloud Environment

Presentation by Eliot Salant, Dario Bruneo, Avi Miron - Cloud Wave; Kyriakos Kritikos - PaaSage; Michel Drescher - EGI, CloudWatch

Monitoring resource consumption in a Cloud environment is becoming an increasingly important research topic in order to provide optimal management of both the underlying Cloud infrastructure and executing applications. Clouds are complex environments composed of many different entities and layers. Each of them may be provided with mechanisms offering various management actions. Different situations call…

October 15, 2014

Reducing Risk in the Cloud with the CCM

Presentation by John Yeoh, Sr. Research Analyst, CSA; Sean Cordero, Co-Chair, CSA CCM Working Group

Cloud computing promises to deliver efficiencies through reduced time to market and greater agility for organizations. While the impact of cloud computing is profound, many organizations remain hesitant to consider the cloud. This is often due to a lack of clarity over the unique security risks introduced in the cloud computing model and a perceived…

October 2, 2014

The Role of Certification and Standards for Trusted Cloud Solutions

Presentation by Daniele Catteddu, CSA; Dr. Michaela Iorga, NIST; Marnix Dekkar, ENISA; Claudio Belloli, GSA

Security and privacy certifications have been identified as one of the most effective means to increase the level of trust in cloud services and stimulate their adoption. Based on this assumption, it was critical to focus on the appropriate standards and their interoperability. Therefore, a number of efforts have started in Europe, mainly led by…

September 24, 2014

New Opportunities for Data Privacy and Data Protection Harmonization

Presentation by Evelyn De Souza, Cisco; Dan Blum, Respect Network; Mary Beth Borgwing, Advisen

This week the CSA and Cisco announced the results of a comprehensive survey of cloud security professionals on data privacy considerations. The survey responses highlight a growing and strong interest in harmonizing privacy laws towards a universal set of principles. But what does this really mean as you develop cloud services for your organization? And,…

September 24, 2014

Big, Open, and Properly Protected Data?

Presentation by Mariusz Jarzebowski, demosEUROPA; Ratko Mutavdzic, PROJEKTURA; DR. Gwendal Le Grand, CNIL; Patrice Chazerand, DIGITALEUROPE

Big data keeps making the headlines. Open data is high on governments’ agenda. This CloudWATCH webinar will hear contributors to the research paper ‘’Big & Open Data in Europe: A growth engine or a missed opportunity?” debating the impact on the economic potential of various parts of Europe – North, South and East. CNIL, France’s…

September 23, 2014

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

Presentation by Ilia Tivin- CISSP, CCSK- Senior SIEM consultant and Hiroshi Masuda- HP APJ TSC ITAS(Security) Lead

Cloudbytes is a Webinar/Webcast for the APAC region which would be held monthly for all the CSA chapter members. The CloudBytes program will look to bring the most important topics to the forefront for education and discussion. Security is one of the major barriers to cloud adoption and transformation when we think IT risks in…

August 28, 2014

Multi-tenancy in Federated Clouds

Presentation by Michel Drescher, European Grid Infrastructure; Jesus Luna, CSA; Ian Osborne, Knowledge Transfer Network; Colin Wallis, NZ Gov

However popular multi-tenancy has become in cloud computing, this concept still sounds a bit like a mystery. This CloudWATCH webinar will provide you with a chance to get a crystal-clear take of the concept by clarifying how tenancy is defined, how relations between tenants and their behaviour should be designed. Indeed, in a typical multi-tenancy…

July 24, 2014

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

Presentation by John Howie, Cloud Security Alliance; Doug Meier, Pandora; Krishna Narayanaswamy, Netskope

The Cloud Security Alliance’s Cloud Controls Matrix is a rich source of cloud security best practices designed as a framework to provide fundamental security principles to cloud vendors and cloud customers. It serves as a useful guidepost for app developers and technology decision-makers alike. But what if you really want to put it to work…

July 15, 2014

Legal Issues for Cloud Computing

Presentation by Paolo Balboni, ICT Legal Consulting; Lucio Scudiero, ICT Legal Consulting

Cloud Computing Users increasingly attempt to negotiate contract terms for cloud computing services, in order to make them more suitable for their specific needs. However, despite the efforts they make, contracts are still often concluded on a take-it-or-leave-it basis, because of the negotiating power enjoyed by bigger cloud service providers against small service clients. The…

May 16, 2014

2 Minutes on BrightTALK: What are your weak points?

Presentation by Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance

Hear what Daniele Catteddu recommends to strengthen your IT security posture - from risk assessments to mobile and cloud computing.

Getting Started

Thank you for your interest in participating in the CSA CloudBytes webinar series. CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. We envision CSA working groups and CSA members using this platform as a tool to inform our audience of trending topics, new technologies, and latest research that can help increase awareness in the cloud. It also allows audience members the opportunity to earn CPE Credits.

We are always seeking SME's who can bring these topics to our audience in the form of education and discussion in a vendor neutral environment.

If you are interested in learning more about sponsorship options please contact Hillary Baron [email protected].