Cloud Security Summit is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.
Keynote: Finding the right IoT security strategy and methodology to secure the IoT network infrastructure -- presentation by Juniper Networks
Keynote: Journey to the Secure Cloud
Wellmark Blue Cross Blue Shield
Keynote: Building Trustworthy IoT Systems -- presentation by Microsoft
Keynote Panel: Learning from Infamous Security Breaches
All-Conference General Session: Cloud Security Summit | IoT Security Summit | Blockchain 360
Join Wellmark Blue Cross and Blue Shield’s CISO Thien La as he shares Wellmark’s two-year journey designing the healthcare leader’s cloud architecture and migration plan. La will discuss specific concerns for highly regulated industries, along with their experience working with leading cloud providers.
In this panel, IT and security leaders will discuss best practices and lessons learned from some of the most infamous security breaches in the past few years, as well as touching on the lessons not yet learned as we enter a world where IoT, Blockchain, shadow IT, hybrid cloud, mobility all converge.
Cloud Security Summit
SecDevOps is to the 2010s what Agile was to the early 2000’s: Your ticket to speak at a conference. Yet, having attended tens of these talks, you may be forced to conclude practices rarely get beyond: “Code first and chase that coding with automation." …also… “Monitoring. You’re gonna need monitoring and feedback.” In this talk, we’ll boil off some of the hype and look at key (actual) best practices that tie back to BSIMM capabilities in a meaningful way. We’ll discuss Vulnerability Discovery, Developer enablement, Runtime Protection/RASP, Threat Modeling, and more.
While there is a lot of focus on cloud solutions for many good reasons (e.g., cost savings is usually the justification but there are not justifications as well), with the evolving privacy laws and regulations, there are some challenges (e.g., access controls to personal information). During this session, we will look at the challenges and how some companies have managed the use of cloud solutions while aligning privacy laws & regulations.
Shadow IT is here to stay, and is a driver of innovation even though CIOs and CISOs may consider its elimination as an accepted best practice. While the practice does create a multitude of data and integration issues for under-resourced IT teams, along with unknown risks for the entire company, it can also drive productivity and innovation in the lines of business. This panel will explore how CIOs and CISOs can balance the innovation potential of Shadow IT while keeping the enterprise secure.
In this panel, industry leaders from leading companies in Finance, Healthcare and Technology will discuss how to balance compliance and security, including such topics as:
Financial Services have special considerations when operating in the cloud, including compliance with rigorous and sometimes conflicting regulations. Circle Pay operates entirely in the cloud and we are a licensed Money Transmitter in many states. This talk covers our experience managing the regulators/examiners.
Regulators and examiners are, for the most part, familiar with traditional IT, but do not understand cloud platforms, agile development and how to evaluate the regulations for cloud applications. I’ll talk about some of the ways we’ve been able to get our examiners comfortable with our use of the cloud, including:
According to Forrester, 80% of breaches involve access of privileged credentials. With statistics like that, it’s easy to see that ensuring only the right people access the right documents/data is paramount. In this panel discussion, we’ll explore the challenges and advantages that enterprises face with IAM, including:
In this session, we’ll examine lessons learned and best practices for creating a secure Cloud Ecosystem, Cloud Security Operations Center (CSOC), and an approach to Cloud Security Compliance within a highly regulated Federal Government Construct. We will discuss how we set up and configure secure cloud environments for a range of IT applications from Big Data to Applications Hosting.