This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Cloud [clear filter]
Monday, June 15


Cloud Catalog. The Next Frontier.
By attending this session, insights will be gained on how to provide value for the business, through technology, in a changing security landscape.

avatar for Ramsés Gallego

Ramsés Gallego

Dell / ISACA
Responsible for strategy development and execution of the security portfolio at Dell Software. Oversees the deployment of services and designs the vision for the IAM discipline. Evangelizes on the security management ecosystem around the world.

Monday June 15, 2015 10:30 - 11:15
Main Hall


Lifecycle management of cloud technology
The adoption of Cloud technologies elevates the role of security leadership while elevating the threat to our technology. Cloud allowed us to step away from infrastructure tasks and freed us to focus on strategic activities; applying security controls to the lifecycle rather to the individual equipment. Using Cloud services as an example, this session provides guidance on advancing our security posture, building our security culture, and increasing our influence with stakeholders. We will walk through the entire lifecycle: building the business case, shaping the deployment project plan, executing, shifting into operations, and finally retiring the Cloud service. At each stage, we will share guidance on incorporating security activities and integrating the new service with existing security programs. The resulting lifecycle will take advantage of our new role to better protect our technology. 

avatar for J. Wolfgang Goerlich

J. Wolfgang Goerlich

Cyber Security Strategist, Creative Breakthroughs, Inc. (CBI)
Influential leader and IT management executive with the ability to act as a cultural change agent, drive security initiatives, and raise security postures. Leverages background in systems engineering, software development, and information security. Results-driven and focused on execution. | | 2012 - InfoWorld Technology Leadership Award | 2008 - IDG Best Practices in Infrastructure Management Award

Monday June 15, 2015 11:15 - 12:00
Main Hall


Threat trends related to cloud

Monday June 15, 2015 12:45 - 13:15
Main Hall


CSA STAR: The Future of Cloud Trust and Assurance

Although the popularity of cloud computing is increasing rapidly, it appears that potential customers are still facing some problems that are inhibiting a wider adoption of cloud services. While businesses are still having concerns about security, privacy and data management in the cloud, those can be attributed to lack of trust in cloud computing services. We will look into the industry’s most powerful program for assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, harmonization of standards and eventually continuous monitoring.

avatar for Damir Savanovic

Damir Savanovic

Senior Analyst and Researcher, Cloud Security Alliance
Damir Savanovic is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO... Read More →

Monday June 15, 2015 13:15 - 13:45
Main Hall


So, You Want to be an Accountable Cloud Provider?
In order to be an accountable organisation, Cloud Providers need to commit to being responsible stewards of other people's information. This implies demonstrating both willingness and capacity for such stewardship. This presentation outlines the fundamental requirements that must be met by accountable organisations, and sketches what kind of tools, mechanisms and guidelines can support this in practice.

avatar for Martin Gilje Jaatun

Martin Gilje Jaatun

Vice President, CSA Norway Chapter
Mr. Martin Gilje Jaatun received his MSc degree in Telematics from the Norwegian Institute of Technology in 1992, and has been a research scientist at SINTEF ICT since 2004. Previous positions include Senior Consultant for the Norwegian computer security firm System Sikkerhet AS (now: Secode Norway), and Scientist at the Norwegian Defence Research Establishment (FFI). Mr. Jaatun is an expert in computer and communications security, security... Read More →

Monday June 15, 2015 14:30 - 15:00
Main Hall


Mister vi kontrollen ved å bruke eksterne leverandører av IKT-tjenester?
Kjenner du på usikkerheten ved bruk av ekstern leverandør av IKT-tjenester? En sentral aktivitet for å opprettholde tilfredsstillende informasjonssikkerhet er å føre kontroll med sikkerhetsarbeidet. Når hele eller deler av IKT-tjenestene leveres av ekstern leverandør må kontrollspennet utvides til også å inkludere leverandøren. Denne utfordringen gir usikkerhet ved vurderinger om bruk av eksterne leverandører, men kan det være slik at en ekstern leverandør kan bidra til økt kontroll og dermed en styrking av informasjonssikkerhetsarbeidet?

avatar for Preben Gustavsen

Preben Gustavsen

Rådgiver innen informasjonssikkerhet, internkontroll og styring, Sopra Steria / ISACA
I am highly motivated to help others achieving their goals through adequate and efficient risk management, control and governance. By combining theory with practical experience from earlier positions and projects, I am able to assist in bringing theoretical frameworks to a usable and practical form. This will enables you and your organization to establish and maintain a comprehensive, effective and efficient management system. | | With a... Read More →

Monday June 15, 2015 15:00 - 15:30
Main Hall


Closing Remarks
The CSA Norway Chapter President Kai Roer summarizes the day.

avatar for Kai Roer

Kai Roer

Senior Partner, The Roer Group AS
Kai is a well known expert on security culture and behaviors. He is the creator of the free and open Security Culture Framework, the author of several books, a university guest lecturer in Europe and Asia, a Fellow to the National Cybersecurity Institute in Washington DC, and a Ron Knode Service Awardee 2015 by Cloud Security Alliance. He is located in Norway, travels a lot, and have a passion for making security a people skill.

Monday June 15, 2015 16:15 - 16:30
Main Hall