In addition, the Cloud Security Alliance will launch on Wednesday, and present its white paper: “Guidance for Critical Areas of Focus in Cloud Computing.” We wrote about the alliance in our coverage last week.
What else? The cloud will come up in dozens of additional panels. Many of the conference tracks look similar. Is it hype? Yes and no. Over eager geeks and marketers alike will push discussions into the hype cloud. But we think that more so is the opportunity to use the cloud as a hook to that will create a new layer of richness to the ever continual development of the “read write” web. For that reason alone, it’s still hard to understand why Bruce Schneier see the cloud as so much hype. Trust and transparency are crucial but to dismiss the cloud discussion feels a bit cynical. Hopefully we will get the chance to talk with Bruce at RSA to gain more insights into his thoughts and perspectives.
Tuesday, April 21, 1:30 PM
Security services delivered from the Cloud can present compelling cost advantages over traditional locally-installed applications and appliances – but can they really disrupt the “old model”? What security services can realistically be purchased from the cloud, and what just won’t work? What are the business opportunities for companies offering these new products, and what does it mean for more traditional security providers? Our expert panel will cut through the hype of cloud computing and help you get the information you need to make intelligent decisions about getting your network security via subscription – from the Cloud.
Speakers: Jay Chaudhry CEO; Founder, Zscaler, Inc.; Maria Lewis Kussmaul Founding Partner, Investment Banking, America’s Growth Capital; Eva Chen Chief Executive Officer and Co-founder, Trend Micro, Inc.
Moderator: Kurt Stammberger VP Marketing, Mocana
Tuesday, April 21, 1:30 PM
Are Clouds Secure? Security and Privacy Implications of Cloud Computing
Cloud computing is all the rage right now, but there is widespread concern about its security. With few details about such concerns provided to date, the obvious question to information security practitioners is, “what do those concerns really mean to organizations?” This session will methodically explore security in public and private clouds offering SaaS, PaaS, and IaaS.
Tim Mather Chief Security Strategist, RSA, The Security Division of EMC
Subra Kumaraswamy Sr. Security Manager, Sun Microsystems
Tuesday, April 21, 3:00 PM
Virtualization, Collaboration and Cloud Computing: A New Focus On Security
The value of virtualization, collaboration and cloud computing is apparent – but what are the security challenges? How does an enterprise protect its information when it is distributed and accessible from so many disparate points by so many devices? This session provides a new focus and approach to security that will build an atmosphere of operational confidence based on a secure and resilient network.
Speaker: John Stewart VP, CSO, Cisco Systems, Inc.
Tuesday, April 21, 4:10 PM
The Cloud or on the Desktop? Expert Views of Data Security Trends
The nature of the viral attack has evolved dramatically over the past several years creating new challenges for the security industry in combating new threats. In this session, a panel of experts will discuss the pros and cons of moving threat protection into the cloud. This is a “call to arms” for the industry to find an innovative solution to the growing problem of proliferating viral threats.
Panelist: Renee Guttmann Vice President, Information Security and Privacy Officer, Time Warner Inc.; Eva Chen Chief Executive Officer and Co-founder, Trend Micro, Inc.; Mary Ann Davidson Chief Security Officer, Oracle and Steve Moyle Founder/CTO, Secerno Limited
Moderator: Larry Ponemon, Chairman, Ponemon Institute
Tuesday, April 21, 4:10 PM
Mobile and Cloud Computing – What’s the Forecast?
The world that we live in is increasingly becoming mobile. With the advances in mobile computing technologies and applications available via cloud computing models, does this signal the long awaited perfect storm that security professionals have predicted for years? This session will examine the state of mobile and cloud-based computing to determine what might be looming on the horizon.
Speakers: David Coffey Mgr Product Security, McAfee and Carl Banzhof, VP Technology Strategy, McAfee
Tuesday, April 21, 5:40 PM
Prefix Hijacking: Threat to Applications in the Cloud and Cyber Warfare
Prefix hijacking is the Internet’s equivalent of identity theft. Enterprises offloading their data to applications in the cloud are vulnerable to prefix hijacking-type attacks. Current solutions such as secure BGP are not sufficient. This session highlights a behavioral anomaly detection solution, using actual examples to demonstrate prefix hijacking and mitigation.
Speaker: Ram Keralapura Senior Member of Technical Staff, CTO Office, Narus
Wednesday, April 22, 8:00 AM
Head in the Clouds…Feet on the Ground?
While some legal challenges in cyberspace have started to become more clear, the use of cloud computing and hosted applications adds a new dimension of legal risk. Compliance, privacy, and security problems are compounded by the use of remote, distributed services operated by third parties. Businesses employing these new technologies must look anew at their online risk, and learn how to assess and manage it.
Panelist: Rena Mears Partner, Deloitte & Touche, LLP, Randy Sabett, Attorney, Sonnenschein Nath & Rosenthal
Moderator: John Landwehr Director, Security Solutions and Strategy, Adobe Systems Incorporated
Wednesday, April 22, 9:10 AM
Cloud Computing and Identity Challenges
Enterprises continue to expand use of SaaS and cloud computing to achieve operational performance enhancements and efficiencies. Implementation of these technologies introduces several challenges related to identity management, account authorization and authentication. A new approach to identity is required to ensure the continued growth and success of cloud computing: we call this Identity 2.0.
Speaker: Fran Rosch VP Identity and Authentication, VeriSign, In
Wednesday, April 22, 11:30 am
The Marriage of Security and Cloud Computing: Security and Business as One
This session will examine IT management options for integrating cloud-client file reputation technology into current endpoint security architectures. This discussion will show how this transition will lead to an evolutionary approach to data security that will provide real-time security status “look-up” capabilities in the cloud, and further reduce the cost associated with corporate-wide signature deployments.
Wednesday, April 22, 3:40 PM
Identity Management for the Cloud: Challenges, Opportunities and Best Practices
Cloud Computing is emerging as an essential part of enterprise IT strategy. How will this trend impact existing enterprise security architectures? What are the issues for producers and consumers? This session will present the requirements, standards, and best practices/patterns. Can we realize the benefits of the cloud, while maintaining our security posture, and leverage our existing investments in enterprise IdM?
Facilitator: John Field Senior Technologist, EMC Corporation
Thursday, April 23, 9:10 AM
Silver Lining? Debating the Merits of Cloud Security – A Customer Perspective
Cloud-based security services are emerging as a contender to enterprise managed appliances in a variety of segments. While moving security into the cloud can be attractive, especially in a tough economy, it is not without risks. A panel of executives from enterprises and service providers using or considering a switch to cloud security will debate the pros and cons of such a decision.
Panelist: Arun Singh General Manager & Head – Americas, Enterprise Security Solutions, Wipro Technologies USA; Dave Cullinane, CISO, eBay; John Ryan Business Development Executive, MSS/SaaS Alliances, IBM Internet Security Systems
Moderator: Michael Sutton VP of Security ResearchZscaler, Inc.
Thursday, April 23, 2:10 PM
Cloudy with a Chance of…More Clouds
We don’t see bunny rabbits in clouds anymore, we see an amalgamation of technical architectures all with different benefits and risks to organizations. This session will highlight the characteristics of cloud computing and identify the attributes that may affect risk assessments.
Facilitator: Pete Lindstrom Research Director, Spire Security
Friday, April 24, 9:00 AM
Cloud Computing – Secure Enough for Primetime Today?
How do the leading cloud computing platforms protect sensitive corporate data? What capabilities do they provide today? What data security, auditability, compliance and other security features are available today? Leading business and consumer cloud providers will discuss the state of cloud security today and where the industry is headed.
Panelist: Narinder Singh Co-Founder, Appirio, Eran Feigenbaum, Director of Security, Google Apps
Moderator: Asheem Chandna Partner, Greylock Partners
Friday, April 24 11:20 AM
Gatekeeping the Cloud
Moving valuable data assets into the cloud or onto the Internet makes them more vulnerable. So, security is a priority. But security shouldn’t prevent users from accessing and sharing their data easily, from anywhere, and via a range of devices. This presentation will provide insight on relevant standards, concepts and requirements for mobile e-identity management in the new cloud-computing era.
Speaker: Ullrich Martini Giesecke & Devrient, Alex Rovira Product Manager, Giesecke, Devrient