6th annual Cloud Slam 2014 Cloud Computing Conference, San Francisco CA, June 4, 2014. Cloud Computing Events 2014 - Assessment http://cloudslam.org/tags/assessment en Fast Tracking Your Cloud Risk Strategy http://cloudslam.org/cloudcomputingconference/fast-tracking-your-cloud-risk-strategy <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Will your Cloud fail the next audit? Do you have a handle on your risk strategy for the Cloud? Is this level of maturity only suited for Enterprises with large budgets? Can smaller organizations effectively manage risk as they consume Cloud services? They can!<br /> Asset Classification, Questionnaires, and Risk Assessment; these tools are essential to manage Cloud Computing related risk. This session will outline how to build a scalable Cloud risk strategy based on ISO 27001, CSA Guidance and 3rd party attestations. This talk will set the tone and enable delegates to come home and fast track a Cloud Risk Strategy in their environment. </p> <p>Cloud Security is only valuable if you have a robust process to identify risk. Managing risk for consuming Cloud is often overlooked. Many organizations feel that only the largest Enterprises can afford to understand and assess the potential or future risks. Instead of security, they focus on the perceived outcome of utilizing the Cloud, the supposed silver lining and use cases. </p> <p>In this session, we will describe how to fast track a Cloud Risk Strategy. We will discuss how MARS built an effective toolkit based on trusted industry tools: ISO 27001, Cloud Security Alliance Guidance, and 3rd party attestations.</p> <p>We will bring to true-to-life examples and case studies how this was done at a $34B enterprise and can scale to your environment. We will explain how CSA and ISO 27001 set the tone for our Cloud risk assessment strategy. We will rationalize how these were complemented by external attestations such as SOC1/2/3, penetration, vulnerability tests. We will expand on area of concerns for organizations of all sizes: SMB to Enterprise.</p> <p>We will discuss how one gets started by providing a checklist driven roadmap to fast-track a Cloud risk strategy. We will start with identifying assets and their overall value to your organization. We will jump into the deep-end on asset classification and explore the particular importance of understanding implementation models and mapping out your data-flow. We will identify how this feeds into a holistic questionnaire that will poke holes through vendor Cloud Security practices. We will educate our delegates on how to ask vendors difficult questions and elicit responses from vendors who don&#039;t want to divulge information.</p> <p>We will illustrate how to paint risk to the c-suite in an effective and compelling format. We will highlight practical recommendations for contractual negotiations, privacy, liability, exit-clauses and overall governance strategies to keep the sun shining through our Clouds. </p> <p>In summary, building a Cloud risk strategy isn’t just suited for the largest Enterprises. By leveraging a pragmatic and scalable framework built on industry standards, we have defined best practices and lessons learned that organizations can leverage to effectively manage risk in their Cloud journey.</p> </div></div></div><div class="field field-name-field-keywords field-type-taxonomy-term-reference field-label-above"><div class="field-label">Keywords:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/taxonomy/term/4" typeof="skos:Concept" property="rdfs:label skos:prefLabel">cloud</a></div><div class="field-item odd"><a href="/taxonomy/term/109" typeof="skos:Concept" property="rdfs:label skos:prefLabel">security</a></div><div class="field-item even"><a href="/taxonomy/term/432" typeof="skos:Concept" property="rdfs:label skos:prefLabel">Risk</a></div><div class="field-item odd"><a href="/taxonomy/term/119" typeof="skos:Concept" property="rdfs:label skos:prefLabel">Strategy</a></div><div class="field-item even"><a href="/taxonomy/term/229" typeof="skos:Concept" property="rdfs:label skos:prefLabel">Compliance</a></div><div class="field-item odd"><a href="/tags/assessment" typeof="skos:Concept" property="rdfs:label skos:prefLabel">Assessment</a></div><div class="field-item even"><a href="/taxonomy/term/150" typeof="skos:Concept" property="rdfs:label skos:prefLabel">Governance</a></div></div></div><div class="field field-name-field-spfname field-type-text field-label-above"><div class="field-label">Speaker First Name:&nbsp;</div><div class="field-items"><div class="field-item even">Nikita</div></div></div><div class="field field-name-field-splname field-type-text field-label-above"><div class="field-label">Speaker Last Name:&nbsp;</div><div class="field-items"><div class="field-item even">Reva</div></div></div><div class="field field-name-field-jobtitle field-type-text field-label-above"><div class="field-label">Speaker Job Title:&nbsp;</div><div class="field-items"><div class="field-item even">Senior Engineer, Global Information Security Engineering</div></div></div><div class="field field-name-field-company field-type-text field-label-above"><div class="field-label">Speaker&#039;s Company Name/Affiliation:&nbsp;</div><div class="field-items"><div class="field-item even">MARS Inc.</div></div></div><div class="field field-name-field-bio field-type-text-long field-label-above"><div class="field-label">Speaker Bio:&nbsp;</div><div class="field-items"><div class="field-item even">Nikita Reva brings over 8 years of experience in Network and Information Security. Currently he works for MARS Inc., a Consumer Packed Goods leader with a portfolio of Global Billion dollar brands like Snickers, M&amp;Ms, Pedigree Pet Food and Wrigley Gum. In his current role as Senior Engineer, Global Information Security Engineering, Nikita manages Global Information Security projects involving engineering technical security solutions to manage risk. Prior to MARS, Nikita focused on Auditing Information Security for Credit Unions and Banks. Nikita holds a Masters in Information Security from DePaul University and leading security certifications. Nikita is also an active board member of Cloud Security Alliance Chicago, ISACA Chicago and co-founded a monthly forum for Chicago’s Security professionals. Nikita has spoken at security conferences around the world.</div></div></div><div class="field field-name-field-company-logo field-type-image field-label-above"><div class="field-label">Speaker&#039;s Company Logo:&nbsp;</div><div class="field-items"><div class="field-item even"><img typeof="foaf:Image" src="http://cloudslam.org/sites/default/files/styles/round_70/public/MARS%20.jpg?itok=Qff9oKKe" width="72" height="72" alt="" /></div></div></div><div class="field field-name-field-headshot field-type-image field-label-above"><div class="field-label">Speaker&#039;s Headshot Photo:&nbsp;</div><div class="field-items"><div class="field-item even"><img typeof="foaf:Image" src="http://cloudslam.org/sites/default/files/styles/round_180/public/nikita_sq.per_.jpg?itok=Y4GtKjcl" width="172" height="172" alt="" /></div></div></div><div class="field field-name-field-postal field-type-text-long field-label-above"><div class="field-label">Speaker&#039;s Postal Address:&nbsp;</div><div class="field-items"><div class="field-item even">5445 North Sheridan Chicago, IL 60640</div></div></div><div class="field field-name-field-room field-type-list-text field-label-hidden"><div class="field-items"><div class="field-item even">Nevada Room</div></div></div><div class="field field-name-field-timeslot field-type-datetime field-label-hidden"><div class="field-items"><div class="field-item even"><span class="date-display-single" property="dc:date" datatype="xsd:dateTime" content="2013-06-18T15:05:00-07:00">Tuesday, June 18, 2013 - 15:05</span></div></div></div> Tue, 02 Apr 2013 21:38:40 +0000 revan 426 at http://cloudslam.org