CSA Summit at RSA Europe 2011

CSA Summit at RSA Europe


Opening Keynote: "The Latest on CSA Guidance V.3"

Paul Simmonds, Board of Management, Jericho Forum

As one of the three global editors on CSA V3.0, Paul will be highlighting the essential differences between V2.1 and v3.0, as well as explain the reasoning behind some of the more fundamental changes and the new guidance being provided. Paul, as the ex-Global CISO of both ICI and AstraZeneca, will be providing a critical appraisal of version 3.0's aim to tie the various CSA activities into one comprehensive C-level best practice.

UK Chapter Research Update: "Trust Within the Information Society"

Amanda Goodger, Director - SME Liaison, UK & Ireland, Cloud Security Alliance

Amanda's keynote will introduce the Information Lodestone, which represents an integrated way of viewing this confusing new information world. She will outline an overall approach to new ways of thinking, new engineering design methods, and the move to a more effective and secure information society hub.

Panel Discussions: “How can Clients Determine if the Cloud is Ready for Prime Time” and “How a Trusted Cloud Environment can Enable Society”

Moderator: Des Ward, President, UK & Ireland Chapter, Cloud Security Alliance
Speakers: Timothy Brown, Chief Architect Security and Distinguished Engineer and SVP, CA Technologies, Amanda Goodger, Director - SME Liaison, UK & Ireland, Cloud Security Alliance Wolfgang Kandek, CTO, Qualys, Travis Spencer, Senior Architect CTO Office, PingIdentity, Rashmi Tarbatt, Chief Security Architect, EMEA, RSA, The Security Division of EMC

This panel session will cover how client organisations can determine if a CSP is safe enough to host their important data. The discussion will cover how frameworks such as the CSA guidance, CSA STAR, CIF Self Certification, CAMM and TPAC will allow better understanding about the level of assurance that can now be shown to prove that the Cloud is ready for business.

The panel will also discuss how greater trust in the information held within Cloud services can enable the interconnected information society as a whole. The discussion will center around advances made by vendors to allay the fears of the public in the safety of Cloud services, especially in the light of recent bad press of Cloud services being used after the London riots.

Closing Keynote: "State of EU-wide Cloud Activities and a Preview of CSA EU Strategy"

Daniele Catteddu, Managing Director Europe and Middle East, Cloud Security Alliance

Based on his previous experience in ENISA and his involvement in expert groups run by the European Commission and the World Economic Forum, Daneile will describe the EU cloud policy landscape and strategy, and the ongoing and planned EU projects. As the newly appointed CSA European Managing Director, he will also provide a preview of the CSA Euro Strategy.


Timothy Brown, Chief Architect Security and Distinguished Engineer and SVP, CA Technologies

Tim Brown is a SVP distinguished engineer and chief security architect for the Security business unit at CA Technologies. He has overall technical direction and oversight responsibilities for the CA security products. With more than 20 years of information security expertise, Brown has been involved in many areas of security including identity and access management, security compliance, threat research, vulnerability management, encryption and managed security services. He has worked with many companies and government agencies to implement sound and practical security policies and solutions. He is an avid inventor with over 20 filed patents, is on the board of the Open Identity Exchange, and has provided expert testimony at a U.S. Congressional hearing entitled “Cyber Security R&D.” He also is a frequent speaker on the evolution of security and cloud computing.

Daniele Catteddu, Managing Director, EMEA, Cloud Security Alliance

Previously, he worked at ENISA, where he was responsible for supporting EU Member States in implementing the security obligations in the new European Framework Directive on Telecommunication. He has also worked within ENISA as a risk management expert, on various activities in the area of the Emerging and Future Risks, and in particular, having a leading role in developing EU cloud security research. Daniele is the author of the study: “Security and Resilience in Governmental Clouds” as well as co-author of the reports: “Cloud Computing: Benefits, risks and recommendations for information security” and “Cloud Computing: Information Assurance Framework”.

Amanda Goodger, Director - SME Liaison, UK & Ireland, Cloud Security Alliance

Amanda Goodger has been a consultant to both the private and public sectors for more than 18 years, working within the field of Information and Communication Technology. Her wide ranging experience includes working with large corporations, SMEs, academia and with government organisations at all levels, from local to national, as well as internationally. Amanda’s work has involved her in issues relating to technology strategy and risk, operational performance and management, cyber security, information security and critical infrastructure protection. Her experience in many economic sectors have all contributed to her motivation to produce the evolutionary Information Lodestone Programme which will be the subject of her keynote speech at the RSA Conference Europe in October 2011.

Wolfgang Kandek, CTO, Qualys

As the CTO for Qualys, Wolfgang is responsible for product direction and all operational aspects of the QualysGuard platform and its infrastructure. Wolfgang has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Wolfgang is a frequent speaker at security events and forums including Black Hat, RSA Conference, InfoSecurity UK and The Open Group. Wolfgang is the main contributor to the Laws of Vulnerabilities blog.

Paul Simmonds, Board of Management, Jericho Forum

Paul is a co-founder and board member of the Jericho Forum. Until recently he was the global CISO of AstraZeneca and prior to that the global CISO of ICI. Paul’s varied career has included Electronic Countermeasures, Theatre & TV Lighting, designing North Sea Oil control systems, network management for JET (Nuclear Fusion Research) and setting up a number of commercial (charitable) radio stations. He’s been awarded “Chief Security Officer of the year” at the SC Magazine Awards and twice listed as one of Network World’s “most powerful people in networking”. In addition to the Jericho Forum, Paul sits on the advisory board of a number of leading-edge computing companies, as well as the Executive Advisory Board of ISSA UK. He also is a British Canoe Union Level 3 Kayak Coach.

Travis Spencer, Senior Architect CTO Office, PingIdentity

Travis Spencer is a Senior Technical Architect reporting to Ping Identity’s CTO. He has over a decade of application development experience which includes the design of large-scale service-oriented and federated systems. His experience federating SaaS offerings with some of the world’s largest financial institutions coupled with his low-level understanding of federation protocols (e.g., SAML, WS-Trust, and WS-Federation) has allowed him to help numerous companies successful begin using cloud computing. His knowledge of OpenID and OAuth also provides him with a unique perspective on the relationship between enterprise- and consumer-grade digital identity management.

Rashmi Tarbatt, Chief Security Architect, EMEA, RSA, The Security Division of EMC

Rashmi is a Chief Security architect at RSA, The Security Division on EMC. In her role Rashmi is responsible for Technology and Compliance Solutions, Thought Leadership and subject matter expert in security technologies, products and the regulatory environment for the EMEA region. More recently Rashmi has been instrumental in leading discussions on the importance of security in the Virtual environment both in private clouds and also the VCE alliance with VMware, Cisco and EMC in the EMEA region. She also acts a Customer Advocate and promotes the voice of the customer within RSA including executive sponsorships on behalf of EMC and RSA. Rashmi has over twenty years experience in data communications, mobile communications and has focussed on Information Security for the last ten years.

Des Ward, President, Cloud Security Alliance, UK & Ireland

"Des Ward is President of the UK & Ireland chapter of the Cloud Security Alliance. His previous experience over the past 17 years within the Information Risk Management industry encompasses compliance programmes for public and private sector organisations relating to the application of legislation and regulation to governance structures; including the IA Maturity Model, Security Policy Framework, Hannigan Review, Data Protection Act 1998, FSA guidelines for business, Payment Card Data Industry Data Security Standard (PCI DSS) and the ISO 27000 series of standards and guidelines.

His engagement as the Head of Framework Development within the Common Assurance Maturity Model programme has led to the creation of the UK & Ireland chapter of the Cloud Security Alliance where he trusts his passion for communicating the benefits of effective Information Risk Management will show in the output from the chapter and subsequent engagement with all stakeholders in the cloud environment in the coming two years term. "


To participate in the CSA Summit at RSA Europe 2011, attendees must register through the RSA Europe Conference website and select CSA Summit during the registration process.

To receive £100 off the price of a delegate pass, please use the discount code: CSAMEM11

To register for a FREE Visitor Pass, you will need to register by 9 October.

Registration Link: http://www.rsaconference.com/2011/europe/registration.htm


The Cloud Security Alliance thanks the following Gold sponsors for their support: