CSA Summit at RSA 2013

CSA Summit 2013

CSA Summit 2013 Presentations

Document Download Video
Opening Remarks
Jim Reavis – Executive Director, Cloud Security Alliance
NA View
Keynote: “National Security and the Cloud”
Mark Weatherford, Deputy Under Secretary for Cybersecurity, Department of Homeland Security
NA View
Keynote: “Why the Cloud Manages Security Better Than You Do”
Dave Asprey, Vice President of Cloud Security, Trend Micro
Download View
Panel: “Mobile Security Insights”
Moderator: Vic Morris - Chief Executive Officer, Vordel
Panelists: Patrick Harding, Chief Technical Officer, Ping Identity; Vizay Kotikalapudi, Group Product Manager, Symantec; David Lingenfelter, Information Security Officer, Fiberlink; Tyler Shields, Senior Security Research, Mobile, Veracode
NA View
CSA Speed Talk: “STAR & CCSK – An Update on Provider and User Certification”
Presenting: Jim Reavis, Executive Director, Cloud Security Alliance
Download View
CSA Speed Talk: “Revolutionary Evolution – The Internet of Things”
Presenting: Jerry L. Archer, Board Member, Cloud Security Alliance
Download View
Panel: “Managing Enterprise Global Security in an era of Hybrid Cloud and Smart Mobile”
Moderator: Jerry L. Archer, Board Member, Cloud Security Alliance
Panelists: Baber Amin, Senior Director, Product Management, CA Technologies; Matt Mosley, Solution Strategist, NetIQ; Derek Tumulak, Vice President of Product Management, Vormetric; Andrew Wild, Chief Security Officer, Qualys, Inc.; Manoj Apte, Vice President of Product Management, Zscaler
NA View
Cloud Security Alliance Industry Leadership Award
Presenting: Jim Reavis, Executive Director, Cloud Security Alliance
NA View
Closing Keynote: “Tech Innovation, Macroeconomics and the Future Security Mandate”
Presenting: James D. Robinson III, Co-Founder & General Partner, RRE Ventures, LLC and Presiding Director. Coca-Cola Company
NA View

CSA Summit at RSA 2013 Working Group Sessions

Document Download Video
Big Data Session Download NA
CCM Session Download View
Mobile Working Group Session Download NA
SecaaS Session Download NA
TCI Session Download NA

CSA Booth Activities

RSA Booth #3020 (Gateway Expo)

Be sure to drop by the CSA booth to learn more about our latest initiatives such as the new Legal Information Center, CCSK version 3, Open Certification Framework and CSA Nexus. The Cloud Security Alliance Nexus combines pragmatic research with direct access to CSA experts to answer your cloud security questions. Come to the CSA booth anytime during RSA to learn more and meet with our expert analysts face to face to ask your questions in person:

Tuesday, from 5-6: Adrian Lane
Wednesday from 12-1: Adrian Lane
Thursday from 11-12: Mike Rothman

Enter for a chance to win a $1,000 Gift Card to Xtreme Adventures!

Pick from over 1,500 adventures across the US in over 50 major metroareas or the UK. Air combat, NASCAR rides, cooking classes, sailing, wine tasting, kayaking… you decide your adventure!

And while CCSK test tokens can’t be compared to the once-in-a-lifetime opportunity of skydiving, you will also be entered for a chance to win 1 of 10 free CCSK Test Tokens.

While at the booth enjoy a chance to win more exciting giveaways from CSA sponsors:

  • $75 Amazon Gift Card Sponsored by Solutionary
  • iPad Mini, 16 GB Wi-fi Sponsored by Box
  • $50 AmEx Gift Card Sponsored by Ping Identity
  • $50 Amazon Gift Card Sponsored by splunk, Inc.
  • $100 Total Wine Gift Card Sponsored by PerspecSys
  • Kindle Fire Sponsored by Whitehat Security
  • iPad Sponsored by Qualys
  • Kindle Fire HD, CA Technologies

Agenda

Monday, February 25th, 2013

The CSA Summit at RSA Conference 2013 is located in Moscone Center North, Hall E, Room 135.

8:00 AM – 9:00 AM

Doors Open/Informative Cloud Security YouTube Videos sponsored by Qualys/CSA Announcements

9:00 AM – 9:30AM

Keynote: “National Security and the Cloud”
Presenting: Mark Weatherford, Deputy Under Secretary for Cybersecurity, Department of Homeland Security

9:30-10:00AM

Keynote: “Why the Cloud Manages Security Better Than You Do”
Dave Asprey, Vice President of Cloud Security, Trend Micro

Trend Micro VP Cloud Security Dave Asprey, coauthor of Cloud Networking Simplified (2013), presents a view of the future of how public and private cloud operators will work with security companies to make more secure clouds. The holistic intelligence that security companies gather from outside the cloud is critical to providing security inside the cloud. Security has become a driver for cloud availability, so great cloud security also demands what cloud providers do best - carrier grade, multitenant, operations and architecture designed from the ground up for resilience, ease of operations, and service provider scale. Security companies owe enterprises and cloud providers highly efficient software that is easy to operate at scale without wasting cloud resources. It is time to rethink how we design and deploy cloud security management consoles. We have reached the point where infrastructure building blocks like DNS, storage, IAM, etc., are pluggable, easy to configure cloud components. When security is no different, cloud providers win, enterprise IT wins, and security companies win.

10:00 AM – 10:50AM

Panel: “Mobile Security Insights”

Moderator: Vic Morris - Chief Executive Officer, Vordel

Panelists:
Patrick Harding, Chief Technical Officer, Ping Identity
Vizay Kotikalapudi Group Product Manager, Symantec
David Lingenfelter, Information Security Officer, Fiberlink
Tyler Shields, Senior Security Research, Mobile, Veracode

Mobile devices are becoming the primary endpoint device and the preferred method to access the cloud. This panel will provide an exclusive focus on the security issues related to game-changing mobile technologies. We will explore the key security problems posed by mobile, including the CSA Mobile Top Threats research. We will also provide a look forward to the security innovations to expect within mobile platforms, the role of security APIs and relevant standards such as SCIM, OAuth, SAML and others.

10:50AM – 11:00AM

Break

11:00 AM – 11:15 AM

CSA Speed Talk: “STAR & CCSK – An Update on Provider and User Certification”
Presenting: Jim Reavis, Executive Director, Cloud Security Alliance

11:15 AM – 11:30 AM

CSA Speed Talk: “Revolutionary Evolution – The Internet of Things”
Presenting: Jerry L. Archer, Board Member, Cloud Security Alliance

11:30 AM – 12:20 PM

Panel: “Managing Enterprise Global Security in an era of Hybrid Cloud and Smart Mobile”

Moderator: Jerry L. Archer, Board Member, Cloud Security Alliance

Panelists:
Baber Amin, Senior Director, Product Management, CA Technologies
Matt Mosley, Solution Strategist, NetIQ
Derek Tumulak, Vice President of Product Management, Vormetric
Andrew Wild, Chief Security Officer, Qualys, Inc.
Manoj Apte, Vice President of Product Management, Zscaler

Enterprises today have mixed environments of public & private clouds, as well as legacy systems. These systems are accessed by both external and internal resources, using managed PC desktops as well as new BYOD smart mobile devices. In this panel, we will discuss key risks of the global enterprise, managing complex international legal issues, achieving compliance and developing security architectures that support agile enterprise needs.

12:20 PM-12:30 PM

Cloud Security Alliance Industry Leadership Award

12:30-1:00 PM

Closing Keynote: “Tech Innovation, Macroeconomics and the Future Security Mandate”
Presenting: James D. Robinson III, Co-Founder & General Partner, RRE Ventures, LLC and Presiding Director. Coca-Cola Company

Former AmEx CEO and Wall Street legend Jim Robinson paints a picture of the future technology innovation, corporate utilization of IT and global economic trends that security professionals will need to contend with.

Speakers

Baber Amin

Baber Amin
Senior Director, Product Management, CA Technologies

Baber Amin – Mr. Amin is a Senior Director of product management at CA Technologies. Previously, Mr. Amin was with Novell Inc. serving as Director of Cloud Security with Novell Identity and Security.

At Novell, Mr. Amin helped position Novell as a thought leader in Identity based services, cloud and enterprise security. His primary role was to lead the overall strategy for Novell Cloud Security and oversee ongoing product direction in the area.

At CA Technologies, Mr. Amin is primarily responsible for CA Advanced Risk Based and Multifactor Authentication offering and CA IAM product and service strategy in the cloud, including it's next generation cloud security service offerings.

Mr. Amin is an author on several patents in software security, web caching and content distribution.

Dr. Manoj Apte

Dr. Manoj Apte
Vice President of Product Management. Zscaler, Inc.

Manoj Apte brings a strong track record in network security products. He has over a decade of experience creating architectures for high performance networking and security. Prior to Zscaler, Manoj was a senior product manager for High End Security Systems at Juniper Networks. As product manager of the IPS product line, Manoj created and launched Juniper's 10G IPS (Intrusion Prevention System) appliance that has re-established Juniper as a serious contender for the top spot in the IPS market place. Manoj has been responsible for Juniper's standalone and integrated firewall IPS product lines. Through his 8 years at Juniper Manoj led teams involved in platform drivers, monitoring, lawful interception, firewalls, and intrusion prevention. Prior to Juniper, Manoj was at Pacific Broadband Communications as the lead developer for platform software. He is on the advisory board for the I3P survival and recovery program and a member of the ISA SP99 committee on Industrial Automation and Control System Security. Manoj has 6 patents pending; he holds a Ph.D. in real-time embedded systems from Mississippi State University and a Bachelor’s degree in Aerospace Technology from IIT Bombay.

Jerry L. Archer

Jerry L. Archer
Board Member, Cloud Security Alliance

Jerry Archer is an EVP and Chief Security Officer for Sallie Mae. Archer’s responsibilities include securing and protecting all of Sallie Mae’s systems and offerings, and for security initiatives across the company. Prior to Sallie Mae, Archer was the CISO at Intuit and prior to joining Intuit, Archer was managing director at Global Competitive Strategies. Previously, Archer was SVP for Global Interoperability at Visa International and before Visa, at the Fidelity Brokerage; he was SVP of information security and technical risk. For his work in the U.S. Intelligence Community Archer earned the National Performance Review Hammer Award, a Distinguished Service Award from the CIA and a Meritorious Unit Citation from the National Security Agency.

Dave Asprey

Dave Asprey
Vice President of Cloud Security, Trend Micro

As Vice President of Cloud Security, Dave Asprey is responsible for thought leadership and technology evangelism for Trend Micro’s cloud computing and virtualization businesses. Dave created and launched two early cloud computing service offerings, and his writing on the cloud has been published by the New York Times, GigaOm, Fortune, PWC, and CNNmoney. He co-chairs the Cloud Security Alliance Virtualization Working Group and is co-author of Cloud Networking Simplified (Pearson, Aug 2013). He is a sought-after speaker and panel moderator who has presented at more than 100 cloud, virtualization, and security conferences globally.

Patrick Harding

Patrick Harding
Chief Technical Officer, Ping Identity

Patrick Harding is the CTO of Ping Identity, responsible for Ping Identity Labs, emerging technologies, architecture and standards, and developing Ping's technology strategy. Previously, Harding was a VP and the Security Architect at Fidelity Investments. Mr. Harding has a Bachelor of Science Degree in Computer Science from the University of New South Wales in Sydney, Australia.

Vizay Kotikalapudi

Vizay Kotikalapudi
Group Product Manager, Symantec

Vizay Kotikalapudi is a Group Product Manager at Symantec, where he is actively involved in developing Enterprise Mobility products. Vizay has over 10 years of experience in mobile security and management space, and has helped organizations adopt secure mobility. He holds a M.S. in Telecommunications Management from OSU.

David  Lingenfelter

David Lingenfelter
Information Security Officer, Fiberlink

David is a seasoned security professional with experience in risk management, information security, compliance, and policy development. As Information Security Officer of Fiberlink, David has managed projects for SAS70 Type 2 and SOC2 Type 2 certifications, as well as led the company through audits to become the first Mobile Device Management vendor with the FISMA authorization from GSA. Through working with Fiberlink’s varied customer-base, David has ensured the MaaS360 cloud architecture meets requirements for HIPPA, PCI, SOX, and NIST. He has been an instrumental part in designing Fiberlink’s cloud model, and is an active member of the CSA, as well as the NIST Cloud working groups.

Vic Morris

Vic Morris
Chief Executive Officer, Vordel

Vic has steered the growth of Vordel to become a world leader in Enterprise API Management and Cloud security. He oversaw the recent sale of the company to Axway (NYSE Euronext: AXW.PA). He started his career as a software engineer, but went on to various senior managerial roles, including Senior Vice President International Operations for Cullinet Software, Vice President and General Manager European Operations for Powersoft, Vice President European Marketing for Sybase, and Vice President Marketing for NetDynamics Inc. Vic holds a degree in Physics from the University of Bristol, and has completed the Advanced Management Program at Harvard Business School.

Matt Mosley

Matt Mosley
Solution Strategist, NetIQ

Matt Mosley is a Solution Strategist at NetIQ, with responsibility for cloud and service provider solutions. Matt brings over 20 years of experience in engineering, consulting, product management and executive leadership to NetIQ, where he previously held the role of Senior Product Manager for Security Products. Prior to roles at NetIQ, Matt led product management and marketing for IT GRC vendor Brabeion Software. Matt is a frequent speaker at security conferences and holds the CISSP, CISM, and CISA designations.

Jim Reavis
Executive Director, Cloud Security Alliance

Jim Reavis is the Executive Director of the CSA, and was recently named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com. Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, large enterprises and other organizations on the implications of new trends and how to take advantage of them. Jim has previously been an international board member of the ISSA and formerly served as the association’s Executive Director. Jim was a co-founder of the Alliance for Enterprise Security Risk Management, a partnership between the ISSA, ISACA and ASIS, formed to address the enterprise risk issues associated with the convergence of logical and traditional security. Jim currently serves in an advisory capacity for many of the industry’s most successful companies.

James D. Robinson III

James D. Robinson III
Co-Founder & General Partner, RRE Ventures, LLC and Presiding Director. Coca-Cola Company

Mr. Robinson is a Co-Founder and General Partner of RRE Ventures, LLC, a private information technology venture investment firm. He also serves as President, J. D. Robinson, Inc. Mr. Robinson is Presiding Director of the Coca-Cola Company. He serves on the boards of PrimeRevenue, On Deck Capital and K2 Intelligence, all private companies.

Mr. Robinson served as Chairman and Chief Executive Officer of American Express Company from 1977 to 1993. Mr. Robinson held several executive positions within the Company. Prior to American Express he was a General Partner with White Weld & Co., and Assistant to the Chairman and President of Morgan Guaranty Trust Company.

He was a Director and Chairman of the Executive Committee of First Data Corporation until FDC was taken private by KKR in 2007. Mr. Robinson was Non Executive Chairman of Bristol-Myers Squibb from 2005 to 2008 and is a former director. A former director and Advisor of Novell, Mr. Robinson is now an Advisor to Mother Nature Network and Prolifiq Software as well as a Senior Advisor to Jefferies & Company.

Mr. Robinson is an Honorary Trustee of the Brookings Institution, a member Council on Foreign Relations and the Business Council. He is Honorary Chairman of Memorial Sloan-Kettering Cancer Center. Mr. Robinson is Chairman Emeritus of the Partnership of New York City and the World Travel and Tourism Council. He served as Co-Chairman of the Business Roundtable and as Chairman of the Advisory Committee on Trade Policy and Negotiations.

Tyler Shields

Tyler Shields
Senior Security Research, Mobile, Veracode

Tyler Shields is a Product Manager and Security Researcher whose responsibilities include understanding and examining interesting and relevant security and attack methods for integration into the Veracode product offerings. Tyler is responsible for product management and strategy for mobile security related technologies at Veracode. In the past, Tyler has worked as a consultant for both @Stake and Symantec, delivering security assessments to fortune 500 companies, major financial institutions, institutions of higher education, and the highest levels of the U.S. government. Tyler has presented at major security conferences internationally including Blackhat, H.O.P.E , Shmoocon, BRUCon, and SOURCE and released numerous security advisories. He also frequently contributes to major media outlets on security relevant topics. Tyler has his MSCS from James Madison University and his MBA from Kenan-Flagler Business school at the University of North Carolina.

Derek Tumulak

Derek Tumulak
Vice President of Product Management, Vormetric

Derek Tumulak brings more than 15 years of product management and engineering experience in the information security industry to the Vormetric team. Prior to Vormetric, he served as Vice President of Product Management for Enterprise Data Protection at SafeNet where he led product direction and strategy.

Mark Weatherford

Mark Weatherford
Deputy Under Secretary for Cybersecurity, Department of Homeland Security

Mark Weatherford is the newly appointed Deputy Under Secretary for Cybersecurity for the National Protection and Programs Directorate (NPPD), a position that will allow DHS NPPD to create a safe, secure and resilient cyberspace. Mr. Weatherford has a wealth of experience in information technology and cybersecurity at the Federal, state and private sector levels.

Mr. Weatherford was previously the Vice President and Chief Security Officer of the North American Electric Reliability Corporation (NERC) where he directed the cybersecurity and critical infrastructure protection program.

Before NERC, Mr. Weatherford was with the State of California where he was appointed by Governor Arnold Schwarzenegger as the state’s first Chief Information Security Officer. Prior to California, he served as the first Chief Information Security Officer for the State of Colorado, where he was appointed by two successive governors. Previously, as a member of the Raytheon company, he successfully built and directed the Navy/Marine Corps Intranet Security Operations Center (SOC) in San Diego, California, and also was part of a team conducting security certification and accreditation with the U.S. Missile Defense Agency. A former U.S. Navy Cryptologic Officer, Weatherford led the U.S. Navy’s Computer Network Defense operations and the Naval Computer Incident Response Team (NAVCIRT).

Mark Weatherford earned a bachelor’s degree from the University of Arizona and a master’s degree from the Naval Postgraduate School. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) certifications. He was an Information Security magazine “Security 7 Award” winner in 2008 and was awarded SC Magazine’s prestigious “CSO of the Year” award for 2010.

Andrew Wild

Andrew Wild
Chief Security Officer, Qualys, Inc.

With 20+ years of experience leading teams to design, implement and operate secure networks and computer systems, Andrew oversees the security, risk management and compliance of Qualys' enterprise and SaaS environments. Prior to Qualys, he managed the team responsible for the design, implementation and operation of security solutions for EMC's SaaS offerings. Previously, he was the Chief Security Officer at Transaction Network Services. He has also held leadership roles with large service providers including BT and Sprint. Andrew has a master's degree in electrical engineering from George Washington University and a bachelor's degree from the United States Military Academy.

Summit Sponsors

Platinum Sponsor

Gold Sponsors

Silver Sponsors

Bronze Sponsors