SecureCloud 2012
Keynote Speakers
Robert Bohn
Reference Architecture Lead for the NIST Cloud Computing Program - Applied and Computational Sciences Division in NIST/ITL
Robert Bohn, of the Applied and Computational Sciences Division in NIST/ITL, serves as the Reference Architecture Lead for the NIST Cloud Computing Program. In this role, he works with industrial, academic and other government stakeholders to develop a high-level vendor neutral reference architecture and taxonomy under the NIST Strategy for Developing a US Government Cloud Computing Technology Roadmap. This architecture will be used as a frame of reference to facilitate communication, illustrate and understand how clouds services and components fit together.
Bob was a member of the National Coordination Office of the Networking and Information Technology Research and Development (NITRD) and served as the program as the Technical Coordinator for the High End Computing Interagency Working Group (HEC-IWG) and Human-Computer Interaction and Information Management Coordinating Group (HCI&IM CG) and composed entries in the President’s Annual NITRD Budget Supplements.
He was a recipient of a National Science Foundation fellowship at NASA Ames Research Center in Moffett Field, CA, received Ph.D. and Master of Science degrees in Physical Chemistry from the University of Virginia, a Master’s Certificate in Project Management from George Washington University School of Business and Public Management, and a Bachelor of Science degree in Chemistry from the University of Illinois.
Dr. Carl-Christian Buhr
European Commission, Cabinet Member of Vice-President Neelie Kroes
An economist and computer scientist, Dr. Buhr is a member of the cabinet of Digital Agenda Commissioner and EU Commission Vice-President Neelie Kroes. Among others, he advises her on the developing European Cloud Computing Strategy, Data protection, Standardisation and interoperability policies as well as ICT research policy. He previously dealt with antitrust and merger control investigations by the Commission, such as the Microsoft antitrust case and the Oracle/Sun Microsystems merger.
Billy Hawkes
Irish Data Protection Commissioner
Billy Hawkes was appointed as Irish Data Protection Commissioner in 2005 for a five-year term. He was re-appointed in 2010 for a further 5 years.
Prior to his appointment, he worked as a Civil Servant in a number of Government Departments, including Finance, Foreign Affairs and Enterprise, Trade and Employment.
Eran Feigenbaum
Director of Security, Google Apps, Google
As the Director of Security for Google Enterprise, Eran defines and implements security strategy for Google's suite of solutions of Enterprise Products.
Prior to joining Google in 2007, Eran was the US Chief Information Security Officer for PricewaterhouseCoopers(PwC). At PwC, he led a team responsible for all aspects of network, server, application, and desktop computer security, as well as security policies, architectures, standards and enforcement. Earlier, Eran spent several years designing and implementing high-performance cryptosystems for electronic commerce solutions for Fortune 1000 clients and government agencies.
Eran holds a bachelor's degree in electrical and computer engineering from the University of California at Irvine, and an MBA from Pepperdine University. In his spare time, he enjoys performing magic and mentalism and was featured on the NBC television show Phenomenon
Nils Puhlmann
Co-founder of CSA | Chief Security Officer, Zynga’s Security Department
As Chief Security Officer, Nils Puhlmann leads Zynga’s converged security department, managing all security risks for the company and chairing the Security Risk Committee. Before joining Zynga, Puhlmann served as Chief Security Officer of Qualys. Puhlmann has held information security positions at Electronic Arts, Robert Half International, Mindjet Corp, and Adobe Systems. He also held senior positions at Nortel Networks and START Amadeus, and was an independent security consultant with clients such as the State of California. He maintains numerous security certifications, including CISSP-ISSMP and CISM. He has held several Board of Directors positions (ISACA Silicon Valley, OVAL), is a current Director on the International Board of Directors of ISSA, is a member of the CSO Interchange, the CISO Executive Council and a subject matter expert for ISACA and ISC2. He was also a member of the Advisory Council for the CISO Forum of ISSA.
Speakers
Dave Asprey
Vice President of Cloud Security at Trend Micro
Dave Asprey brings more than 15 years experience to his position of Vice President of Cloud Security at Trend Micro. In this role, Mr. Asprey helps to shape the company’s cloud strategy, focusing specifically on expanding a Cloud Security Alliance partner ecosystem; participating in cloud security organizations; and cultivating Trend Micro partnerships with cloud security vendors.
Prior to joining Trend Micro, Mr. Asprey was an Entrepreneur in Residence at Trinity Ventures, focused on early stage investment opportunities with companies in the cloud and virtualization markets. Previously, he served as Vice President of Technology and Business and Corporate Development at Blue Coat Systems. He also served as Vice President of Marketing and Technology Strategy at UK-based virtual appliance company Zeus Technology. Other professional roles have included Director of Product Management for Acceleration and WAN Optimization NetScaler and, when that company was acquired by Citrix, responsibility for strategic planning for Citrix’s virtualization business unit, reporting directly to the CTO. He was also held senior management positions at Speedera Networks (now Akamai); Exodus Communications (now Savvis); and the University of California at Santa Cruz.
Dave Asprey holds degrees in computer science from the University of California, Santa Barbara and holds a master of business administration degree from the University of Pennsylvania’s Wharton School of Business.
-->
Paolo Balboni
Director of European Privacy Association and Founding Partner at ICT Legal Consulting
Director of European Privacy Association, Cloud Computing Sector Director and responsible for Foreign Affairs of Italian Institute for Privacy, Lawyer admitted at the Bar in Milan specialised in ICT, new technologies law and personal data protection, Paolo Balboni is partner at ICT Legal Consulting. He provides legal advice to multinational companies, especially concerning personal data protection, e-contracts, e-commerce, e-marketing, advertising, cloud computing, Web 2.0 service providers’ liability, Internet content providers’ liability, e-signatures, digital retention of documents and intellectual property rights. He also advises celebrities on privacy and copyright matters.
He has considerable experience in the following areas: IT, media & entertainment, e-Health, fashion and banking. He is the author of the book ‘Trustmarks in E-commerce’, Paolo Balboni is a Research Associate for Tilburg University (The Netherlands), where he lectures at the master course “Liability of Web 2.0 Service Providers”. As a legal counsel chosen for projects of European Network and Information Security Agency (ENISA) on ‘Cloud Computing Risk Assessment’, ‘Security and Resilience in Governmental Clouds’, 'Procure Secure' and ‘Common Assurance Maturity Model – Beyond the Cloud (CAMM)’, Paolo Balboni is often involved in European Commission studies on new technologies and data protection, and also participates on several speaking engagements at international conferences on these matters.
He obtained his Law degree with distinction from the University of Bologna in 2002, Ph.D. from Tilburg University (the Netherlands) in 2008 by defending a thesis on Comparative ICT Law titled: Trustmarks: Third-Party Liability of Trustmarks Organisations in Europe. He speaks fluent Italian, English and Dutch and has a good knowledge of German, French and Spanish.
Anirban Basu
Tokai University
Dr. Anirban Basu is a Post-doctoral Researcher at Kikuchi lab at Tokai University working on a Japanese Ministry of Internal Affairs and Communications funded project in collaboration with Waseda University, Hitachi, NEC and KDDI; and also a Visiting Research Fellow at the University of Sussex. He holds a Ph.D. in Computer Science and a Bachelor of Engineering (Hons.) in Computer Systems Engineering from the University of Sussex. His research interests are in computational trust management, privacy and security and peer-to-peer networks. He is particularly active within the IFIPTM computational trust management community. He has several years of experience with academic research at the University of Sussex as a Visiting Research Fellow and as part of two EPSRC funded and one EU IST FP5 funded research projects. He can be reached at [email protected].
Arnd Böken
Partner, Graf von Westphalen, Berlin, Germany
Arnd Böken, lawyer and notary, is a partner with the Graf von Westphalen law firm in Berlin. Practicing in IT law since 1993 and in information privacy law since 2002, Arnd advises IT companies and customers on Cloud- and SaaS-Agreements, data protection and IT compliance. He is frequently published, most recently including "Cloud computing in the banking sector", "Patriot Act and cloud computing" (iX Magazin, issue 1/2012), and "Developing and successfully implementing cloud strategies - ways into the cloud" (iX-Magazin, issue 4/2011).
Dominik Birk
Security Researcher, Horst Goertz Institute for IT Security
Dominik Birk is working as a security consultant for a global acting financial services group in Zurich, Switzerland. Besides his professional employment, Dominik is a Ph.D. student in the field of Cloud Computing Security & Forensics. He holds a M.Sc. degree in IT Security from the Ruhr-University Bochum, Germany. Until 2011, he also worked as a research assistant at the Horst Goertz Institute for IT Security (HGI), provided web security training and worked as a freelancing security consultant.
Sven Bugiel
Sven Bugiel is a predoctoral researcher at the System Security Lab at Technische Universität Darmstadt / Center for Advanced Security Research Darmstadt. His research focus is on trusted computing, mobile (operating system) security, Cloud computing security, and the interconnection of the same. He holds two Master of Science degrees in Security and Mobile Computing from Royal Institute of Technology Stockholm and Technical University of Denmark respectively.
Nadeem Bukhari
VP PRoduct Strategy, Kinamik Data Integrity
Nadeem has more than 14 years of exclusive Information Security experience within leading management consulting organizations and tier 1 financial services firms providing information security risk management consultancy and implementations of ISO27001 certifications.
He has spoken at many leading conferences, contributed to books, whitepapers, and standards with specialist focus on integrity of electronically stored information. Nadeem is a graduate in Information Security from the University of Westminster, an ISC2 Certified Information Systems Security Professional and an ISACA Certified Information Security Manager.
Ilias Chantzos
Senior Director, Symantec Government Affairs – EMEA and APJ
Ilias Chantzos is Senior Director of Symantec’s Government Affairs programmes for Europe, Middle East & Africa as well as the Asia Pacific and Japan regions. He is based in Brussels. Chantzos represents Symantec before government bodies, national authorities and international organisations advising on public policy issues with particular regard to IT security and data risk management and availability.
Prior to joining Symantec in 2004, Chantzos worked as legal and policy officer in the Directorate General Information Society of the European Commission focusing on information security policy. He covered the council of Europe Cybercrime Convention and the Framework Decision on Attacks against Information Systems. In addition, he managed a number of EU legislative initiatives relevant to information society and security, including directives on Privacy on Electronic Communications, the Data Retention Directive and the European Network and Information Security Agency (ENISA). He also represented the European Commission in various international debates and conferences.
Chantzos holds a law degree from the University of Thessaloniki and a Masters degree in Computers and Communication Law from the University of London and is a member of the Athens Bar. He serves as Vice-President of the Executive Board of TechAmerica Europe and appointed member of the Permanent Stakeholders Group of ENISA for a second consecutive term. Chantzos chaired for two consecutive terms the European policy council of the Business Software Alliance. He speaks Greek, English, Dutch and German and is a member of the Oostakker Kickboxing Club and the Greek Circle, a thought leadership club in Brussels.
Nick Coleman
Global Cloud Security Leader for IBM within the services organisation
Nick Coleman is the Global Cloud Security Leader for IBM within the services organisation. He is responsible for leading in IBM in securing cloud computing worldwide. Prior to this he was the UK Government Reviewer of Security and authored the "Coleman Report' published in 2008 by the Cabinet Office. He is an appointed advisor to the EU Network and Information Security Agency (ENISA) serving on the Permanent Stakeholders Group. He is a fellow of the Institution of Engineering and Technology(IET) and a Fellow of the British Computer Society (BCS). He holds an MBA with distinction from Manchester Business School.
Andy Dancer
Chief Technology Officer for EMEA at Trend Micro
Andy Dancer is Chief Technology Officer for EMEA at Trend Micro, a global leader in Internet content security. Andy joined TrendMicro through its acquisition of Identum, where he served as CEO, CTO and Board Director, responsible for developing the company's pairing based cryptographic technology, as well as its desktop and gateway email encryption products. On joining TrendMicro Andy worked initially to integrate the Identum technologies and then to concept and develop Trend Micro’s flagship cloud encryption solution - "SecureCloud". As EMEA CTO Andy splits his time between Customers, Partners and Media work. Earlier in his career, Andy worked with British Gas plc, WH Smith plc, before founding and successfully exiting a series of technology companies. He holds a degree in Applied Mathematics and Business Studies.
Alice Decker
Core Technology Product Manager, Trend Micro
Alice Decker coordinates correlation research for Trend Micro's cloud-based IP, URL, and file reputation services. Alice graduated from University of Al. I. Cuza in Rumania with degree in physical chemistry. She exchanged the physics with computer science after she relocated to Germany. As MCSD (Microsoft Certificated Solution Developer) certificated she worked as software developer. She developed in C++ and other object oriented languages for insurance and logistic software providers. Alice joined Trend Micro in 2001 as Virus Analyst working in second level of antivirus support. During this time she extended her domain of activity to application of computer forensics, malware behavior research and co-relation of core technologies in developing of customized security solutions. Since 2007 Alice has been a senior researcher and analyst with Trend Micro's cloud-based Smart Protection Network. www.trendmicro.com/us/technology-innovation/cloud/
Russell Dietz
Vice President & Chief Technology Officer Corporate Vice President & Chief Technology Officer, SafeNet
Russell Dietz joined SafeNet in February 2009 as Corporate Vice President and Chief Technology Officer (CTO). In this role, Mr. Dietz, leads the strategic positioning and migration of new technologies into SafeNet’s highly successful solutions portfolio.
Mr. Dietz brings more than 27 years of industry experience. He has held the CTO position for multiple high-tech companies, including Hifn, Inc., where he led company efforts in defining the next generation of security, service, and network processing solutions, and Apptitude, where he drove the vision, strategy, and architecture of the application and flow classification solutions, MeterFlow and MeterWorks.
Mr. Dietz was the founder and Vice President of Engineering for Technically Elite, and previously held various management and technical spots at Magnavox Electronic Systems and Digital Equipment Corporation, and was a technical author for Digital News and Review technical journal.
Mr. Dietz is an active member of the Network Processing Forum (former chairperson), Internet Engineering Task Force (IETF), Institute of Electrical and Electronics Engineers (IEEE), Optical Internetworking Forum (OIF), and the Cloud Computing Interoperability Forum (CCIF). He has been awarded more than 20 patents in network and traffic behavior and analysis in the United States, European Union, Japan and China.
Dr. Fadi El-Moussa
Senior Security Researcher, BT
Dr Fadi El-Moussa is Senior Security Researcher at BT Innovate and Design, the R&D part of BT where he looks at fundamental security challenges facing enterprise level infrastructures, including, but not limited to Malware detection and prevention and protection of critical networks and systems against cyberattacks.
He is the subject matter expert on emerging threats targeting applications and systems on virtual and cloud environments, including vulnerability analysis, advanced anti-evasion techniques, host intrusion prevention and detection, and malware propagation containment. Fadi works together with security and cloud vendors, platform and product architects, in order to deliver innovative solutions that improve the protection of hosted applications in BT’s or partner virtual data centres and cloud infrastructures and networks and to validate these solutions with early adopters.
He has been the technical lead in several BT innovation projects and BT partner collaborations in these areas, he has been contributing to corporate policy standards, and he has been offering technical consultancy to BT and BT’s partners.
He has an MSc and a PhD from the University of Salford (UK) in Data Telecommunications and Networks. His PhD was in new methods for detecting and mitigating Malware and DDoS attacks. He also has a BSc in Computer Engineering from AL-Ahliyya Amman University, Jordan.
Dr. Thomas Endres
EuroCIO, former CIO Lufthansa
Thomas Endres was until recently the Chief Information Officer at Lufthansa - in this position he was responsible for the strategic IT alignment and corporate services for Lufthansa and the Lufthansa group airlines. Endres graduated in Materials Science and Ceramic Engineering at the University of Erlangen-Nuremberg and at Alfred University, New York. His PhD research involved laser and surface technology.
Before joining Lufthansa, Thomas Endres worked for BMW's central Materials Division, he was a management trainee at Audi, and he worked as Manager Human Resources and Programme Process Development at Eurofighter in Munich.
Dr. Niels Fallenbeck
Fraunhofer AISEC
Niels holds a Ph.D. from the University of Marburg, Germany, and has been working for several years in the area of distributed systems and cloud computing. During his Ph.D. he has been working in numerous nationally and internationally funded Grid- and cloud computing projects in different industrial key sectors such as the automotive and financial services industry.
After working for Ernst & Young in the IT risk and assurance line, he joined Fraunhofer AISEC in 2011. He is head of the Cloud Security Lab where he coordinates several research activities in the field of SOA and cloud computing. Moreover, he is head of the Cloud Computing Competence Center for Security (c4s). Niels is co-founder and board member of the Cloud Security Alliance (CSA) German Chapter. He is also a member of ACM and GI (Germany).
http://www.cloud-competence-center.de
Dr. Jesus Luna Garcia
Senior Researcher, Technical University of Darmstadt
Dr. Jesús Luna received his Bachelor’s degree in Telecommunications Engineering from the "Instituto Politécnico Nacional" (IPN, Mexico 1995), a Master’s degree in Computer Science from the "Tecnológico de Monterrey" (ITESM CEM, Mexico 2002) and a PhD in Computer Architecture from the "Universidad Politécnica de Cataluña" (UPC, Spain 2008).
He was a postdoctoral researcher with the CoreGRID Network of Excellence (Greece/Cyprus, 2008-2009) and has more than 15 years of experience in the field of computer security, working with public and private companies and universities in Mexico and southern Europe including "Banco de México", "Universidad Tecnológica de Mexico", "SeMarket" and "Barcelona Digital CT". Since 2009 is an active member of the "Cloud Security Alliance" (CSA) and in 2010 co-founded its Spanish Chapter (CSA-ES). Currently he is In charge of DEEDS' security research group (chaired by Prof. Neeraj Suri at TU Darmstadt) with special focus on security metrics, Cloud computing, P2P and WSN. The goal of his research is to create a metrics framework to improve the security and dependability in IT ecosystems. He is also a researcher with EU FP7 funded ABC4Trust project, performing tasks related with the use of attribute based credentials to preserve user's privacy while improving overall authentication and authorization.
Teaching activities include co-advising PhD, MSc and research seminar students in the area of VANET's security, WSN's privacy and Cloud security metrics. Dr. Luna is also in charge of TU Darmstadt's research seminar “Security Metrics in Cloud Computing” (since April-2011).
Jorge Gasós
Head of Sector for Trust and Security in the European Commission’s Information Society and Media Directorate-General
Jorge Gasós is head of sector for Trust and Security in the European Commission’s Information Society and Media Directorate-General. He held previous positions in the areas of Software / Cloud Computing, Grid Technologies and eBusiness of the IST research programme. Before joining the European Commission, Jorge Gasós held research positions in Spain, Japan and Belgium, mainly in the areas of artificial intelligence and robotics. He holds a PhD in Computer Science from the Polytechnic University of Madrid (Spain).
Matthew Goodrich
Program Manager for the Federal Risk and Authorization Management Program (FedRAMP) at the US General Services Administration (GSA)
Mr. Goodrich is the program manager for the Federal Risk and Authorization Management Program (FedRAMP) at the US General Services Administration (GSA).
Mr. Goodrich began his career in the US Government as a Presidential Management Fellow (PMF). Mr. Goodrich currently works on the Federal Cloud Computing Initiative at GSA. He has served as project manager for Apps.gov, helped in the creation of multiple cloud procurements, and led the development the Federal Risk and Authorization Management Program (FedRAMP). Additionally, Mr. Goodrich also worked under the US Federal CIO in the e-Government office in the Office of Management and Budget (OMB) in the Executive Office of the President of the United States. During his tenure at OMB, Mr. Goodrich focused his efforts on government-wide cloud computing policy issues and helped oversee agency IT portfolios.
Mr. Goodrich also led the effort in creating tactical guidance for US government agencies in addressing barriers to the effective acquisition of cloud computing services. The white paper "Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service" was published by the US CIO and CAO Council as well as the Federal Cloud Compliance Committee.
Mr. Goodrich has a BBA in Computer Information Systems from the University of Miami in Coral Gables, Florida and a Juris Doctor from the University of Denver in Denver, Colorado.
Waldemar Grudzien
Direktor, Bundesverband deutscher Banken e.V. (Association of German Banks)
Studied electrical engineering at Berlin Technical University and business studies at the Berlin School of Economics. Holds a doctorate in the former subject. After working as a process engineer at Berlin’s water company and at Berlin Technical University’s Institute for Machine Tools and Factory Management, Mr Grudzien joined the Association of German Banks in October 2001. He works in the Retail Banking and Banking Technology Department, where he is responsible for security issues associated with card-based payment systems, approval processes, IT security, Biometry and Security Strategy.
-->
Dennis Heinson
Ph.D. candidate at the Universität Kassel
Dennis Heinson holds Law degrees from the University of Münster, Germany and the University of Californa, Los Angeles. In 2010, he was admitted to the New York State Bar as an Attorney-at-Law. He is author of a number of academic articles on topics covering as internal investigations, IT Forensics and privacy. He was expert member to the Enisa working group on Cloud Security and contributor to the study "Security and Resilience in Governmental Clouds". Currently, Mr. Heinson is a Ph.D. candidate at the Universität Kassel in Germany.
Markus Hennig
CTO, Astaro GmbH & Co. KG, a Sophos Company
Markus co-founded Astaro in early 2000 and run R&D as CTO. Mid 2011 Sophos Ltd. bought Astaro. As with his previous duties for Astaro, he is now responsible for research, new technologies and products for network security with Sophos. Markus has over twenty years of experience in open source and network security and is an active member of the Linux community. In his previous career, he was Chief Technology Officer of a local internet service provider, where he built up the company's managed security business. Markus studied computer science at the Martin-Luther-Universität Halle-Wittenberg and Technical University of Karlsruhe.
Giles Hogben
ENISA
Dr Giles Hogben is an ENISA information expert specialising in cloud security. He works at the European Network and Information Security Agency in Greece. He led ENISA's 2012 study on Procure secure: a guide to monitoring of security service levels in cloud contracts, as well as ENISA's 2009 report Cloud Computing: Benefits, Risks and Recommendations for Information Security. He has led numerous studies on other network and information security topics including botnets, social network security and European identity card privacy. Before joining ENISA, he was a researcher at the Joint Research Centre in Ispra, Italy and led work on private credentials. He has a PhD in Computer Science from Gdansk University of Technology in Poland and graduated from Oxford University, UK in 1994 in Physics and Philosophy.
John van Huijgevoort
Senior Security Advisor for the National Cyber Security Centre
“After studying Computer Science in Eindhoven, John van Huijgevoort fulfilled his military service at the Royal Navy Reserve in Den Helder as system administrator of a quality control system. After his military service he joined Capgemini. His career followed the traditional path from programmer to technical designer and in the beginning of his career he also performed as a help desk employee and system administrator.
Soon after he became a Trainer/Coach at the Capgemini Academy and during this period he was involved in developing and teaching a broad range of information security courses.
Thereafter he worked as a team member in several projects in implementing information security in both governmental and commercial organizations. He has a broad experience in the field of information security. His strength lies in translating theory into practice and his approach to problems is result-oriented.
Since the beginning of 2010, John has been working for GOVCERT.NL as a security advisor. The National Cyber Security Centre (NCSC) commenced operations on 1 January 2012. GOVCERT.NL, the former Computer Emergency Response Team of the Dutch government, will be incorporated in the new centre. The NCSC cooperates in enhancing the defensibility of the Dutch society in the digital domain. Our goal is to realize a safe, open and stable information society by sharing knowledge, offering insight and also offering a proper action perspective.
John is, among other things, involved in writing white papers, factsheets and articles for the Security Alert Service. His main points of interest with NCSC are smartphone/tablets, cloud computing and security.
John was co-author of the books "Information Security Management Advanced" and "Network & Internet Security Advanced", theory and assignment material based on the I-Tracks exam of the same name. He also acts as an examiner on behalf of EXIN for the I-Tracks module "Information Security Management Expert"
He is since 2011 board member of the Netherlands CSA Chapter heading up the Research & Development section.
John’s hobbies are travelling with his wife, sports, visiting games of Tilburg soccer club Willem II and of course his work.”
Monika Josi
Chief Security Advisor, EMEA, Microsoft
Monika Josi has joined Microsoft as Chief Security Advisor EMEA in January 2011. In this role, she leads a team of national Chief Security Advisors across EMEA who work with organizations in the commercial and public sector on information technology issues and strategies related to security, risk management and compliance. Monika has 20+ years of experience in IT across various domains and industries including consulting and auditing. Most recent to joining Microsoft, she was Global Head of Information Governance and Management Policies and Frameworks for a multi-national pharmaceutical company.
Ari Juels
Dr. Ari Juels is Chief Scientist of RSA, The Security Division of EMC, where he has worked since 1996. He oversees RSA's research program and advises on the science behind its technology strategy and vision. Visit www.ari-juels.com for more information.
Ben T. Katsumi
Chief Researcher IT Security Center, IPA & President and CEO, Information Economy Research Institute
Ben has 18years of experience in cybersecurity specializing in marketing, market analysis, social and international studies, and security management and governance. His career includes 7 years at IPA as visiting researcher (2005 thru 2012), consultant at several Japanese firms including Ricoh's affiliated company (2004 thru 2008), director at Symantec Japan (2001 thru 2004), sales and marketing manager at Nissin Electric (1994 thru 2001).
Ben is one of the founders and board members of CSA Japan Chapter. He is also active in Japan Network Security Association where he is a board member, an officer and chair of Market Analysis WG. He is also a member of Japan Society of Security Management, and Institute of Digital Forensics. Bachelor degrees in Liberal Arts and Economy from Kyoto University in 1973 and 1975. CISA, Information Security Associate Auditor, Certified Information Security Administrator.
Mark Lange
Microsoft
Yves Le Roux
Principal Consultant, CA Technologies
After his graduation from Paris University in 1970, he worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs. In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int.
He has co-authored three books on security. He was a lecturer at Paris University and spoke in many conferences (e.g. ISMC USA 2008, ISMF 2008, RSA Europe 2009, ISRMC Europe 2009).He was member of the European Network and Information Security Agency (ENISA) Permanent Stakeholders’ Group (PSG) He is member of the ISACA External Relationship Committee and the ISACA Cloud Computing Task Force. He was a member of the drafting committee of the Cloud Security Alliance Cloud Controls Matrix
Alain Pannetrat
Senior IT Specialist, CNIL | Article 29 Working Party
Alain Pannetrat is a Senior IT Specialist of the CNIL, the French data protection authority. His main interests are cryptography, biometrics, RFID, internet voting and online targeted advertising.
He is a member of the Technology Subgroup of the Article 29 Working Party, which explores data protection issues related to new technologies.
Before joining the CNIL, Alain Pannetrat was an IT Security consultant specialized in credit and debit smartcard systems. He received a PhD in Computer Sciences after conducting research at Eurecom on novel cryptographic protocols for IP multicast security.
David Pollington
Director of International Security Relations, Microsoft
David Pollington is responsible for major national and international security relationships on behalf of Microsoft’s Trustworthy Computing Security group. He represents the security science, response and engineering teams that assess the threats and assure the security of Microsoft’s products and services, in policy matters with Governments and Institutions. David is a cofounder of Microsoft’s Global Security Strategy and Diplomacy team who engage on matters of Cyber Security around the world.
After 20 years in IT with experience in areas as diverse as oil exploration, cartography, flight testing, building a consultancy practice and outsourcing; David joined Microsoft in 2002 with a focus on Microsoft’s evolving commitment to IT security in UK Government relationships. He enabled the UK to be among the first countries to join Microsoft’s Government Security Program and worked with UK Law Enforcement to improve child protection online. A few years later, David joined Microsoft’s corporate Trustworthy Computing division to develop cyber security relationships with major Governments and Institutions around the world.
In the course of his work, David has built relationships and facilitated the cyber security debate in major Commonwealth countries and many institutions including: EU, ENISA, OECD, IGF, ITU and IMPACT. He is also concerned with Critical Infrastructure Protection and for 2 years, was Chair of the Vendor Security Information Exchange, part of the UK’s Centre for the Protection of the National Infrastructure.
Joseph A. Rivela
Associate Director, Protiviti Inc.
Joseph A. Rivela is an Associate Director in Protiviti’s IT Security & Data Privacy Solutions practice. Based in New York City, he has managed and delivered security services to a variety of clients in financial services, insurance, healthcare and life sciences, media, and higher education.
He provides clients with expertise in security assessments, IS governance / ISO 27001 strategy development, IT risk management, and privacy compliance services. Joseph has led the development of enterprise-wide security incident response frameworks, delivered security training to leaders of industry and Fortune 500 companies, and has been engaged frequently as an incident coordinator to manage various interstate response teams following the identification of potential security breach’s.
Prior to joining Protiviti, he was responsible for conducting investigations for the New York State Office of the Attorney General’s Internet Bureau. While working at the Internet Bureau, Joseph conducted the in-house investigation of business entities and individuals involved in or associated with a variety of online fraud, including spyware, auction fraud, and phishing schemes.
Joseph earned his bachelor of science degree in economic crime investigation with a concentration in computer security from Utica College of Syracuse University. He is a member of the NY Metro ISSA Board of Directors and maintains the following professional memberships and certifications: Certified Information Systems Security Professional (CISSP); PCI Qualified Security Assessor (QSA); Archer Certified Consultant (ACC); Certified in Digital Forensics, Marshall University; Basic Digital Recovery & Analysis (BDRA); SANS Hacker Techniques, Exploits and Incident Handling (GCIH).
Raj Samani
VP, Chief Technical Officer for McAfee EMEA
Raj is currently working as the VP, Chief Technical Officer for McAfee EMEA, having previously worked as the Chief Information Security Officer for a large public sector organisation in the UK.
He volunteers as the Cloud Security Alliance EMEA Strategy Advisor, is on the advisory councils for Infosecurity Europe, and Infosecurity Magazine. In addition, Raj was previously the Vice President for Communications in the ISSA UK Chapter, having presided over the award for Chapter communications programme of the year 2008, and 2009.. He has had numerous security papers published, and appeared on television (ITV and More4). As well as providing assistance in the 2006 RSA Wireless Security Survey and part of the consultation committee for the RIPA Bill (Part 3). He is also the founder for the global collaborative project used to evaluate objective measurement of IA maturity known as the Common Assurance Maturity Model (also known as CAMM – please refer to www.common-assurance.com for more details).
He can be found on twitter @Raj_Samani
David Snead
Internet Infrastructure Attorney
David Snead’s practice focuses exclusively on representing companies and other entities active in internet infrastructure. In his 18 years in this area, he has represented these companies both in-house and as outside counsel, with clients in over 20 countries. He has broken down complex legal issues at over 100 conferences. His transnational Internet experience has been recognized as the sole U.S. legal representative to the ENISA Group on Cloud Computing Security. Mr. Snead received his J.D. in 1991 from Georgetown University Law Center. He is a member of the bars of the District of Columbia and State of New Mexico.
Marc Vael
Chief Audit Executive Smals / Chairman Cloud Computing Task Force ISACA
Marc Vael, CISA, CISM, CGEIT, CISSP, is Chief Audit Executive at Smals, a Belgian not-for-profit IT organization with more than 1,800 people working for the Belgian federal government. Marc has more than 20 years of experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, incident and business continuity management, data protection/privacy, and IT audit. An ISACA member for more than 15 years, Marc is also vice president of the ISACA Belgium Chapter, chair of ISACA’s Cloud Computing Task Force and Knowledge Board, member of ISACA’s Strategic Advisory Council, and past chair of the ISACA Communities Committee. He is a visiting lecturer at Antwerp Management School (AMS) since 1997 and a deputy member of the Flemish Privacy Commission since 2010. Marc is a board member for a number of organisations in Belgium.
Rolf Van Roessing
ISACA
Prof. Paulo Verissimo
Prof. University of Lisbon - LaSIGE
Paulo Veríssimo is currently a professor of the Department of Informatics (DI) of the University of Lisboa Faculty of Sciences (http://www.di.fc.ul.pt/~pjv), and past Director of LASIGE, a research laboratory of the DI (http://lasige.di.fc.ul.pt). He is Fellow of the IEEE and Fellow of the ACM. He is associate editor of the Elsevier Int’l Journal on Critical Infrastructure Protection, and past associate editor of the IEEE Tacs. on Dependable and Secure Computing. He belonged to the European Security & Dependability Advisory Board. He is past Chair of the IEEE Technical Committee on Fault Tolerant Computing and of the Steering Committee of the DSN conference, and belonged to the Executive Board of the CaberNet European Network of Excellence. He was coordinator of the CORTEX IST/FET project (http://cortex.di.fc.ul.pt). Paulo Veríssimo leads the Navigators research group of LASIGE, and is currently interested in: architecture, middleware and protocols for distributed, pervasive and embedded systems, in the facets of real-time adaptability and fault/intrusion tolerance. He is author of more than 160 refereed publications in international scientific conferences and journals in the area, and co-author of five books http://www.navigators.di.fc.ul.pt/dssa/.
Mario Vuksan
CEO, ReversingLabs
Mario has been involved in development of advanced security solutions for the last seven years and has rich engineering background spanning the last 20 years. Before founding ReversingLabs, Mario was the Director of Research at Bit9 and one of its founding engineers. He spoke at numerous conferences over the last 6 years including CEIC, Black Hat, RSA, Defcon, Caro Workshop, Virus Bulletin and AVAR Conferences. He is author of numerous blog posts on security and has authored "Protection in Untrusted Environments" chapter for the "Virtualization for Security" book. He coordinates AMTSO Advisory Board and works with IEEE Malware Working Group.
Ian Walden
Queen's University
Ian Walden is Professor of Information and Communications Law and head of the Institute of Computer and Communications Law in the Centre for Commercial Law Studies, Queen Mary, University of London. His publications include EDI and the Law (1989), Information Technology and the Law (1990), EDI Audit and Control (1993), Cross-border Electronic Banking (2nd ed., 2000), Telecommunications Law Handbook (1997), E-Commerce Law and Practice in Europe (2001), Computer Crimes and Digital Investigations (2007), Media Law and Practice (2009) and Telecommunications Law and Regulation (4th ed., 2012). Ian has been involved in law reform projects for the World Bank, the European Commission, UNCTAD, UNECE and the EBRD, as well as for a number of individual states. Ian was awarded a Council of Europe Human Rights Fellowship (1987-88); was a seconded national expert to the European Commission DG-Industry (1995-96); Board Member and Trustee of the Internet Watch Foundation (2004-09) and on the Executive Board of the UK Council for Child Internet Safety (2010-12). Ian is a solicitor and Of Counsel to Baker & McKenzie. He is currently a member of the Press Complaints Commission.
Agenda Day 1
| Time | Plenary | Track 1 | Track 2 |
|---|---|---|---|
| 8:15-8:45 | Registration | ||
| 8:45-9:00 |
Welcome note
|
||
| 9:00-9:30 |
Intro and Keynote 1
|
||
| 9:30-10:45 |
Panel: European data protection - what do the changes mean for cloud computing?
|
Cloud Technologies 1
|
|
| 10:45-11:15 | Coffee Break | ||
| 11:15-12:15 |
Panel: Global infrastructure, national laws - international differences and cloud computing
|
Panel: Cloud Security User Perspective
|
|
| 12:15-13:15 |
Panel: The Positive Impact of Cloud Computing on Security
|
||
| 13:15-14:15 | Lunch | ||
| 14:15-14:45 |
Keynote 2
|
||
| 14:45-16:15 |
Government Policy on Cloud Security
|
Forensics and Investigations
|
|
| 16:15-16:45 | Coffee Break | ||
| 16:45-18:15 |
Incident Management
|
Cloud Technologies 2
|
Agenda Day 2
| Time | Plenary | Track 1 | Track 2 |
|---|---|---|---|
| 8:30-9:00 | Registration | ||
| 9:00-9:30 |
Keynote 3
|
||
| 9:45-11:15 |
SLAs and Monitoring
|
Virtualisation Security
|
|
| 11:15-11:30 | Coffee Break | ||
| 11:30-12:45 |
Panel: Cloud Provider Panel - The World According To...
|
Panel: Measuring security in a cloud-enabled organization full of consumer devices
|
|
| 12:45-13:45 | Lunch | ||
| 13:45-15:30 |
Governance, Risk and Compliance
|
Sensitive Services in the Cloud
|
|
| 15:30-16:00 | Coffee Break | ||
| 16:00-16:45 |
Keynote 4
|
||
| 16:45 |
Closing Remarks
|
About SecureCloud 2012
Download presentations from the event!
SecureCloud 2012 is a premier educational and networking event on cloud computing security and privacy, hosted and organized by Cloud Security Alliance (CSA), the European Network and Information Security Agency (ENISA), CASED/Fraunhofer SIT and ISACA, four of the leading organisations shaping the future of cloud computing security.
SecureCloud 2012 is the only European conference to focus specifically on cloud computing security. It provides a unique opportunity for political and corporate decision-makers, CEO, CTO, CISOs, business leaders, and information security practitioners not only to learn, but also to make important global contacts and to participate in interactive strategy sessions with high level experts in cloud computing security. SecureCloud 2012 will have a special focus on the legal and policy aspects of cloud computing security.
Programme Committee
The programme committee of SecureCloud 2012 is
- Avner Algom, IGT
- Paolo Balboni , EPA - ICT Legal Consulting
- Daniele Catteddu, EMEA Managing Director, CSA
- Theo Dimitrakos, British Telecom
- Marnix Dekker, ENISA
- Gerhard Eschelbeck, CTO & SVP at Sophos
- Ramses Gallego, Quest Software/ISACA
- Andrea Glorioso, European Commission, DG INFSO
- Ron Hale, ISACA
- Giles Hogben, ENISA (chair)
- Brian Honan, BHConsulting
- Ben Katsumi, IPA, Japan
- Philippe Massonet, CETIC, Belgium
- Manuel Medina, ENISA
- Jim Reavis (Conference co-chair), CSA
- Ahmad-Reza Sadeghi (PC co-chair), Fraunhofer CASED
- Michael Waidner (Conference co-chair), Fraunhofer SIT
- Colin Watson, Watson Hall
- Lorenzo Valeri, Louis University of Rome
- Dov Yoran, CSA / MetroSITE Group
Event Partner
SecureCloud 2012 has been organized in partnership with isits AG International School of IT Security.
Contact Information
For general questions send an email to: [email protected]
For press enquiries and a press kit send an email to: [email protected]
Sponsorship Information
For details on sponsorship opportunities, please download the SecureCloud 2012 Conference Sponsorship Information document.
Gold Sponsors
Standard Sponsors
Download Presentations
| Presenter | Day # / Track # | Title | Download | ||
|---|---|---|---|---|---|
| Carl-Christian Buhr | Day 1 / Keynote | The European Cloud Computing Strategy | Slideshare | ||
| Billy Hawkes | Day 1 / Keynote | Data Protection in the Cloud – unclouding the Issues | Download (ppt) | ||
| Alain Pannetrat | Day 1 / Track 1 | Download (pdf) | |||
| Jorge Gasos | Day 1 / Track 1 | Towards a European Cloud Computing Strategy | Download (pdf) | ||
| John van Huijgevoort | Day 1 / Track 1 | Cloud computing security in the Dutch Government | Download (pdf) | ||
| Ben T. Katsumi | Day 1 / Track 1 | How Cloud Survived the Earthquake and Served People | Download (pptx) | ||
| Anirban Basu | Day 1 / Track 2 | Practical privacy using homomorphic encryption – a myth or reality? | Download (ppt) | ||
| Steve Markey | Day 1 / Track 2 | Securing Databases in the Cloud | Download (ppt) | ||
| Srijith Nair | Day 1 / Track 2 | On the Security of Data Stored in the Cloud | Download (ppt) | ||
| Robert Bohn | Day 2 / Keynote | NIST Cloud Computing Program – Highlights & Next Steps | Download (pptx) | ||
| Giles Hogben | Day 2 / Track 1 | PROCURE SECURE | Continuous monitoring for public sector cloud services | Download (pptx) | ||
| Dr. Jesus Luna | Day 2 / Track 1 | QUantifiable End-to-end SecuriTy for Cloud Trustworthiness | Download (ppt) | ||
| Andy Dancer | Day 2 / Track 2 | 10 Reasons Not to Virtualize | Download (ppt) | ||
| Paolo Verissimo | Day 2 / Track 2 | Architectural Resilience in Cloud Computing | Download (pdf) | ||
| Fadi El-Moussa | Day 2 / Track 2 | Protecting systems and applications on virtual data centres and in the cloud: challenges, emerging solutions and lessons learnt | Download (pptx) |