Reference Architecture Lead for the NIST Cloud Computing Program - Applied and Computational Sciences Division in NIST/ITL
Robert Bohn, of the Applied and Computational Sciences Division in NIST/ITL, serves as the Reference Architecture Lead for the NIST Cloud Computing Program. In this role, he works with industrial, academic and other government stakeholders to develop a high-level vendor neutral reference architecture and taxonomy under the NIST Strategy for Developing a US Government Cloud Computing Technology Roadmap. This architecture will be used as a frame of reference to facilitate communication, illustrate and understand how clouds services and components fit together.
Bob was a member of the National Coordination Office of the Networking and Information Technology Research and Development (NITRD) and served as the program as the Technical Coordinator for the High End Computing Interagency Working Group (HEC-IWG) and Human-Computer Interaction and Information Management Coordinating Group (HCI&IM CG) and composed entries in the President’s Annual NITRD Budget Supplements.
He was a recipient of a National Science Foundation fellowship at NASA Ames Research Center in Moffett Field, CA, received Ph.D. and Master of Science degrees in Physical Chemistry from the University of Virginia, a Master’s Certificate in Project Management from George Washington University School of Business and Public Management, and a Bachelor of Science degree in Chemistry from the University of Illinois.
Dr. Carl-Christian Buhr
European Commission, Cabinet Member of Vice-President Neelie Kroes
An economist and computer scientist, Dr. Buhr is a member of the cabinet of Digital Agenda Commissioner and EU Commission Vice-President Neelie Kroes. Among others, he advises her on the developing European Cloud Computing Strategy, Data protection, Standardisation and interoperability policies as well as ICT research policy. He previously dealt with antitrust and merger control investigations by the Commission, such as the Microsoft antitrust case and the Oracle/Sun Microsystems merger.
Irish Data Protection Commissioner
Billy Hawkes was appointed as Irish Data Protection Commissioner in 2005 for a five-year term. He was re-appointed in 2010 for a further 5 years.
Prior to his appointment, he worked as a Civil Servant in a number of Government Departments, including Finance, Foreign Affairs and Enterprise, Trade and Employment.
Director of Security, Google Apps, Google
As the Director of Security for Google Enterprise, Eran defines and implements security strategy for Google's suite of solutions of Enterprise Products.
Prior to joining Google in 2007, Eran was the US Chief Information Security Officer for PricewaterhouseCoopers(PwC). At PwC, he led a team responsible for all aspects of network, server, application, and desktop computer security, as well as security policies, architectures, standards and enforcement. Earlier, Eran spent several years designing and implementing high-performance cryptosystems for electronic commerce solutions for Fortune 1000 clients and government agencies.
Eran holds a bachelor's degree in electrical and computer engineering from the University of California at Irvine, and an MBA from Pepperdine University. In his spare time, he enjoys performing magic and mentalism and was featured on the NBC television show Phenomenon
Co-founder of CSA | Chief Security Officer, Zynga’s Security Department
As Chief Security Officer, Nils Puhlmann leads Zynga’s converged security department, managing all security risks for the company and chairing the Security Risk Committee. Before joining Zynga, Puhlmann served as Chief Security Officer of Qualys. Puhlmann has held information security positions at Electronic Arts, Robert Half International, Mindjet Corp, and Adobe Systems. He also held senior positions at Nortel Networks and START Amadeus, and was an independent security consultant with clients such as the State of California. He maintains numerous security certifications, including CISSP-ISSMP and CISM. He has held several Board of Directors positions (ISACA Silicon Valley, OVAL), is a current Director on the International Board of Directors of ISSA, is a member of the CSO Interchange, the CISO Executive Council and a subject matter expert for ISACA and ISC2. He was also a member of the Advisory Council for the CISO Forum of ISSA.
Director of European Privacy Association and Founding Partner at ICT Legal Consulting
Director of European Privacy Association, Cloud Computing Sector Director and responsible for Foreign Affairs of Italian Institute for Privacy, Lawyer admitted at the Bar in Milan specialised in ICT, new technologies law and personal data protection, Paolo Balboni is partner at ICT Legal Consulting. He provides legal advice to multinational companies, especially concerning personal data protection, e-contracts, e-commerce, e-marketing, advertising, cloud computing, Web 2.0 service providers’ liability, Internet content providers’ liability, e-signatures, digital retention of documents and intellectual property rights. He also advises celebrities on privacy and copyright matters.
He has considerable experience in the following areas: IT, media & entertainment, e-Health, fashion and banking. He is the author of the book ‘Trustmarks in E-commerce’, Paolo Balboni is a Research Associate for Tilburg University (The Netherlands), where he lectures at the master course “Liability of Web 2.0 Service Providers”. As a legal counsel chosen for projects of European Network and Information Security Agency (ENISA) on ‘Cloud Computing Risk Assessment’, ‘Security and Resilience in Governmental Clouds’, 'Procure Secure' and ‘Common Assurance Maturity Model – Beyond the Cloud (CAMM)’, Paolo Balboni is often involved in European Commission studies on new technologies and data protection, and also participates on several speaking engagements at international conferences on these matters.
He obtained his Law degree with distinction from the University of Bologna in 2002, Ph.D. from Tilburg University (the Netherlands) in 2008 by defending a thesis on Comparative ICT Law titled: Trustmarks: Third-Party Liability of Trustmarks Organisations in Europe. He speaks fluent Italian, English and Dutch and has a good knowledge of German, French and Spanish.
Dr. Anirban Basu is a Post-doctoral Researcher at Kikuchi lab at Tokai University working on a Japanese Ministry of Internal Affairs and Communications funded project in collaboration with Waseda University, Hitachi, NEC and KDDI; and also a Visiting Research Fellow at the University of Sussex. He holds a Ph.D. in Computer Science and a Bachelor of Engineering (Hons.) in Computer Systems Engineering from the University of Sussex. His research interests are in computational trust management, privacy and security and peer-to-peer networks. He is particularly active within the IFIPTM computational trust management community. He has several years of experience with academic research at the University of Sussex as a Visiting Research Fellow and as part of two EPSRC funded and one EU IST FP5 funded research projects. He can be reached at [email protected].
Partner, Graf von Westphalen, Berlin, Germany
Arnd Böken, lawyer and notary, is a partner with the Graf von Westphalen law firm in Berlin. Practicing in IT law since 1993 and in information privacy law since 2002, Arnd advises IT companies and customers on Cloud- and SaaS-Agreements, data protection and IT compliance. He is frequently published, most recently including "Cloud computing in the banking sector", "Patriot Act and cloud computing" (iX Magazin, issue 1/2012), and "Developing and successfully implementing cloud strategies - ways into the cloud" (iX-Magazin, issue 4/2011).
Security Researcher, Horst Goertz Institute for IT Security
Dominik Birk is working as a security consultant for a global acting financial services group in Zurich, Switzerland. Besides his professional employment, Dominik is a Ph.D. student in the field of Cloud Computing Security & Forensics. He holds a M.Sc. degree in IT Security from the Ruhr-University Bochum, Germany. Until 2011, he also worked as a research assistant at the Horst Goertz Institute for IT Security (HGI), gave web security trainings and worked as a freelancing security consultant.
Sven Bugiel is a predoctoral researcher at the System Security Lab at Technische Universität Darmstadt / Center for Advanced Security Research Darmstadt. His research focus is on trusted computing, mobile (operating system) security, Cloud computing security, and the interconnection of the same. He holds two Master of Science degrees in Security and Mobile Computing from Royal Institute of Technology Stockholm and Technical University of Denmark respectively.
VP PRoduct Strategy, Kinamik Data Integrity
Nadeem has more than 14 years of exclusive Information Security experience within leading management consulting organizations and tier 1 financial services firms providing information security risk management consultancy and implementations of ISO27001 certifications.
He has spoken at many leading conferences, contributed to books, whitepapers, and standards with specialist focus on integrity of electronically stored information. Nadeem is a graduate in Information Security from the University of Westminster, an ISC2 Certified Information Systems Security Professional and an ISACA Certified Information Security Manager.
Senior Director, Symantec Government Affairs – EMEA and APJ
Ilias Chantzos is Senior Director of Symantec’s Government Affairs programmes for Europe, Middle East & Africa as well as the Asia Pacific and Japan regions. He is based in Brussels. Chantzos represents Symantec before government bodies, national authorities and international organisations advising on public policy issues with particular regard to IT security and data risk management and availability.
Prior to joining Symantec in 2004, Chantzos worked as legal and policy officer in the Directorate General Information Society of the European Commission focusing on information security policy. He covered the council of Europe Cybercrime Convention and the Framework Decision on Attacks against Information Systems. In addition, he managed a number of EU legislative initiatives relevant to information society and security, including directives on Privacy on Electronic Communications, the Data Retention Directive and the European Network and Information Security Agency (ENISA). He also represented the European Commission in various international debates and conferences.
Chantzos holds a law degree from the University of Thessaloniki and a Masters degree in Computers and Communication Law from the University of London and is a member of the Athens Bar. He serves as Vice-President of the Executive Board of TechAmerica Europe and appointed member of the Permanent Stakeholders Group of ENISA for a second consecutive term. Chantzos chaired for two consecutive terms the European policy council of the Business Software Alliance. He speaks Greek, English, Dutch and German and is a member of the Oostakker Kickboxing Club and the Greek Circle, a thought leadership club in Brussels.
Global Cloud Security Leader for IBM within the services organisation
Nick Coleman is the Global Cloud Security Leader for IBM within the services organisation. He is responsible for leading in IBM in securing cloud computing worldwide. Prior to this he was the UK Government Reviewer of Security and authored the "Coleman Report' published in 2008 by the Cabinet Office. He is an appointed advisor to the EU Network and Information Security Agency (ENISA) serving on the Permanent Stakeholders Group. He is a fellow of the Institution of Engineering and Technology(IET) and a Fellow of the British Computer Society (BCS). He holds an MBA with distinction from Manchester Business School.
Chief Technology Officer for EMEA at Trend Micro
Andy Dancer is Chief Technology Officer for EMEA at Trend Micro, a global leader in Internet content security. Andy joined TrendMicro through its acquisition of Identum, where he served as CEO, CTO and Board Director, responsible for developing the company's pairing based cryptographic technology, as well as its desktop and gateway email encryption products. On joining TrendMicro Andy worked initially to integrate the Identum technologies and then to concept and develop Trend Micro’s flagship cloud encryption solution - "SecureCloud". As EMEA CTO Andy splits his time between Customers, Partners and Media work. Earlier in his career, Andy worked with British Gas plc, WH Smith plc, before founding and successfully exiting a series of technology companies. He holds a degree in Applied Mathematics and Business Studies.
Core Technology Product Manager, Trend Micro
Alice Decker coordinates correlation research for Trend Micro's cloud-based IP, URL, and file reputation services. Alice graduated from University of Al. I. Cuza in Rumania with degree in physical chemistry. She exchanged the physics with computer science after she relocated to Germany. As MCSD (Microsoft Certificated Solution Developer) certificated she worked as software developer. She developed in C++ and other object oriented languages for insurance and logistic software providers. Alice joined Trend Micro in 2001 as Virus Analyst working in second level of antivirus support. During this time she extended her domain of activity to application of computer forensics, malware behavior research and co-relation of core technologies in developing of customized security solutions. Since 2007 Alice has been a senior researcher and analyst with Trend Micro's cloud-based Smart Protection Network. www.trendmicro.com/us/technology-innovation/cloud/
Vice President & Chief Technology Officer Corporate Vice President & Chief Technology Officer, SafeNet
Russell Dietz joined SafeNet in February 2009 as Corporate Vice President and Chief Technology Officer (CTO). In this role, Mr. Dietz, leads the strategic positioning and migration of new technologies into SafeNet’s highly successful solutions portfolio.
Mr. Dietz brings more than 27 years of industry experience. He has held the CTO position for multiple high-tech companies, including Hifn, Inc., where he led company efforts in defining the next generation of security, service, and network processing solutions, and Apptitude, where he drove the vision, strategy, and architecture of the application and flow classification solutions, MeterFlow and MeterWorks.
Mr. Dietz was the founder and Vice President of Engineering for Technically Elite, and previously held various management and technical spots at Magnavox Electronic Systems and Digital Equipment Corporation, and was a technical author for Digital News and Review technical journal.
Mr. Dietz is an active member of the Network Processing Forum (former chairperson), Internet Engineering Task Force (IETF), Institute of Electrical and Electronics Engineers (IEEE), Optical Internetworking Forum (OIF), and the Cloud Computing Interoperability Forum (CCIF). He has been awarded more than 20 patents in network and traffic behavior and analysis in the United States, European Union, Japan and China.
Dr. Fadi El-Moussa
Senior Security Researcher, BT
Dr Fadi El-Moussa is Senior Security Researcher at BT Innovate and Design, the R&D part of BT where he looks at fundamental security challenges facing enterprise level infrastructures, including, but not limited to Malware detection and prevention and protection of critical networks and systems against cyberattacks.
He is the subject matter expert on emerging threats targeting applications and systems on virtual and cloud environments, including vulnerability analysis, advanced anti-evasion techniques, host intrusion prevention and detection, and malware propagation containment. Fadi works together with security and cloud vendors, platform and product architects, in order to deliver innovative solutions that improve the protection of hosted applications in BT’s or partner virtual data centres and cloud infrastructures and networks and to validate these solutions with early adopters.
He has been the technical lead in several BT innovation projects and BT partner collaborations in these areas, he has been contributing to corporate policy standards, and he has been offering technical consultancy to BT and BT’s partners.
He has an MSc and a PhD from the University of Salford (UK) in Data Telecommunications and Networks. His PhD was in new methods for detecting and mitigating Malware and DDoS attacks. He also has a BSc in Computer Engineering from AL-Ahliyya Amman University, Jordan.
Dr. Thomas Endres
EuroCIO, former CIO Lufthansa
Thomas Endres was until recently the Chief Information Officer at Lufthansa - in this position he was responsible for the strategic IT alignment and corporate services for Lufthansa and the Lufthansa group airlines. Endres graduated in Materials Science and Ceramic Engineering at the University of Erlangen-Nuremberg and at Alfred University, New York. His PhD research involved laser and surface technology.
Before joining Lufthansa, Thomas Endres worked for BMW's central Materials Division, he was a management trainee at Audi, and he worked as Manager Human Resources and Programme Process Development at Eurofighter in Munich.
Dr. Niels Fallenbeck
Niels holds a Ph.D. from the University of Marburg, Germany, and has been working for several years in the area of distributed systems and cloud computing. During his Ph.D. he has been working in numerous nationally and internationally funded Grid- and cloud computing projects in different industrial key sectors such as the automotive and financial services industry.
After working for Ernst & Young in the IT risk and assurance line, he joined Fraunhofer AISEC in 2011. He is head of the Cloud Security Lab where he coordinates several research activities in the field of SOA and cloud computing. Moreover, he is head of the Cloud Computing Competence Center for Security (c4s). Niels is co-founder and board member of the Cloud Security Alliance (CSA) German Chapter. He is also a member of ACM and GI (Germany).
Dr. Jesus Luna Garcia
Senior Researcher, Technical University of Darmstadt
Dr. Jesús Luna received his Bachelor’s degree in Telecommunications Engineering from the "Instituto Politécnico Nacional" (IPN, Mexico 1995), a Master’s degree in Computer Science from the "Tecnológico de Monterrey" (ITESM CEM, Mexico 2002) and a PhD in Computer Architecture from the "Universidad Politécnica de Cataluña" (UPC, Spain 2008).
He was a postdoctoral researcher with the CoreGRID Network of Excellence (Greece/Cyprus, 2008-2009) and has more than 15 years of experience in the field of computer security, working with public and private companies and universities in Mexico and southern Europe including "Banco de México", "Universidad Tecnológica de Mexico", "SeMarket" and "Barcelona Digital CT". Since 2009 is an active member of the "Cloud Security Alliance" (CSA) and in 2010 co-founded its Spanish Chapter (CSA-ES). Currently he is In charge of DEEDS' security research group (chaired by Prof. Neeraj Suri at TU Darmstadt) with special focus on security metrics, Cloud computing, P2P and WSN. The goal of his research is to create a metrics framework to improve the security and dependability in IT ecosystems. He is also a researcher with EU FP7 funded ABC4Trust project, performing tasks related with the use of attribute based credentials to preserve user's privacy while improving overall authentication and authorization.
Teaching activities include co-advising PhD, MSc and research seminar students in the area of VANET's security, WSN's privacy and Cloud security metrics. Dr. Luna is also in charge of TU Darmstadt's research seminar “Security Metrics in Cloud Computing” (since April-2011).
Head of Sector for Trust and Security in the European Commission’s Information Society and Media Directorate-General
Jorge Gasós is head of sector for Trust and Security in the European Commission’s Information Society and Media Directorate-General. He held previous positions in the areas of Software / Cloud Computing, Grid Technologies and eBusiness of the IST research programme. Before joining the European Commission, Jorge Gasós held research positions in Spain, Japan and Belgium, mainly in the areas of artificial intelligence and robotics. He holds a PhD in Computer Science from the Polytechnic University of Madrid (Spain).
Program Manager for the Federal Risk and Authorization Management Program (FedRAMP) at the US General Services Administration (GSA)
Mr. Goodrich is the program manager for the Federal Risk and Authorization Management Program (FedRAMP) at the US General Services Administration (GSA).
Mr. Goodrich began his career in the US Government as a Presidential Management Fellow (PMF). Mr. Goodrich currently works on the Federal Cloud Computing Initiative at GSA. He has served as project manager for Apps.gov, helped in the creation of multiple cloud procurements, and led the development the Federal Risk and Authorization Management Program (FedRAMP). Additionally, Mr. Goodrich also worked under the US Federal CIO in the e-Government office in the Office of Management and Budget (OMB) in the Executive Office of the President of the United States. During his tenure at OMB, Mr. Goodrich focused his efforts on government-wide cloud computing policy issues and helped oversee agency IT portfolios.
Mr. Goodrich also led the effort in creating tactical guidance for US government agencies in addressing barriers to the effective acquisition of cloud computing services. The white paper "Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service" was published by the US CIO and CAO Council as well as the Federal Cloud Compliance Committee.
Mr. Goodrich has a BBA in Computer Information Systems from the University of Miami in Coral Gables, Florida and a Juris Doctor from the University of Denver in Denver, Colorado.
Ph.D. candidate at the Universität Kassel
Dennis Heinson holds Law degrees from the University of Münster, Germany and the University of Californa, Los Angeles. In 2010, he was admitted to the New York State Bar as an Attorney-at-Law. He is author of a number of academic articles on topics covering as internal investigations, IT Forensics and privacy. He was expert member to the Enisa working group on Cloud Security and contributor to the study "Security and Resilience in Governmental Clouds". Currently, Mr. Heinson is a Ph.D. candidate at the Universität Kassel in Germany.
CTO, Astaro GmbH & Co. KG, a Sophos Company
Markus co-founded Astaro in early 2000 and run R&D as CTO. Mid 2011 Sophos Ltd. bought Astaro. As with his previous duties for Astaro, he is now responsible for research, new technologies and products for network security with Sophos. Markus has over twenty years of experience in open source and network security and is an active member of the Linux community. In his previous career, he was Chief Technology Officer of a local internet service provider, where he built up the company's managed security business. Markus studied computer science at the Martin-Luther-Universität Halle-Wittenberg and Technical University of Karlsruhe.
Dr Giles Hogben is an ENISA information expert specialising in cloud security. He works at the European Network and Information Security Agency in Greece. He led ENISA's 2012 study on Procure secure: a guide to monitoring of security service levels in cloud contracts, as well as ENISA's 2009 report Cloud Computing: Benefits, Risks and Recommendations for Information Security. He has led numerous studies on other network and information security topics including botnets, social network security and European identity card privacy. Before joining ENISA, he was a researcher at the Joint Research Centre in Ispra, Italy and led work on private credentials. He has a PhD in Computer Science from Gdansk University of Technology in Poland and graduated from Oxford University, UK in 1994 in Physics and Philosophy.
John van Huijgevoort
Senior Security Advisor for the National Cyber Security Centre
“After studying Computer Science in Eindhoven, John van Huijgevoort fulfilled his military service at the Royal Navy Reserve in Den Helder as system administrator of a quality control system. After his military service he joined Capgemini. His career followed the traditional path from programmer to technical designer and in the beginning of his career he also performed as a help desk employee and system administrator.
Soon after he became a Trainer/Coach at the Capgemini Academy and during this period he was involved in developing and teaching a broad range of information security courses.
Thereafter he worked as a team member in several projects in implementing information security in both governmental and commercial organizations. He has a broad experience in the field of information security. His strength lies in translating theory into practice and his approach to problems is result-oriented.
Since the beginning of 2010, John has been working for GOVCERT.NL as a security advisor. The National Cyber Security Centre (NCSC) commenced operations on 1 January 2012. GOVCERT.NL, the former Computer Emergency Response Team of the Dutch government, will be incorporated in the new centre. The NCSC cooperates in enhancing the defensibility of the Dutch society in the digital domain. Our goal is to realize a safe, open and stable information society by sharing knowledge, offering insight and also offering a proper action perspective.
John is, among other things, involved in writing white papers, factsheets and articles for the Security Alert Service. His main points of interest with NCSC are smartphone/tablets, cloud computing and security.
John was co-author of the books "Information Security Management Advanced" and "Network & Internet Security Advanced", theory and assignment material based on the I-Tracks exam of the same name. He also acts as an examiner on behalf of EXIN for the I-Tracks module "Information Security Management Expert"
He is since 2011 board member of the Netherlands CSA Chapter heading up the Research & Development section.
John’s hobbies are travelling with his wife, sports, visiting games of Tilburg soccer club Willem II and of course his work.”
Chief Security Advisor, EMEA, Microsoft
Monika Josi has joined Microsoft as Chief Security Advisor EMEA in January 2011. In this role, she leads a team of national Chief Security Advisors across EMEA who work with organizations in the commercial and public sector on information technology issues and strategies related to security, risk management and compliance. Monika has 20+ years of experience in IT across various domains and industries including consulting and auditing. Most recent to joining Microsoft, she was Global Head of Information Governance and Management Policies and Frameworks for a multi-national pharmaceutical company.
Dr. Ari Juels is Chief Scientist of RSA, The Security Division of EMC, where he has worked since 1996. He oversees RSA's research program and advises on the science behind its technology strategy and vision. Visit www.ari-juels.com for more information.
Ben T. Katsumi
Chief Researcher IT Security Center, IPA & President and CEO, Information Economy Research Institute
Ben has 18years of experience in cybersecurity specializing in marketing, market analysis, social and international studies, and security management and governance. His career includes 7 years at IPA as visiting researcher (2005 thru 2012), consultant at several Japanese firms including Ricoh's affiliated company (2004 thru 2008), director at Symantec Japan (2001 thru 2004), sales and marketing manager at Nissin Electric (1994 thru 2001).
Ben is one of the founders and board members of CSA Japan Chapter. He is also active in Japan Network Security Association where he is a board member, an officer and chair of Market Analysis WG. He is also a member of Japan Society of Security Management, and Institute of Digital Forensics. Bachelor degrees in Liberal Arts and Economy from Kyoto University in 1973 and 1975. CISA, Information Security Associate Auditor, Certified Information Security Administrator.
Yves Le Roux
Principal Consultant, CA Technologies
After his graduation from Paris University in 1970, he worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs. In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int.
He has co-authored three books on security. He was a lecturer at Paris University and spoke in many conferences (e.g. ISMC USA 2008, ISMF 2008, RSA Europe 2009, ISRMC Europe 2009).He was member of the European Network and Information Security Agency (ENISA) Permanent Stakeholders’ Group (PSG) He is member of the ISACA External Relationship Committee and the ISACA Cloud Computing Task Force. He was a member of the drafting committee of the Cloud Security Alliance Cloud Controls Matrix
System Engineer, LogLogic, GmbH
Matthias Maier, CISSP (Certified Information Systems Security Professional), is a specialist in IT security with experience in project management and consulting for several Fortune 500 companies. Since April 2011 Matthias Maier is System Engineer Central and Eastern Europe at LogLogic, a Log and Security Intelligence solution provider. Before that he worked from April 2008 to March 2011 as Sales Engineer Central Europe for the IT security company McAfee. Prior to this he was a Frontendsystem Engineer at Dräxlmaier, a company of the automobile industry.
He’s in the R&D lab of Engineering Ingegneria Informatica spa since 1998 In 2000 he joined EU projects as Technical Manager in the ECOLNET, and then in 2002 he was appointed as RTD coordinator in Engisanità Spa, an Engineering Group company on HealthCare market. On April 2003 he joined again the Engineering labs as responsible of development of new business on Grid Technology establishing a specific unit and contributing to several project in FP6. He was Exploitation Manager of Diligent project, and Project manager of and EC study (www.erina-study.eu). Currently he is Project Director of the VENUS-C project and Project Manager of the ERINA+ Support Action. His current research interests involve Cloud and distributed infrastructures and multicore programming.
Steve Markey is the principal of nControl, a consulting firm based in Philadelphia, Pennsylvania, USA. He is also an adjunct professor and the current president of the Delaware Valley (Greater Philadelphia) chapter of the Cloud Security Alliance (CSA). Markey holds multiple certifications and degrees, and has more than 11 years of experience in the technology sector. He frequently presents on information security, information privacy, cloud computing, project management, e-discovery and information governance.
Lawyer & Researcher, Independent Centre for Privacy Protection Schleswig-Holstein (Unabhaengiges Landeszentrum fuer Datenschutz)
Ninja Marnau is a lawyer and researcher of the Data Protection Authority Schleswig-Holstein, Germany, specializing in privacy, data protection and compliance, particularly with regard to cloud computing and IT outsourcing. She is responsible for the legal research in the EC funded project Trustworthy Clouds (TClouds), focusing on enhancing security, privacy, and resilience in cloud infrastructures and ecosystems. She also is actively involved in standardization efforts for technology design supporting Privacy Enhancing Technologies, such as the W3C's Tracking Protection Working Group.
Co-Founder and Chief Strategy Officer, Vaultive
Ben Matzkel brings more than 14 years of information security and software engineering expertise to Vaultive, where he oversees product strategy as well as the company's strategic partnership initiatives. Prior to co-founding Vaultive, Ben served as a senior product manager at McAfee, overseeing the product lifecycle, business focus and development roadmap of McAfee DLP (Data Loss Prevention). He joined McAfee as part of the Onigma (DLP) acquisition. At Onigma, Ben started and led the Professional Services team, handling all pre- and post-sale activities. Prior to starting this team, he designed the product's enterprise interfaces and participated in the development of the product's management console.
Ben performed his military service at 8200, the IDF's leading intelligence unit, holding various technical positions in high-performance mission-critical and large-scale projects. During his service he was awarded the 'distinguished soldier' award. Ben graduated from the Interdisciplinary Center and the University of Pennsylvania and received a B.A. in Computer Science, Magna Cum Laude. He was awarded the distinguished Efi Arazi scholarship for future technology entrepreneurs and the Chais family award for superior academic achievements.
University of Modena and Reggio Emilia
Antonio has studied in the U.S.A. and he achieved a Doctorate in Computer Engineering and Philosophy Doctor (PhD) in Electronic Communications and Cybercrime Security Governance, particular case: Military Defense and Public Safety and Security focus on Cloud Computing for U.S. Government. Antonio works in the Information Security area in a major international company, he is a Sales System Engineer for the design and planning of the security architecture for important Government and Military organizations. Antonio teaching at University of Modena e Reggio Emilia – Master in Information Security and Law and it is a member in the Scientific Board at CRIS - Interdepartmental Research Center on Security and Risk at the same University. Antonio also is a Professor of Information Technology – Computer Engineering Department - and Member of the Academic Board of the University of Northwest in U.S.A. Antonio has been a teacher of Information Security in The Institute in the Advanced Police Superintendents and Inspectors by Nettuno – Rome, from 2007 to 2010 he has also taught at University of Milan - Master in Computer Forensics and Digital Investigations. Antonio has been included in the 2012 Edition in the International WHO'S WHO of Professionals for hers excellent performance. Antonio is now collaborating with some computer magazines and he is part of the editorial board of CIIPM Journals (technology), African Journal for Innovation, Ethics, & Technology Management and African Journal for the Methodological Uses of Technology. He is often called as a spokesman in important National and International meetings and conferences/events. Antonio is author of several chapters in books and articles on Information Security and Intelligence, Computer Forensics and Digital Investigations. Shortly will be published a book where Antonio writing a chapter on Cloud Computing for Government and Military. Antonio is a member (judge consultant) of the Court of Justice in Roma and he is often appointed as an expert on computer forensics and digital investigations. Antonio has received appreciation letters for professionalism, expertise and excellent work form the: Italian Air Force, Italian Navy, Italian Army,Arma dei Carabinieri (Military Police). Antonio is also a member of numerous professional associations, both national and international.
Global Head of Security Solutions & Architecture at Deutsche Bank
John Meakin is a specialist in information security with more than twenty years experience. He has previously been responsible for leading systems security in Standard Chartered Bank, Reuters, the Royal Bank of Scotland and Dresdner Bank. Most recently he was Chief Info Security Officer at BP plc for 3 years to January 2012. He joined Deutsche Bank in January to lead their development of innovative security solutions to meet the latest threats.
General Manager, World Wide Public Sector Cloud, Amazon Web Services
CJ Moses is the GM of World Wide Public Sector Cloud for Amazon Web Services (AWS). His duties at AWS include leading secure product design, management, and development efforts focused on bringing the competitive, economic and security benefits of cloud computing to government customers.
Prior to joining AWS, Mr. Moses had an extensive career within the Federal Government, most recently with the Federal Bureau of Investigation (FBI), where he served as an Assistant Section Chief. His responsibilities at the FBI’s Cyber Division included leadership of the technical analysis of computer and network intrusion activities as well oversight of malicious code analysis and computer exploitation tool reverse-engineering.
Mr. Moses was previously a US Air Force Office of Special Investigations (AFOSI) Special Agent. During this time he served as the lead case agent on many of the nation's most critical computer intrusion investigations. He has also served as the Law Enforcement/Counterintelligence Coordinator to the LE/CI Center within the Department of Defense's Joint Task Force – Global Network Operations and Chief of the Inter-Agency Coordination Cell at FBI headquarters.
Mr. Moses has undergraduate degrees in Computer Science and Criminal Justice, and is a Sports Car Club of America, Divisional Racing Champion.
Dr. Srijith Krishnan Nair
Senior Researcher, BT
Dr. Srijith K. Nair is a Senior Security Researcher at BT Innovate & Design, the R&D part of BT where he looks at fundamental security challenges facing enterprise level infrastructures, including, but not limited to security aspects of cloud based services.
He is the subject matter expert on data and virtualization security at BT’s cloud platform incubator and at BT’s Security Futures Practice, where he works together with security and cloud vendors, platform and product architects, in order to deliver innovative solutions to customers and to validate these solutions with early adopters.
He has also been involved in multiple expert groups in the security industry that, among other things provide advice to the European Network and Information Security Agency and the Cloud Security Alliance.
He is part of a €10M, 3-year long EU funded project named OPTIMIS that is researching into various issues related to virtualized cloud environment including security and advanced use cases like Cloud Brokerage.
He has Ph.D. in Computer Science from Vrije Universiteit, Amsterdam in which he investigated various system security and policy enforcement issues. He has published several peer-reviewed papers in international journals, conferences and workshops and has also served on the program committee of several international conferences and journals. He is a member of ACM and IEEE.
Senior IT Specialist, CNIL | Article 29 Working Party
Alain Pannetrat is a Senior IT Specialist of the CNIL, the French data protection authority. His main interests are cryptography, biometrics, RFID, internet voting and online targeted advertising.
He is a member of the Technology Subgroup of the Article 29 Working Party, which explores data protection issues related to new technologies.
Before joining the CNIL, Alain Pannetrat was an IT Security consultant specialized in credit and debit smartcard systems. He received a PhD in Computer Sciences after conducting research at Eurecom on novel cryptographic protocols for IP multicast security.
Director of International Security Relations, Microsoft
David Pollington is responsible for major national and international security relationships on behalf of Microsoft’s Trustworthy Computing Security group. He represents the security science, response and engineering teams that assess the threats and assure the security of Microsoft’s products and services, in policy matters with Governments and Institutions. David is a cofounder of Microsoft’s Global Security Strategy and Diplomacy team who engage on matters of Cyber Security around the world.
After 20 years in IT with experience in areas as diverse as oil exploration, cartography, flight testing, building a consultancy practice and outsourcing; David joined Microsoft in 2002 with a focus on Microsoft’s evolving commitment to IT security in UK Government relationships. He enabled the UK to be among the first countries to join Microsoft’s Government Security Program and worked with UK Law Enforcement to improve child protection online. A few years later, David joined Microsoft’s corporate Trustworthy Computing division to develop cyber security relationships with major Governments and Institutions around the world.
In the course of his work, David has built relationships and facilitated the cyber security debate in major Commonwealth countries and many institutions including: EU, ENISA, OECD, IGF, ITU and IMPACT. He is also concerned with Critical Infrastructure Protection and for 2 years, was Chair of the Vendor Security Information Exchange, part of the UK’s Centre for the Protection of the National Infrastructure.
Joseph A. Rivela
Associate Director, Protiviti Inc.
Joseph A. Rivela is an Associate Director in Protiviti’s IT Security & Data Privacy Solutions practice. Based in New York City, he has managed and delivered security services to a variety of clients in financial services, insurance, healthcare and life sciences, media, and higher education.
He provides clients with expertise in security assessments, IS governance / ISO 27001 strategy development, IT risk management, and privacy compliance services. Joseph has led the development of enterprise-wide security incident response frameworks, delivered security training to leaders of industry and Fortune 500 companies, and has been engaged frequently as an incident coordinator to manage various interstate response teams following the identification of potential security breach’s.
Prior to joining Protiviti, he was responsible for conducting investigations for the New York State Office of the Attorney General’s Internet Bureau. While working at the Internet Bureau, Joseph conducted the in-house investigation of business entities and individuals involved in or associated with a variety of online fraud, including spyware, auction fraud, and phishing schemes.
Joseph earned his bachelor of science degree in economic crime investigation with a concentration in computer security from Utica College of Syracuse University. He is a member of the NY Metro ISSA Board of Directors and maintains the following professional memberships and certifications: Certified Information Systems Security Professional (CISSP); PCI Qualified Security Assessor (QSA); Archer Certified Consultant (ACC); Certified in Digital Forensics, Marshall University; Basic Digital Recovery & Analysis (BDRA); SANS Hacker Techniques, Exploits and Incident Handling (GCIH).
VP, Chief Technical Officer for McAfee EMEA
Raj is currently working as the VP, Chief Technical Officer for McAfee EMEA, having previously worked as the Chief Information Security Officer for a large public sector organisation in the UK.
He volunteers as the Cloud Security Alliance EMEA Strategy Advisor, is on the advisory councils for Infosecurity Europe, and Infosecurity Magazine. In addition, Raj was previously the Vice President for Communications in the ISSA UK Chapter, having presided over the award for Chapter communications programme of the year 2008, and 2009.. He has had numerous security papers published, and appeared on television (ITV and More4). As well as providing assistance in the 2006 RSA Wireless Security Survey and part of the consultation committee for the RIPA Bill (Part 3). He is also the founder for the global collaborative project used to evaluate objective measurement of IA maturity known as the Common Assurance Maturity Model (also known as CAMM – please refer to www.common-assurance.com for more details).
He can be found on twitter @Raj_Samani
Internet Infrastructure Attorney
David Snead’s practice focuses exclusively on representing companies and other entities active in internet infrastructure. In his 18 years in this area, he has represented these companies both in-house and as outside counsel, with clients in over 20 countries. He has broken down complex legal issues at over 100 conferences. His transnational Internet experience has been recognized as the sole U.S. legal representative to the ENISA Group on Cloud Computing Security. Mr. Snead received his J.D. in 1991 from Georgetown University Law Center. He is a member of the bars of the District of Columbia and State of New Mexico.
Chief Audit Executive Smals / Chairman Cloud Computing Task Force ISACA
Marc Vael, CISA, CISM, CGEIT, CISSP, is Chief Audit Executive at Smals, a Belgian not-for-profit IT organization with more than 1,800 people working for the Belgian federal government. Marc has more than 20 years of experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, incident and business continuity management, data protection/privacy, and IT audit. An ISACA member for more than 15 years, Marc is also vice president of the ISACA Belgium Chapter, chair of ISACA’s Cloud Computing Task Force and Knowledge Board, member of ISACA’s Strategic Advisory Council, and past chair of the ISACA Communities Committee. He is a visiting lecturer at Antwerp Management School (AMS) since 1997 and a deputy member of the Flemish Privacy Commission since 2010. Marc is a board member for a number of organisations in Belgium.
Prof. Paulo Verissimo
Prof. University of Lisbon - LaSIGE
Paulo Veríssimo is currently a professor of the Department of Informatics (DI) of the University of Lisboa Faculty of Sciences (http://www.di.fc.ul.pt/~pjv), and past Director of LASIGE, a research laboratory of the DI (http://lasige.di.fc.ul.pt). He is Fellow of the IEEE and Fellow of the ACM. He is associate editor of the Elsevier Int’l Journal on Critical Infrastructure Protection, and past associate editor of the IEEE Tacs. on Dependable and Secure Computing. He belonged to the European Security & Dependability Advisory Board. He is past Chair of the IEEE Technical Committee on Fault Tolerant Computing and of the Steering Committee of the DSN conference, and belonged to the Executive Board of the CaberNet European Network of Excellence. He was coordinator of the CORTEX IST/FET project (http://cortex.di.fc.ul.pt). Paulo Veríssimo leads the Navigators research group of LASIGE, and is currently interested in: architecture, middleware and protocols for distributed, pervasive and embedded systems, in the facets of real-time adaptability and fault/intrusion tolerance. He is author of more than 160 refereed publications in international scientific conferences and journals in the area, and co-author of five books http://www.navigators.di.fc.ul.pt/dssa/.
Mario has been involved in development of advanced security solutions for the last seven years and has rich engineering background spanning the last 20 years. Before founding ReversingLabs, Mario was the Director of Research at Bit9 and one of its founding engineers. He spoke at numerous conferences over the last 6 years including CEIC, Black Hat, RSA, Defcon, Caro Workshop, Virus Bulletin and AVAR Conferences. He is author of numerous blog posts on security and has authored "Protection in Untrusted Environments" chapter for the "Virtualization for Security" book. He coordinates AMTSO Advisory Board and works with IEEE Malware Working Group.
Ian Walden is Professor of Information and Communications Law and head of the Institute of Computer and Communications Law in the Centre for Commercial Law Studies, Queen Mary, University of London. His publications include EDI and the Law (1989), Information Technology and the Law (1990), EDI Audit and Control (1993), Cross-border Electronic Banking (2nd ed., 2000), Telecommunications Law Handbook (1997), E-Commerce Law and Practice in Europe (2001), Computer Crimes and Digital Investigations (2007), Media Law and Practice (2009) and Telecommunications Law and Regulation (4th ed., 2012). Ian has been involved in law reform projects for the World Bank, the European Commission, UNCTAD, UNECE and the EBRD, as well as for a number of individual states. Ian was awarded a Council of Europe Human Rights Fellowship (1987-88); was a seconded national expert to the European Commission DG-Industry (1995-96); Board Member and Trustee of the Internet Watch Foundation (2004-09) and on the Executive Board of the UK Council for Child Internet Safety (2010-12). Ian is a solicitor and Of Counsel to Baker & McKenzie. He is currently a member of the Press Complaints Commission.
Agenda Day 1
|Time||Plenary||Track 1||Track 2|
Intro and Keynote 1
Panel: European data protection - what do the changes mean for cloud computing?
Cloud Technologies 1
Panel: Global infrastructure, national laws - international differences and cloud computing
Panel: Cloud Security User Perspective
Panel: The Positive Impact of Cloud Computing on Security
Government Policy on Cloud Security
Forensics and Investigations
Cloud Technologies 2
Agenda Day 2
|Time||Plenary||Track 1||Track 2|
SLAs and Monitoring
Panel: Cloud Provider Panel - The World According To...
Panel: Measuring security in a cloud-enabled organization full of consumer devices
Governance, Risk and Compliance
Sensitive Services in the Cloud
About SecureCloud 2012
SecureCloud 2012 is a premier educational and networking event on cloud computing security and privacy, hosted and organized by Cloud Security Alliance (CSA), the European Network and Information Security Agency (ENISA), CASED/Fraunhofer SIT and ISACA, four of the leading organisations shaping the future of cloud computing security.
SecureCloud 2012 is the only European conference to focus specifically on cloud computing security. It provides a unique opportunity for political and corporate decision-makers, CEO, CTO, CISOs, business leaders, and information security practitioners not only to learn, but also to make important global contacts and to participate in interactive strategy sessions with high level experts in cloud computing security. SecureCloud 2012 will have a special focus on the legal and policy aspects of cloud computing security.
The programme committee of SecureCloud 2012 is
- Avner Algom, IGT
- Paolo Balboni , EPA - ICT Legal Consulting
- Daniele Catteddu, EMEA Managing Director, CSA
- Theo Dimitrakos, British Telecom
- Marnix Dekker, ENISA
- Gerhard Eschelbeck, CTO & SVP at Sophos
- Ramses Gallego, Quest Software/ISACA
- Andrea Glorioso, European Commission, DG INFSO
- Ron Hale, ISACA
- Giles Hogben, ENISA (chair)
- Brian Honan, BHConsulting
- Ben Katsumi, IPA, Japan
- Philippe Massonet, CETIC, Belgium
- Manuel Medina, ENISA
- Jim Reavis (Conference co-chair), CSA
- Ahmad-Reza Sadeghi (PC co-chair), Fraunhofer CASED
- Michael Waidner (Conference co-chair), Fraunhofer SIT
- Colin Watson, Watson Hall
- Lorenzo Valeri, Louis University of Rome
- Dov Yoran, CSA / MetroSITE Group
SecureCloud 2012 has been organized in partnership with isits AG International School of IT Security.
For general questions send an email to: [email protected]
For press enquiries and a press kit send an email to: [email protected]
For details on sponsorship opportunities, please download the SecureCloud 2012 Conference Sponsorship Information document.
|Presenter||Day # / Track #||Title||Download|
|Carl-Christian Buhr||Day 1 / Keynote||The European Cloud Computing Strategy||Slideshare|
|Billy Hawkes||Day 1 / Keynote||Data Protection in the Cloud – unclouding the Issues||Download (ppt)|
|Alain Pannetrat||Day 1 / Track 1||Download (pdf)|
|Jorge Gasos||Day 1 / Track 1||Towards a European Cloud Computing Strategy||Download (pdf)|
|John van Huijgevoort||Day 1 / Track 1||Cloud computing security in the Dutch Government||Download (pdf)|
|Ben T. Katsumi||Day 1 / Track 1||How Cloud Survived the Earthquake and Served People||Download (pptx)|
|Anirban Basu||Day 1 / Track 2||Practical privacy using homomorphic encryption – a myth or reality?||Download (ppt)|
|Steve Markey||Day 1 / Track 2||Securing Databases in the Cloud||Download (ppt)|
|Srijith Nair||Day 1 / Track 2||On the Security of Data Stored in the Cloud||Download (ppt)|
|Robert Bohn||Day 2 / Keynote||NIST Cloud Computing Program – Highlights & Next Steps||Download (pptx)|
|Giles Hogben||Day 2 / Track 1||PROCURE SECURE | Continuous monitoring for public sector cloud services||Download (pptx)|
|Dr. Jesus Luna||Day 2 / Track 1||QUantifiable End-to-end SecuriTy for Cloud Trustworthiness||Download (ppt)|
|Andy Dancer||Day 2 / Track 2||10 Reasons Not to Virtualize||Download (ppt)|
|Paolo Verissimo||Day 2 / Track 2||Architectural Resilience in Cloud Computing||Download (pdf)|
|Fadi El-Moussa||Day 2 / Track 2||Protecting systems and applications on virtual data centres and in the cloud: challenges, emerging solutions and lessons learnt||Download (pptx)|