Introduction to the CloudBytes

CloudBytes are educational Webinars presented monthly during scheduled work group meetings and conducted by fellow CSA members and appointed Industry SME's. The CloudBytes program brings the most important topics to the forefront for education and discussion.

September 24, 2015

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. Data security, privacy and compliance have never been more at risk than in today’s social and…

July 15, 2015

Leveraging Data Control and GRC for Securing Data on the Cloud

Presentation by Ryan Ko- CSA APAC Research Advisor, Vibhav Agarwal – Associate Director - Product Marketing, MetricStream

Leveraging Data Control and GRC for Securing Data on the Cloud - A Practical Guide for Immediate Challenges and An Overview of Long-Term Research Challenges Data security for cloud applications is a perennial challenge due to the lost of control and oversight over data placed within clouds. As cloud becomes mainstream, various industries need to…

July 8, 2015

Myth or Reality: Insider Threat Victims DON'T Have Their Heads in the Cloud

Presentation by Evelyn de Souza, Data Governance Workgroup Chair, Cloud Security Alliance & Data Privacy and Compliance Leader, Cisco Systems

We can safely predict that an insider threat targeting cloud will be the cause of a major data breach over the next 12 months. While cloud insider threats consistently rank as a top concern, they have not been decomposed and mitigated like enterprise exploits. We will uncover threat vectors and behavioural traits and present new…

June 30, 2015

Cloud Standards - Ready for Prime-time (part 2)

Presentation by Michel Drescher, EGI; John Messina, NIST; Peter Deussen, Fraunhofer FOKUS

Cloud computing will not reach its full potential without fully developed and stable management and context standards. Customers indeed expect freedom of choice, increased control and interoperability, as a tool for fair competition and unfettered innovation. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance. While part one…

June 25, 2015

Lessons Learned From the Biggest Security Breaches

Presentation by Jim Reavis, CSA; Michael Sutton, Zscaler

Learn about the biggest security breaches and what it means for your organization. The risk of experiencing a security breach is now higher than ever. Over the last 12 months, some of the highest profile companies have been compromised including Anthem, Sony, Home Depot, JPMorgan Chase, Target and more. 2015 is turning out to be…

June 9, 2015

Cloud Standards - Ready for Prime Time

Presentation by Michel Drescher, EGI; Alan Sill, OGF, Texas Tech University; Alex McDonald, NetApp; David Wallom, Oxford e-Research Centre

Cloud computing will not reach its full potential without the full development and stable management of standards. Customers expect the freedom of choice, increased control, and interoperability as a tool for fair competition and unfettered innovation in cloud services. Effective interoperability demands common technical and legal parameters, which are related to open standards and governance.…

May 19, 2015

How to Negotiate a Proper SLA

Presentation by Jesus Luna, CSA; Frederic Engel, Market Engal SAS;Daniele Catteddu, CSA; Arthur van der Wees; Arthur's Legal; Said Tabet, EMC

The typical cloud customer easily grasps perceived advantages and user-friendliness in the cloud, but they are not security experts. Matching an customer's security requirements with what is being offered by CSPs can be the biggest challenge. Even though most CSPs include security provisions in their SLAs (Service Level Agreements), the variety of customer requirements make…

May 12, 2015

Preparing for 2015: Internet security best practices from the Global 1000

Presentation by Jim Reavis, CEO at the Cloud Security Alliance & Dan Druker, CMO at Zscaler

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down. So what can you do today to keep your security ahead of these trends? In this…

March 19, 2015

Platform as a Service: Build Cloud Applications Rapidly and Reliably

Presentation by Jonathan Sage, IBM; Mike Edwards, IBM; Achille Pinson, PrepMyFuture.com

CloudWATCH webinars aim to evangelise the merits of cloud services to SMEs and governments. This particular session on building cloud applications will explain Platform as a Service. Cloud technologies, such as Bluemix, make app development easier, more practical, and cost effective. Also, Achille Pinson, founder of PrepMyFuture.com, will share his experience as a cloud service…

February 17, 2015

Panel: Leveraging Security Analytics in the Fight Against Cyber-Threats

Presentation by Peter Wood (moderator); Prof. John Walker, James Brown (Alert Logic), Bernd Jaeger (Cloud Security Alliance)

Join this exciting panel session with some of the industry's leading thought leaders including: Peter Wood, CEO, First Base Technologies Prof. John Walker, Researcher, Writer & Speaker, Cyber-Vault Stephen Coty, Chief Security Evangelist, Alert Logic Bernd Jaeger, Cloud Security Alliance The panelists will discuss topics ranging from predictive security, real-time threat intelligence, combining structured and…

February 5, 2015

Cloud CISC Virtual Summit

Presentation by Paul Kurtz, Dave Cullinane

The Cloud Security Alliance (CSA) has chosen to specifically focus on the problem of cyber incident information sharing and find innovative approaches that break down the barriers inhibiting sharing. CSA has selected a partner, TruSTAR Technology, to create what we are calling the industry’s first Cloud CISC (Cyber Incident Sharing Center). We believe it is…

February 4, 2015

An Approach to Cloud Services Risk Management for Today’s Enterprises

Presentation by Deepayan Chanda, Wesley Cheng, Security Solutions Architects, Advanced Services, Cisco Systems

This session provides a methodology and a Business Risk Framework for assessing the risk of an ever-increasing number of cloud services. It builds upon the Cloud Security Alliance Cloud Controls Matrix by enabling users to add new controls and address risk vectors such as the financial viability of a cloud service provider, traffic data, and…

February 4, 2015

An Approach to Cloud Service Provider Risk Management for Today’s Enterprises

Presentation by Derick Fogt, IT Risk Management, Cisco Systems

A great many enterprises leverage the Cloud Security Alliance Cloud Controls Matrix as a primary component for identifying cloud service provider risks. What’s also needed is a way to measure these risks. This session will focus on building a risk rating framework and on better quantifying and operationalizing risk management activities. Presenter: Derick Fogt, IT…

January 29, 2015

Service Management: What Standards Can Do For Business – The Example of FitSM

Presentation by Dr. Thomas Schaaf, Dr. Michael Brenner, Owen Appleton, Sy Holsinger

To meet customer needs and provide valuable services, it is important to maintain a high quality of service, which in itself requires a well-structured approach to IT Service Management (ITSM). Existing approaches such as ITIL and the ISO/IEC 20,000 standard are useful but not always well suited to the challenges of providing cloud or other…

December 4, 2014

IoT Security Challenges for Early Adopters

Presentation by Brian Russell, Chief Engineer CyberSecurity Solutions at Leidos

The Internet of Things (IoT) offers enhanced technology capabilities in diverse industries. In the health care setting, IoT will bring new connected medical devices that support near real-time monitoring of patient health information. In the transportation industry, connected vehicles will communicate securely with each other and with the environment surrounding them, offering safer commutes. In…

November 26, 2014

Monitoring in a Cloud Environment

Presentation by Eliot Salant, Dario Bruneo, Avi Miron - Cloud Wave; Kyriakos Kritikos - PaaSage; Michel Drescher - EGI, CloudWatch

Monitoring resource consumption in a Cloud environment is becoming an increasingly important research topic in order to provide optimal management of both the underlying Cloud infrastructure and executing applications. Clouds are complex environments composed of many different entities and layers. Each of them may be provided with mechanisms offering various management actions. Different situations call…

October 15, 2014

Reducing Risk in the Cloud with the CCM

Presentation by John Yeoh, Sr. Research Analyst, CSA; Sean Cordero, Co-Chair, CSA CCM Working Group

Cloud computing promises to deliver efficiencies through reduced time to market and greater agility for organizations. While the impact of cloud computing is profound, many organizations remain hesitant to consider the cloud. This is often due to a lack of clarity over the unique security risks introduced in the cloud computing model and a perceived…

October 2, 2014

The Role of Certification and Standards for Trusted Cloud Solutions

Presentation by Daniele Catteddu, CSA; Dr. Michaela Iorga, NIST; Marnix Dekkar, ENISA; Claudio Belloli, GSA

Security and privacy certifications have been identified as one of the most effective means to increase the level of trust in cloud services and stimulate their adoption. Based on this assumption, it was critical to focus on the appropriate standards and their interoperability. Therefore, a number of efforts have started in Europe, mainly led by…

September 24, 2014

New Opportunities for Data Privacy and Data Protection Harmonization

Presentation by Evelyn De Souza, Cisco; Dan Blum, Respect Network; Mary Beth Borgwing, Advisen

This week the CSA and Cisco announced the results of a comprehensive survey of cloud security professionals on data privacy considerations. The survey responses highlight a growing and strong interest in harmonizing privacy laws towards a universal set of principles. But what does this really mean as you develop cloud services for your organization? And,…

September 24, 2014

Big, Open, and Properly Protected Data?

Presentation by Mariusz Jarzebowski, demosEUROPA; Ratko Mutavdzic, PROJEKTURA; DR. Gwendal Le Grand, CNIL; Patrice Chazerand, DIGITALEUROPE

Big data keeps making the headlines. Open data is high on governments’ agenda. This CloudWATCH webinar will hear contributors to the research paper ‘’Big & Open Data in Europe: A growth engine or a missed opportunity?” debating the impact on the economic potential of various parts of Europe – North, South and East. CNIL, France’s…

September 23, 2014

HP Cloud Security Total Infrastructure Model for Cyber Defence & Event logging

Presentation by Ilia Tivin- CISSP, CCSK- Senior SIEM consultant and Hiroshi Masuda- HP APJ TSC ITAS(Security) Lead

Cloudbytes is a Webinar/Webcast for the APAC region which would be held monthly for all the CSA chapter members. The CloudBytes program will look to bring the most important topics to the forefront for education and discussion. Security is one of the major barriers to cloud adoption and transformation when we think IT risks in…

August 28, 2014

Multi-tenancy in Federated Clouds

Presentation by Michel Drescher, European Grid Infrastructure; Jesus Luna, CSA; Ian Osborne, Knowledge Transfer Network; Colin Wallis, NZ Gov

However popular multi-tenancy has become in cloud computing, this concept still sounds a bit like a mystery. This CloudWATCH webinar will provide you with a chance to get a crystal-clear take of the concept by clarifying how tenancy is defined, how relations between tenants and their behaviour should be designed. Indeed, in a typical multi-tenancy…

July 24, 2014

Triaging the Cloud: 5 Steps to Putting the Cloud Controls Matrix to Work....

Presentation by John Howie, Cloud Security Alliance; Doug Meier, Pandora; Krishna Narayanaswamy, Netskope

The Cloud Security Alliance’s Cloud Controls Matrix is a rich source of cloud security best practices designed as a framework to provide fundamental security principles to cloud vendors and cloud customers. It serves as a useful guidepost for app developers and technology decision-makers alike. But what if you really want to put it to work…

July 15, 2014

Legal Issues for Cloud Computing

Presentation by Paolo Balboni, ICT Legal Consulting; Lucio Scudiero, ICT Legal Consulting

Cloud Computing Users increasingly attempt to negotiate contract terms for cloud computing services, in order to make them more suitable for their specific needs. However, despite the efforts they make, contracts are still often concluded on a take-it-or-leave-it basis, because of the negotiating power enjoyed by bigger cloud service providers against small service clients. The…

May 16, 2014

2 Minutes on BrightTALK: What are your weak points?

Presentation by Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance

Hear what Daniele Catteddu recommends to strengthen your IT security posture - from risk assessments to mobile and cloud computing.

We are issuing a call for expert speakers with proposed topics. Topics submitted must be vendor neutral and approach the topic area from a technical or management approach rather than a vendor specific product or solution. We would also like to hear from members on topics they feel are in most need to learn about, so we can also look to source a speaker where needed.

Please contact [email protected] if you experience issues with this form.