Cloud Security Alliance BeLux Event, supported by LSEC, Hosted by IBM
The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. CSA and LSEC have teamed up to bring you the latest updates, research, challenges and measures in providing and retrieving assurance while bringing parts of the business into the cloud. With a group of renowned international speakers, you will enjoy a program containing the latest in Service Level and Privacy Agreements, Data Protection, European Commission Directives, and the Cloud Security, Trust and Assurance Registry Program (STAR) from the Cloud Security Alliance.
Introduction & Welcome : Cloud Assurance, by Ulrich Seldeslachts, CEO LSEC
Cloud Security, Trust and Assurance Registry – the CSA STAR Program | Damir Savanović, Senior Analyst and Researcher at Cloud Security Alliance (Slovenia)
The CSA Security, Trust and Assurance Registry (STAR) Program is a comprehensive set of offerings for cloud provider trust and assurance. The CSA STAR Program is a publicly accessible registry designed to recognize the varying assurance requirements and maturity levels of cloud providers and consumers, and is used by customers, providers, industries and governments around the world. STAR consists of 3 levels of assurance, which currently cover 4 unique offerings. All offerings are based upon our succinct yet comprehensive list of cloud-centric control objectives in the CSA Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations.
Aboout Damir Savanovic: Damir is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO 27001 and PCI DSS and before that for quality of IT processes based on COBIT and ITIL frameworks. Before joining Société Générale Group, Damir worked as Information Systems Auditor at Ernst & Young. His field of expertise is information security, cloud computing and assurance. He worked in variety of industries including financial, telecommunications, manufacturing and retail in the Central Eastern Europe. Damir has performed multiple information system audits, security and compliance audits in various banks and financial institutions in the region. With his broad knowledge of information security and understanding of IT and business processes, he is capable of communicating technical topics to business managers. He is very active in the community as board member of CSA Slovenia chapter and ISACA Slovenia chapter. Damir graduated from University of Ljubljana (Slovenia) in Information Technology and holds CCSK, CISM and CISA certifications
Cloud Data Protection – Cloud Data Governance | Jonathan Sage (UK), Government and Regulatory Affairs EU Executive at IBM, EMEA lead at IBM on cyber security and cloud computing policy
Abstract will follow shortly...
Cloud SLAs & PLA’s: about Cybersecurity, Data management, Personal data protection, Experience Level Agreements & the Human factor | Arthur van der Wees, Conference Chair Cloud FS US, Managing Director Arthur's Legal, Founder CEO Zapplied Platform, and Advisory Member
Arthur van der Wees is managing director of international law firm Arthur’s Legal, with its headquarters in Amsterdam. He is senior lawyer, enterpreneur, strategist and investor, who has indepth experience and is well-connected in the world of technology, data & global business. For instance he is member of the European Committee Cloud Select Industry Group on cloud computing & SLA’s (C-SIG SLA), co-author of the EC Cloud SLA Standardisation Guidelines, co-contributor to ISO norms such as ISO/IEC 19086, co-author of Privacy Level Agreement 2.0, member of the EC’s Alliance IoT Innovation, and consortium partner to DG Connect H2020 project, SLA Ready. One of this other ventures is Zapplied Platform, combining cloud technology and AI with document & deal automation and social collaboration.
Cloud Assurance - a perspective from the IT-Auditor: Service Organization Control (SOC) Reporting | Dirk Timmerman, Executive Director IT Audit KPMG & Dave Vanhaute, Manager KPMG IT Advisory
This presentation provides the audience an overview of sources of assurance over service organizations, including cloud service providers, and further elaborates on Service Organization Control (SOC) Reporting. It contrasts SOC reporting to ISO 27001 certifications and links SOC reporting to the CSA STAR Program. Dirk Timmerman is an Executive Director at KPMG IT Advisory in Belgium and is heading the Belgian IT Attestation group of KPMG. Dave Vanhaute is Manager at KPMG IT Advisory in Belgium and is active member of the Belgian IT Attestation group of KPMG.
Practical Details & Registration
Cloud Security Alliance BeLux Chapter Event
IBM Forum, Brussels - Belgium
Thursday 25 September, from 10am till 4.00pm
Registration is free of charge upon prior registration via the registration page