The Open Group Conference - Seattle 2010

TRACK: Information Security in the Cloud
Wednesday, 2:00 - 3:00

2:00 - 2:45
Cloud Security: the Road Ahead

This presentation will provide an overview of strategic cloud security issues today and in the future, as well as an overview of the Version 2 Security Guidance for Critical Areas of Focus in Cloud Computing by the Cloud Security Alliance (CSA). A roadmap of CSA research priorities for the coming year will also be provided.

Presenter: Jim Reavis, Co-founder and Executive Director, Cloud Security Alliance
For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim's innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security as co-founder, executive director and driving force of the Cloud Security Alliance.

Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, large enterprises and other organizations on the implications of new trends such as Cloud and how to take advantage of them. Jim occasionally blogs at Risk Bloggers.

Jim has previously been an international board member of the ISSA, a global not for profit association of information security professionals and formerly served as the association's Executive Director. Jim was a co-founder of the Alliance for Enterprise Security Risk Management, a partnership between the ISSA, ISACA and ASIS, formed to address the enterprise risk issues associated with the convergence of logical and traditional security. Jim currently serves in an advisory capacity for many of the industry's most successful companies. Jim is also a partner with the MetroSITE Group.

Jim founded SecurityPortal in 1998 and has been an advisor on the launch of many industry ventures. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and serves on WWU's alumni board.

2:45 - 3:30
Enterprise Security and Industry Security Standards: Steps & Pitfalls Along the Way

For Cloud and SaaS to truly succeed it must be embraced by Enterprise businesses. One of the key concerns from the Enterprise is Security: What are the Cloud Security Controls? How do these compare to Enterprise Security Controls? How can these be effectively measured? A successful Cloud Provider not only builds a robust security model, but also clearly demonstrates that they can meet both Enterprise Security requirements, and industry security standards up to and including PCI-DSS and ISO 27001 certifications. This presentation outlines the steps and the potential pitfalls along the way.

Presenter: Niall Browne, CISA, CISSP, CCSP — CISO & VP Information Security, LiveOps
Niall BrowneNiall Browne is the CISO of LiveOps where he is responsible for defining and managing the Enterprise Security, Audit, Risk and IT Regulatory Compliance programs.  LiveOps offers two solutions for Enterprises: Contact Center in the Cloud, a SaaS technology platform for managing contact centers, and Workforce in the Cloud, an on-demand workforce for outsourcing call center calls with over 20,000 independent agents.

Niall has been Co-Chair of the BITS Shared Assessments development committee for the past four years. This audit program was created by the US Financial Services Roundtable BITS, the Big 4 Accounting firms, and the leading US Financial Institutions for the purpose of evaluating the Controls of Service Providers in the US and internationally. As a Service provider he has also led IT Security assessments including PCI-DSS level-1, ISO 27002, SysTrust, SAS-70 Type II, BITS Agreed Upon Procedures (AUP) and FFIEC examinations.

Niall has spoken at numerous industry conferences, as well as participated in radio webcasts, and has been quoted extensively in both online and print media.

Prior to LiveOps, Niall was responsible for Information Security at Yodlee, a Financial Services SaaS provider that manages 3 trillion dollars in assets, and with over 20 million consumers.  

In 2004 Niall was the lead security architect for the European Union (EU) Presidency. He has in-depth security experience leading security initiatives within financial institutions, law enforcement agencies, government departments, and embassies, amongst others, encompassing 500 companies and 20 countries.

Go to Return to previous page

   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page