CSO Executive Seminar on Securing the Cloud
Wednesday, January 26, 2011
7:30 am - 8:30 amRegistration and Networking Breakfast
8:30 am - 8:45 amOpening Remarks
Bob Bragdon, Publisher, CSO magazine
8:45 am - 9:45 amAssessing Risks in the Cloud
Jim Reavis, Co-founder, Cloud Security Alliance

Security ranks as one of the top worries (if not the top concern) of organizations considering cloud implementations. In this session, one of the industry’s top experts will delve into the range of risks when using cloud-based platforms -- from data protection to performance and more -- and will offer critical strategies to mitigate them.

9:45 am - 10:15 amAre You Prepared for the Cloud?
Nick Kael, Principal Security Strategist, Symantec

With traditional security transforming to the cloud, enterprises need to plan for cloud deployment using a risk-based, information-centric approach to weatherproofing their cloud.  At the same time, today’s interfaces between the enterprise and service providers are creating new paradigms -- while IT consumerization, virtualization and other technology trends are affecting deployment.  Learn more about how you can prepare in this session.

10:15 am - 10:45 amNetworking Break
10:45 am - 11:30 amWhat Should You Move to the Cloud, and How Do You Protect It?
David Giambruno, Senior Vice President and Chief Information Officer , Revlon

For many organizations compelled to find efficiencies with the cloud, the first question is, what portions of our IT footprint should we put there? Similarly, what technologies and policies should we implement to mitigate risks? In this session, get some foundational and top-level advice from a CIO well-seasoned with cloud experience.

11:35 am - 12:05 amBusiness Technology Briefings

Join us for these briefings to learn about the latest capabilities and solutions in the cloud security market.

Building a Secure and Compliant Cloud Infrastructure
Ben Goodman, Principal Strategist, Novell

As organizations transition from using more traditional IT infrastructure to a combination of physical, virtual and cloud environments, security remains a key component in maintaining IT asset control across users, data and systems.  In this session, we’ll explore the essential questions and answers that help you determine the best strategy for maintaining security and compliance controls in your cloud environment.  You'll not only learn how to decide what to host in the cloud, but how to segment your data for physical, virtual and cloud accessibility.  We'll also review best practices for implementing a layered security model to meet compliance requirements.

Cloud and Collaboration: Security in the New Decade
Farley Stewart, Director of Product Marketing, Websense, Inc.
As services like Facebook, SalesForce, Twitter, and LinkedIn have become widely adopted business tools, the Web has rapidly become the destination for communication and collaboration.  And while organizations have gained greater efficiency, flexibility, and scalability by migrating to the cloud, they are exposed to new risks from malware, methods of attack, loss of confidential data, and the rising cost and complexity of delivering security.  How will your organization embrace this change and the opportunity it presents?  Join this session with Websense to learn more.
12:05 pm - 1:05 pmLunch with Discussion Topics
Security in the Cloud
Facilitated by Anil Gunjal, Director of Solutions Engineering, Savvis

Anil Gunjal, Director of Solutions Engineering at Savvis, will lead a discussion on how Savvis provides enterprise level security in its cloud offerings.  During this session, you’ll gain insights to the enterprise ready cloud, and how you can secure your applications in the Savvis cloud.
Securing Applications in the Cloud
Facilitated by Darren Platt, Chief Technology Officer, Symplified
A "no software" approach to identity management can save you time and money -- and you can derive the benefits in just days with instant integration.  Join us for this lunch discussion and learn how to secure access and SSO to SaaS and internal applications.
The Business Case for Cloud Identity
Facilitated by Vic Lanzillotti, VP of Sales, Eastern Region, Symplified
Join us as Vic Lanzillotti at Symplified discusses the business case for implementing identity and access management as a service.  Vic has been heavily involved in helping companies design and implement solutions to meet their business objectives and show a positive return for rolling out initiatives including single sign on, access control, and provisioning.  Vic's most recent clients include a large, well-known, global and North American insurance company along with the country's largest non-profit home health care provider based in New York City.
Website Vulnerability Management
Facilitated by Mark Meyer, Director, Sales NY, WhiteHat Security
What works and what doesn’t in your environment? How do you manage the different tools and services?  Get answers to these questions and more in this discussion.

1:05 pm - 1:50 pmSecuring the Cloud: A Legal Perspective
Nick Akerman, Partner, Dorsey & Whitney LLP

The first step in securing anything in the cloud is negotiating the right contract terms. Get critical advice from a top legal expert in this session and learn how the federal computer crime statute -- the Computer Fraud and Abuse Act -- can be a valuable tool in securing the cloud.

1:55 pm - 2:25 pmBusiness Technology Briefing

Join us for this briefing to learn about the latest capabilities and solutions in the cloud security market.

Leveraging a Cloud Assessment Tool to Optimize Your Cloud Strategy
Joe Kovara, Senior Principal Consultant, Certified Security Solutions, Inc.

It’s likely that by year’s end, even the largest IT organizations will have developed a cloud technology strategy -- and possibly even executed on one -- that includes public/private cloud evaluation and adoption.  Certified Security Solutions (CSS) – in partnership with Microsoft – has produced a cloud assessment tool that can help organizations decide which applications are the best candidates for public or private cloud architectures, and which ones are better left in-house on physical or virtualized platforms.  This session will feature CSS & Microsoft’s findings, including attributes that make an application a good or poor candidate for public cloud use, the impact of IT requirements on cloud strategy, and systems or processes that organizations may need to have in place to take advantage of the cloud.

2:30 pm - 3:15 pmCreating a Cloud Security Roadmap
Bob Bragdon, Publisher, CSO magazine
Perry Menezes CISSP, CIPP, VP, IT Security Governance, Deutsche Bank
Nick Akerman, Partner, Dorsey & Whitney LLP
David Giambruno, Senior Vice President and Chief Information Officer , Revlon

As projects to move IT operations and applications to the cloud take shape, IT and security executives must document what is moving where, how it’s being secured, and what additional security layers might be needed. Get key advice on how to build your roadmap in this session.

3:15 pm - 3:30 pmWrap Up and Closing Remarks
Bob Bragdon, Publisher, CSO magazine