Digital Risk

  •  TYPE: Track   DATES: May 06 - May 07, 2015
Conference Tracks

While information products and services of the digital economy require information infrastructure to be increasingly shared across jurisdictions and sectors, we are being faced with a rapidly evolving array of digital risk. In this track moderated by KuppingerCole Analysts Dr. Scott David and Dr. Karsten Kinast, lawyers and experts in privacy & IT law, CSOs/CISOs, GRC practitioners and IT professionals will learn how to assess and ultimately manage and mitigate digital risks through a holistic approach. Holistic, because we cannot solve privacy without simultaneously solving other information risk issues, as security, privacy and liability are each key to solving the others.

Moderators:

Tracks:

The New Risk Landscape: IT, Operational Technology and IoT

Sessions:

From Security to Information Security to Digital Risk

Date: Wednesday, May 06, 2015 Time: 11:00-12:00 Location: AUDITORIUM

From Security to Information Security to Digital Risk
Hanns Proenen will take you on a small journey through traditional IT security, as it was until recently, and how he is observing and experiencing the shift to information security and IT risk. He will talk about the tasks for the IT Risk Officer and how to build a firewall between the digital and the analogue world.   

Mapping the Changes in Data and Identity Risk Landscapes - From Physical Security to Information Security to Digital Security to Interaction Security
Well-managed organizations address unique and emerging risks, such as networked data and identity-related risks in the context of their overall risk profile, and seek to implement solutions that can cost-effectively address organizational risk at multiple levels. As new online and networked system risks associated with data and identity handling systems have surfaced, pre-existing risks still remain relevant; and together they vie for the attention of managers around the world, causing them...

Flushing Away Preconceptions of Risk

Date: Wednesday, May 06, 2015 Time: 12:00-13:00 Location: AUDITORIUM

Flushing Away Preconceptions of Risk
Risk is often seen as a dirty word in business. It is a thing that needs to be reduced to nothing, and has no possible good use in an organization, especially a security programme. This couldn’t be more wrong! Risk is an inherent part of any business, and yet it is often poorly recognized and leveraged in the security organisation. In this presentation Thom will look at three areas of the risk conundrum to open the veil on the elusive art of understanding and ultimately measuring...

Negotiating the Risk of Privacy - Understanding Privacy and its Risks
The growing of volume, velocity and variety of Big Data creates new business models for the exploitation of data, for example individual marketing synchronously created out of clickstream data and background knowledge. However, these opportunities arouse privacy concerns. Users lose control over their privacy, and services are uncertain how to keep the trust of their customers in their decent personal data handling. In this presentation the risk of privacy in the modern communication...

Managing Digital Risk: Mapping the New Distributed Risk Landscapes

Sessions:

It Takes a Community to Reduce Risk

Date: Wednesday, May 06, 2015 Time: 14:30-15:30 Location: AUDITORIUM

It Takes a Community to Reduce Risk
To help stakeholders balancing their needs to protect the organization against the needs to run the business - this is the new role IT professionals have to take over in the era of digital business. Moving forward, security people aren´t the "defenders against cyber threats" anymore. They are becoming the facilitators of a balance between the needs to protect and the needs to run a business. In digital Business, we are moving things into the cloud. We are moving things into...

Recruiting Customers, Suppliers and Even Competitors to Help Reduce Risk
Various types of shared economic interests and risks create communities of interest where separate organizations work together such as in myriad supply chains worldwide. How can COIs come together in structured settings such as technical and policy standards initiatives, government programs, markets and other regulatory and self regulatory contexts to identify common needs and design, develop and deploy mutually acceptable solutions?

One Step Closer to the Unhackable Enterprise: Applying an Effective Information Security Strategy
The threat landscape became wicked and rougher. Governments are desperately  trying to fight the cyber threats. But their efforts will  never satisfy the needs. As a company, community or individual you remain a vulnerable target. Applying a layered information security strategy can effectively reduce your risk exposure. Define your drivers and long term security goals; involve your  stakeholders; engage your customers, employees and suppliers; clearly communicate and...

Assessing and Mitigating Cloud Risks

Date: Wednesday, May 06, 2015 Time: 15:30-16:30 Location: AUDITORIUM

Assessing and Mitigating Cloud Risks
The modern reality is that even the most technology conservative companies are thinking to shift some of their valuable assets to the cloud. However, since anyone with a credit card can purchase cloud services with a single click, the governance and control of organisations are frequently being circumvented. This can create various challenges for organisations that wish to adopt the cloud securely and reliably. This session will lead you through various approaches on how to assess and...

Dynamic Control Selection Framework for Onboarding Cloud Solutions
This talk will propose a data-driven selection of organisational, technical, contractual and assurance requirements, so secure usage of cloud solutions within the enterprise can be guaranteed. The importance of data oriented control selection will be outlined and key control domains will be introduced.

Dynamic Certification of Cloud Ecosystems
Cloud ecosystems are dynamic and flexible enablers for innovative business models. Some business models, especially for the European cloud market, however, still face challenges in security, privacy, and trust. A common approach among cloud providers addressing these challenges is proving one's reliability and trustworthyness by audit certificates. Basically, audit certificates are based on national and/or international as well as business and/or governmental compliance rules. The most...

Cloud Risk Assessment – An "Action-Oriented” Approach to Merge Engineering, Economic and Legal Analyses.
When moving to the use of cloud services it is most important to take a risk based approach.  However the process involved is often manual and time consuming; a tool is needed to enable a more rapid and consistent assessment of the risks involved.  This session describes why a risk based approach to the use of cloud services is needed.  It introduces the KuppingerCole Cloud Rapid Risk Assessment Tool developed by KuppingerCole to help organizations assess the risks around...

Understanding and Dealing with Macro-Level Risks that Affect your Institution’s Risk Profile

Date: Wednesday, May 06, 2015 Time: 17:30-18:30 Location: AUDITORIUM

Understanding and Dealing with Macro-Level Risks that Affect your Institution’s Risk Profile
The phrase "think globally, act locally" was initially invoked as a rallying cry of the environmental movement in an effort to help people connect their individual actions to global challenges, and increase their sense of efficacy to effect change by acting in concert to carry shared narratives of environmental risk mitigation into effect. The concept of "think globally, act locally" has new meaning in the context of business organization risk from IoT, the cloud and other networked...

Designing, Developing and Deploying Sustainable Distributed Risk Solutions for your Enterprise

Sessions:

The Proposed New European Union Data Protection Regulation - Status and Implications

Date: Thursday, May 07, 2015 Time: 11:00-12:00 Location: AUDITORIUM

The Proposed New European Union Data Protection Regulation - Status and Implications
The proposed new data protection regulation aims at European data protection standards which are better harmonized than the current legislation and also suit the technical standards in times of transformation. A unified data protection Regulation that is directly applicable as part of the EU’s Digital Single Market shall make it easier for all parties to understand what their rights and obligations are and what compliance risks they need to manage.  One of the main changes...

The Role of Privacy by Design in the New EU Data Protection Regulation
The upcoming EU privacy legislation demands for implementation of a "privacy by design” approach for organizational IT-systems and processes. To showcase technology embracing this principle for Identity, access and secure authentication EU funded the attribute-based Credentials for Trust project (ABC4Trust). ABC4Trust is an EU-funded research and development project advancing the federation and interchangeability of technologies supporting trustworthy and at the same time...

Reaching Compliance Across Jurisdictions: Fundamental Considerations Before Signing a Cloud Services Contract

Date: Thursday, May 07, 2015 Time: 12:00-13:00 Location: AUDITORIUM

Reaching Compliance Across Jurisdictions: Fundamental Considerations Before Signing a Cloud Services Contract
Cloud adoption is rapidly increasing, many organisations struggle to establish a sustainable contracting process. The one-size-fits-all aspect of cloud computing is often reflected in the limited flexibility of cloud service providers during contract negotiations. More and more organizations are left with the choice of signing standard terms and conditions. This strongly increases the need for organizations to define their contract requirements prior to selecting a cloud solution. The...

Managing Digital Risk: Deploying People, Standards, Metrics, and Enforcement

Sessions:

The Role of Policy Management in the Software-Defined Era

Date: Thursday, May 07, 2015 Time: 14:30-15:30 Location: AUDITORIUM

The Role of Policy Management in the Software-Defined Era
The morning sessions explored policy-based solutions to IoT, cloud and other online-based risks. This session explores the connection of technology and people through the growing role of standards in policy management in an era where the reliability of software-based organization and operations are increasingly depended upon by organizations. This session will seek to help businesses to identify what elements of risks are mitigated, and what new risks arise, with these changes....

What Gets Measured Gets Done – Identifying New Metrics for Distributed Digital System Performance to Evaluate and Mitigate Risk.

Date: Thursday, May 07, 2015 Time: 15:30-16:30 Location: AUDITORIUM

What Gets Measured Gets Done – Identifying New Metrics for Distributed Digital System Performance to Evaluate and Mitigate Risk.
Data is the lifeblood of organizations and managers of organizations have access to increasing volumes of data; but what does data really mean in a given context? How can effective and dynamic risk evaluation and mitigation processes be cultivated from better measurement practices in an organization, and a more nuanced understanding of how different sources of risk will reveal themselves through different sorts of metrics.

How to Measure the Real Access Risk?
There are many factors that make up the access risk of users. Access to privileged accounts, but also elevated privileges in certain applications sum up to a complete picture of access risks. Users with uncommon combinations, user that have fairly different access than their peers, users with many direct assignments of entitlements: All these indicators might be related to higher access risk – or not. Aside of that: Not only the assigned entitlements are risk indicators, but also the...

Bringing it All Together – Distributed Strategy Solutions for Distributed Risk

Date: Thursday, May 07, 2015 Time: 17:00-18:00 Location: AUDITORIUM

Bringing it All Together – Distributed Strategy Solutions for Distributed Risk
In evaluating distributed systems risk, the attention to data is misdirected. Rather it is the distributed nature of data management systems (and the increase in interaction volume) that increase the perception and actuality of risk. Distributed problems need distributed solutions. Applying the community of interest approach – how can your organization more effectively reduce and manage risk?

Quick Links

Stay Connected

Information

Congress

European Identity & Cloud Conference 2015

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 05 - 08, 2015 Munich, Germany

Partners

The European Identity & Cloud Conference 2015 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00