Cloud Governance, Risk, Compliance

  • TYPE: Combined Session DATE: Thursday, May 16, 2013 TIME: 14:00-15:00 LOCATION: AUDITORIUM


On February 7, 2013, the European Commission launched its cybersecurity strategy for the European Union (“Strategy”). As part of this Strategy, the European Commission also proposed a draft directive on measures to ensure a common level of network and information security (“NIS”) across the EU. The proposed Directive is a key component of this Strategy. It introduces a number of measures to enhance cybersecurity, including:

  • The requirement for EU Member States to adopt a NIS strategy and to designate national NIS authorities to prevent, handle and respond to NIS risks and incidents;
  • The creation of a cooperation network to enable the national NIS authorities, the European Commission and, in certain cases, the European Network and Information Security Agency (“ENISA”) and the Europol Cybercrime Center, to share early warnings on risks and incidents and cooperate on further steps;
  • The obligation for (1) operators of “critical” infrastructures in certain sectors (financial services, transport, energy and health), (2) providers of information society services and (3) public administrations to implement appropriate security measures and to report incidents having a “significant” impact on the services they provide (e.g., the unavailability of a cloud computing service as a result of which users cannot access their data). Such incidents would have to be reported to the national NIS authorities, who may then decide to inform the public or require companies and public administrations to do so.

The FAQs that accompany the proposed NIS Directive include examples of companies that would be obliged to report cyber incidents, such as cloud computing service providers, search engines; e-Commerce platform providers, Internet payment service providers,

providers of VoIP and other communications services, social network providers, platforms enabling the provision and sharing of videos, platforms enabling the provision and sharing of music, major online computer games, and application stores.


How can hybrid clouds join together so that a user company operating the respective compliance requirements in the necessary deployment option (leave) and still be able to ensure a consistent and legally compliant process execution? Hybrid cloud connectivity capabilities are a key enabler of the near and long term usage of cloud services. During this session we will show what kind of different hybrid scenarios we see as applicable today at our members, what are the detailed challenges and key obstacles from their point of view and how different approaches were seen by them.


Dipl. Informatiker Wolfgang Schmidt is acting partner and the managing director of X-INTEGRATE Soft-ware & Consulting GmbH. He has a proven track record as an adept engineer, consultant, project leader and IT manager in software engineering and IT consultancy. He started his career in 1988...

Watch the video:  
Log in to download the presentation:  


Session Links

Wolfgang Schmidt - Compliance in Hybrid Clouds: Integrated Process Management Despite Regulatory...


European Identity & Cloud Conference 2013

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 14 - 17, 2013 Munich/Germany