Cloud Risk Assessment

  • TYPE: Combined Session DATE: Wednesday, May 06, 2015 TIME: 15:30-16:30 LOCATION: AUDITORIUM
Track

Sessions:

The modern reality is that even the most technology conservative companies are thinking to shift some of their valuable assets to the cloud. However, since anyone with a credit card can purchase cloud services with a single click, the governance and control of organisations are frequently being circumvented. This can create various challenges for organisations that wish to adopt the cloud securely and reliably.

This session will lead you through various approaches on how to assess and mitigate risks for onboarding cloud solutions.

Key Takeaways:

  1. understanding of information risks related to cloud usage.
  2. understanding of the concept of dynamic selection of controls, based on data profile, to mitigate cloud risks.
  3. application of the proposed framework in daily practice (e.g. by turning it into a software tool that allows quick and easy control selection for employees responsible)

Speakers:

John is partner of the Amstelveen practice of KPMG IT Advisory. In his current position he is heading the Information Security Services of KPMG in Netherland, covering the following services: lSecurity Strategy Services lIT Governance, Risk and Compliance lTechnical Security Services...

Olga is a security advisor within KPMG IT Advisory, the Netherlands. She advises companies on Cloud Security, Identity and Access Management, Data Privacy, and Cyber Incident Response. Olga also performs IT assurance and certification audits for various clients in Europe and abroad. Olga is...


This talk will propose a data-driven selection of organisational, technical, contractual and assurance requirements, so secure usage of cloud solutions within the enterprise can be guaranteed. The importance of data oriented control selection will be outlined and key control domains will be introduced.


Speaker:

Olga is a security advisor within KPMG IT Advisory, the Netherlands. She advises companies on Cloud Security, Identity and Access Management, Data Privacy, and Cyber Incident Response. Olga also performs IT assurance and certification audits for various clients in Europe and abroad. Olga is...


Cloud ecosystems are dynamic and flexible enablers for innovative business models. Some business models, especially for the European cloud market, however, still face challenges in security, privacy, and trust.

A common approach among cloud providers addressing these challenges is proving one's reliability and trustworthyness by audit certificates. Basically, audit certificates are based on national and/or international as well as business and/or governmental compliance rules. The most prominent certifications in cloud computing are the "Open Certification Framework (OCF)" of Cloud Security Alliance, EuroCloud's "Star Audit", and "Certified Cloud Service" provided by TÜV Rheinland as well as more general certifications following ISO 27001, BSI Grundschutz, ENISA, and NIST.

This session will discuss the state of the art of auditing and certifying cloud ecosystems and how current certification catalogues and schemes have to be enhanced to meet future requirements - requirements such as dynamic certification, on-demand-audits, and automatic monitoring and evaluations.


Speaker:


When moving to the use of cloud services it is most important to take a risk based approach.  However the process involved is often manual and time consuming; a tool is needed to enable a more rapid and consistent assessment of the risks involved.  This session describes why a risk based approach to the use of cloud services is needed.  It introduces the KuppingerCole Cloud Rapid Risk Assessment Tool developed by KuppingerCole to help organizations assess the risks around their use of cloud services together in a rapid and repeatable manner.


Speaker:



Watch videos:  
Log in to download presentations:  

Moderators:

Session Links

Quick Links

Stay Connected

Information

Congress

European Identity & Cloud Conference 2015

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 05 - 08, 2015 Munich, Germany

Partners

The European Identity & Cloud Conference 2015 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00