Cloud Governance

  •  TYPE: Track    START DATE: Thursday, May 16, 2013     START TIME: 14:00    LOCATION:  AUDITORIUM
Parent Track


Virtually every organization today is using the Cloud in some way or another. But do organizations really know what they are using, not to speak about knowing what the Cloud Provider really does? Cloud services with their risk of data sprawl and the lack of control about corporate information is a hot topic for auditors today. Privacy issues, risk management for sensitive information, and other aspects gain more and more attention of auditors. But even besides the regulatory and internal compliance requirements, Cloud Governance and Stewardship are mandatory for any organization. How to enforce Cloud Assurance? How to know what the Cloud Service Provider is doing and whether this meets your requirements? And how to enforce Cloud Security in general? This track covers all these aspects. It is about managing the Cloud right to mitigate risks and gain maximum benefits from using the Cloud.

Continuing Education Credits

Prerequisites: None
Advance Preparation: None
Learning Level: Intermediate
Field: Computer Science

After attending this block you will be able to:

  • Explain what the Upcoming Cyber-security Strategy for the European Union will mean for your Enterprise.
  • Describe what is required to ensure compliance when using hybrid clouds.
  • Describe how a risk assessment concerning the use of cloud services was conducted at a large organization and the standards and tools which were used.
  • Describe the reasons which led an SME holding highly regulated data to move their IT to the cloud.
  • Describe research directions and technology trends to address trusted computing in cloud infrastructures.
  • List KuppingerCole’s top ten tips for negotiating and assuring cloud services.

This block qualifies for up to 2.5 Group Learning based CPEs depending on the number of sessions you attend.


The Upcoming Cybersecurity Strategy for the European Union - What does it mean for your Enterprise?

Date: Thursday, May 16, 2013 Time: 14:00-15:00

The Upcoming Cybersecurity Strategy for the European Union - What does it mean for your Enterprise?
Dr. Jörg Hladjk, Hunton & Williams LLP

On February 7, 2013, the European Commission launched its cybersecurity strategy for the European Union (“Strategy”). As part of this Strategy, the European Commission also proposed a draft directive on measures to ensure a common level of network and information security (“NIS”) across the EU. The proposed Directive is a key component of this Strategy. It introduces a number of measures to enhance cybersecurity, including: The requirement for EU Member States...

Compliance in Hybrid Clouds - Integrated Process Management Despite Regulatory Requirements?
Wolfgang Schmidt, Cloud-EcoSystem e.V.

How can hybrid clouds join together so that a user company operating the respective compliance requirements in the necessary deployment option (leave) and still be able to ensure a consistent and legally compliant process execution? Hybrid cloud connectivity capabilities are a key enabler of the near and long term usage of cloud services. During this session we will show what kind of different hybrid scenarios we see as applicable today at our members, what are the detailed challenges and...

Fast Tracking your Risk Strategy for the Cloud

Date: Thursday, May 16, 2013 Time: 15:00-16:00

Fast Tracking your Risk Strategy for the Cloud
Will your Cloud fail the next audit? Do you have a handle on your risk strategy for the Cloud? Is this level of maturity only suited for Enterprises? Can a smaller businesses do this effectively? This session will outline how to build a scalable Cloud risk strategy based on ISO 27005 and CSA Guidance. This talk will set the tone and enable delegates to come home and fast track a Cloud risk strategy. Cloud Security is only valuable if you have a robust process to identify risk. Managing...

The Reason why RLB Moved to the Cloud
Mark Evans, Rider Levett Bucknall

The presentation details how insecure RLB´s IT systems and infrastructure once were; the server infrastructure was held in a local government building with open public access, the building was classified by the British security services as being a terrorist target and there were periods where we couldn´t enter the building safely in case of an emergency because the building is often used for filming TV series (I walked past Robert Vaughan from "The Magnificent Seven" once!) and...

Top Ten Tips for Negotiating and Assuring Cloud Services

Date: Thursday, May 16, 2013 Time: 16:30-17:30

Top Ten Tips for Negotiating and Assuring Cloud Services
Mike Small, KuppingerCole

How can an organization safely adopt cloud services to gain the benefits they provide? The easy availability of cloud services has sometimes led to line of business managers bypassing the normal procurement processes to obtain cloud services directly without any consideration of the governance and risks involved. There is a confusing jungle of advice on the risks of cloud computing and how to manage these risks. This talk considers advice available and the practical approaches to negotiating...


European Identity & Cloud Conference 2013

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 14 - 17, 2013 Munich/Germany