Managing Digital Risk: Mapping the New Distributed Risk Landscapes

  •  TYPE: Track    START DATE: Wednesday, May 06, 2015     START TIME: 14:30    LOCATION:  AUDITORIUM
Parent Track


As information infrastructure is increasingly shared across jurisdictions and sectors, information risk “clusters” suggest opportunities for identifying “best practices” as candidates for standardization of technology and policy/rules. These clusters are based on the types of information interactions engaged in within various communities, each of which has particular risk and value profiles.  These are the information services and products of the future.

In this section of the 2-day Digital Risk Track, we will explore liability risks for monetary and other damages from direct and indirect risks. Consider attenuation and magnification of risks in
data supply chains – is there a “knowledge” component to liability?

After attending this block of sessions you will be able to

  • Define the new role for information security professionals.
  • Describe both direct, and indirect as well as local and global risks in relation to a shared information “data chain” and how to reduce those risks.
  • Discuss why a risk based approach is best when using the Cloud.
  • Describe Cloud audit certification and discuss its role in managing the risk of Cloud services.

This block qualifies for up to 3 Group Learning based CPEs depending on the number of sessions you attended.


It Takes a Community to Reduce Risk

Date: Wednesday, May 06, 2015 Time: 14:30-15:30

It Takes a Community to Reduce Risk
Amar Singh, KuppingerCole

To help stakeholders balancing their needs to protect the organization against the needs to run the business - this is the new role IT professionals have to take over in the era of digital business. Moving forward, security people aren´t the "defenders against cyber threats" anymore. They are becoming the facilitators of a balance between the needs to protect and the needs to run a business. In digital Business, we are moving things into the cloud. We are moving things into...

Recruiting Customers, Suppliers and Even Competitors to Help Reduce Risk
Dr. Ravindar Bindra, Novartis AG • Amar Singh, KuppingerCole • Thom Langford, SentinelOne • Arieh Shalem, Orange • Dr. Adriana Nugter, Independent Senior Consultant

Various types of shared economic interests and risks create communities of interest where separate organizations work together such as in myriad supply chains worldwide. How can COIs come together in structured settings such as technical and policy standards initiatives, government programs, markets and other regulatory and self regulatory contexts to identify common needs and design, develop and deploy mutually acceptable solutions?

One Step Closer to the Unhackable Enterprise: Applying an Effective Information Security Strategy
Stefan van Gansbeke, CM/MC Health Insurance Fund Belgium

The threat landscape became wicked and rougher. Governments are desperately  trying to fight the cyber threats. But their efforts will  never satisfy the needs. As a company, community or individual you remain a vulnerable target. Applying a layered information security strategy can effectively reduce your risk exposure. Define your drivers and long term security goals; involve your  stakeholders; engage your customers, employees and suppliers; clearly communicate and...

Assessing and Mitigating Cloud Risks

Date: Wednesday, May 06, 2015 Time: 15:30-16:30

Assessing and Mitigating Cloud Risks
Mario Hoffmann, Fraunhofer AISEC • John Hermans, KPMG • Mike Small, KuppingerCole • Olga Kulikova, KPMG

The modern reality is that even the most technology conservative companies are thinking to shift some of their valuable assets to the cloud. However, since anyone with a credit card can purchase cloud services with a single click, the governance and control of organisations are frequently being circumvented. This can create various challenges for organisations that wish to adopt the cloud securely and reliably. This session will lead you through various approaches on how to assess and...

Dynamic Control Selection Framework for Onboarding Cloud Solutions
Olga Kulikova, KPMG

This talk will propose a data-driven selection of organisational, technical, contractual and assurance requirements, so secure usage of cloud solutions within the enterprise can be guaranteed. The importance of data oriented control selection will be outlined and key control domains will be introduced.

Dynamic Certification of Cloud Ecosystems
Mario Hoffmann, Fraunhofer AISEC

Cloud ecosystems are dynamic and flexible enablers for innovative business models. Some business models, especially for the European cloud market, however, still face challenges in security, privacy, and trust. A common approach among cloud providers addressing these challenges is proving one's reliability and trustworthyness by audit certificates. Basically, audit certificates are based on national and/or international as well as business and/or governmental compliance rules. The most...

Cloud Risk Assessment – An "Action-Oriented” Approach to Merge Engineering, Economic and Legal Analyses.
Mike Small, KuppingerCole

When moving to the use of cloud services it is most important to take a risk based approach.  However the process involved is often manual and time consuming; a tool is needed to enable a more rapid and consistent assessment of the risks involved.  This session describes why a risk based approach to the use of cloud services is needed.  It introduces the KuppingerCole Cloud Rapid Risk Assessment Tool developed by KuppingerCole to help organizations assess the risks around...

Understanding and Dealing with Macro-Level Risks that Affect your Institution’s Risk Profile

Date: Wednesday, May 06, 2015 Time: 17:30-18:30

Understanding and Dealing with Macro-Level Risks that Affect your Institution’s Risk Profile
Robin Wilton, Internet Society • Howard Mannella, Alternative Resiliency Services Corp • Karyn Higa-Smith, U.S. Department of Homeland Security • Ben Bildstein, Department of Industry and Science (Australian Government)

The phrase "think globally, act locally" was initially invoked as a rallying cry of the environmental movement in an effort to help people connect their individual actions to global challenges, and increase their sense of efficacy to effect change by acting in concert to carry shared narratives of environmental risk mitigation into effect. The concept of "think globally, act locally" has new meaning in the context of business organization risk from IoT, the cloud and other networked...


European Identity & Cloud Conference 2015

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 05 - 08, 2015 Munich, Germany