Event Recording

Assessing and Mitigating Cloud Risks

Show description
Speakers
John Hermans
Partner
KPMG
John Hermans
John is partner of the Amstelveen practice of KPMG IT Advisory. In his current position he is heading the Information Security Services of KPMG in Netherland, covering the following services: lSecurity Strategy Services lIT Governance, Risk and Compliance lTechnical Security Services...
View profile
Mario Hoffmann
Head of Department "Service & Application Security"
Fraunhofer AISEC
Mario Hoffmann
View profile
Olga Kulikova
IT advisor
KPMG
Olga Kulikova
Olga is a security advisor within KPMG IT Advisory, the Netherlands. She advises companies on Cloud Security, Identity and Access Management, Data Privacy, and Cyber Incident Response. Olga also performs IT assurance and certification audits for various clients in Europe and abroad. Olga is...
View profile
Mike Small
Senior Analyst
KuppingerCole
Mike Small
Mike Small is the retired director of security management strategy of CA, where he was responsible for the technical strategy for CA's security management software product line within Europe, Middle East and Africa. Mike did work for CA between 1994 and 2009, where he developed CA’s...
View profile
Playlist
European Identity & Cloud Conference 2015
Event Recording
Hanns Proenen - Digital Risk & the Analog World
May 14, 2015

It seems that the Internet of Everything and the convergence of IT and OT (Operational Technology) are on their way to take control over the analogue part of our world, with digital threats not only affecting our companies and each of us as individuals, but also public life as a whole. How real are those threats and how serious are the risks evolving from them?

Hanns Proenen shows in his keynote, why mitigation and remediation of digital risks evolving from this new threat landscape are requiring new skills from IT security professionals and how these new skills will look like.

Event Recording
Impressions from the EIC 2015
May 08, 2015

Thank you for attending the EIC 2015. See you next year!

Event Recording
David Mount - A smarter, More Secure Internet of Things?
May 15, 2015

We are standing on the very brink of the most fundamental change in the way human beings use technology since the introduction of agriculture, over 6 thousand years ago. The Internet of Things will not just change our work or home, it will change every aspect of our lives, including redefining the very concepts of privacy, industry and government. When something is so important, how can we build in the security and intelligence necessary? What are the key challenges we face? And what will an always on, hyperconnected world mean to the concept of identity itself?

In this plenary session, David Mount discusses the opportunities and challenges of the Internet of Things, as well as some of the early indicators of what the IoT world will look like. He also addresses thinking on security and privacy, and the critical role that the concept of identity will play in the future.

Event Recording
Olga Kulikova - Dynamic Control Selection Framework for Onboarding Cloud Solutions
May 17, 2015

This talk proposes a data-driven selection of organisational, technical, contractual and assurance requirements, so secure usage of cloud solutions within the enterprise can be guaranteed. The importance of data oriented control selection is outlined and key control domains are introduced.

Event Recording
Martin Kuppinger - Identity, Access, Security: The Fundaments for Digital Risk Mitigation in the Age of Transformation
May 14, 2015

The Digital Transformation of Business is unstoppable. It affects virtually all industries. The IoT (Internet of Things) is just a part of this transformation, at the technical level. However, without changing business models, organizations will not succeed. Furthermore, connecting things with apps and services is imposing new challenges. These include product security and liability issues, but also appropriately dealing with customer “big” data. Identity, Access, and Security become critical success factors for the Digital Transformation of Business. Martin Kuppinger talks about how IT has to transform and how Information Security can become a business enabler for the Digital Transformation of Business.

Event Recording
Ravi Bindra - Moving the Security Perimeter: What Needs to be Done Before the Internet Firewalls are Removed?
May 14, 2015

If you announced “we will remove the internet firewalls” different people will hear different things. However, to ensure continued security (confidentiality, availability and integrity) of your information assets you will need to re-prioritise your budget spend, fit out your team with different skill sets, and paugh wholeheartedly at your peers. This presentation discusses all the considerations you may want to take before setting yourself down the path of removing the external barriers, which by itself will lead you to re-define your vision, strategy and roadmap. 

Event Recording
Howard Mannella - I Am a Black Swan
May 15, 2015

Much has been written about “Black Swans”: unpredicted, massively game-changing and, in hindsight completely foreseeable events. Why do they happen and why are we surprised? More importantly, what can we do to mitigate against the unforeseeable?

The potential for game-changing risks is becoming more frequent and more impactful, due to global drivers and trends: from the technology front (speed of technical advance and disintermediation of technology) to the business front (concentration risk from outsourcing and interdependencies of supply chains) to the political front (Eurozone consolidation and global terrorism).

Event Recording
Louis-Marie Fouchard - Cybersecurity for Critical Infrastructures and Industry 4.0: Shaping the future of IAM
May 15, 2015

Identity and Access Management is one of the core building blocks to address IT/OT challenges. The specific situation of OT solutions and critical infrastructures, however, entails a set of functional and non-functional requirements which cannot be fulfilled by off-the-shelf IAM products available in today’s marketplace. New cost-efficient deployment methods, nearly unlimited scalability and light-weight APIs and protocols must be defined and implemented to shape the IAM architectures and services of the future.

In this keynote we give a short overview of the current technology landscape for IAM, the new requirements and some design principles and promising technologies and standards.

Event Recording
Jackson Shaw - The Convergence of IT, Operational Technology and the Internet of Things
May 13, 2015

Did you know that today, there are over 30 billion connected IoT devices? And that in 2020, that number will double? Do you know how these devices connect to the internet? To each other? To their manufacturer? How many IoT devices are used within your company? If you’re a security professional you’ll need to be able to answer these questions and more. In this session, Jackson Shaw discusses the convergence (collision?) of IoT with IT and OT, what it means to him as a consumer and what it means to us as identity and IT security professionals.

Event Recording
Kim Cameron - Identity Services 2020
May 13, 2015

Keynote at the European Identity & Cloud Conference 2015

Event Recording
Patrick Parker - How to Manage Authorizations in Cloud Services: Getting a Grip on Both Microsoft Azure and Amazon AWS
May 14, 2015

As organizations race to transplant onsite infrastructure and applications to the Cloud, strong yet flexible control over authorization will play a critical role. Each Cloud vendor approaches the challenge of role and attribute-based authorization in a completely different manner and the facilities they offer are undergoing a rapid evolution. This session offers an overview of the authorization capabilities offered by the Microsoft Azure and Amazon AWS platforms and include best practice suggestions.

Event Recording
Andrea Servida - Boosting Trust in the Digital Market: the Role of eIDAS Regulation
May 14, 2015

eIDAS Regulation 910/2014 on electronic identification and trust services provides the legal framework for the cross-border recognition of electronic identification means, ensures the legal certainty and interoperability of trust services (namely electronic signatures, electronic seals, electronic registered delivery services, electronic time stamp and web site authentication) and establishes the non-discrimination of electronic documents vis-à-vis their paper equivalent. The presentation focuses on the role of eIDAS in realising the digital single market and on the actions at the EU level to support the uptake of electronic identification and trusts services and the Regulation in the EU.