Virtual Conference: Cloud Maturity – How to Solve Your Cloud Security Challenges 


4 December 2013

Education Sessions  |  Agenda  |  Why Attend  |  FAQs  |  The Virtual Conference Environment

This virtual conference is no longer available.


Earn up to 5 free CPE without the cost of travel!

  How to Earn CPE Credits

Attend this free virtual conference on how to facilitate the decision process for IT and business professionals concerning Cloud Maturity.

Cloud Maturity—How to Solve Your Cloud Security Challenges

The early phases of cloud adoption saw IT departments adopt a certain shoulder-shrugging, Amazon's- security-is-probably-better-than-mine, let's-insist-on-a-tight-SLA approach to security. But now that IT departments are reaching a higher degree of maturity in their cloud adoption, security is ripe for re-examination.

More maturity in cloud security strategies means there are multiple angles from which one's defenses must be examined. Whatever your organization may be doing in the cloud, it needs to fit into the overall framework you are using to shape and monitor your organization's security efforts. What kinds of metrics can you use for cloud deployments? What about identity? As organizations split more and more critical business applications between premise and cloud, IAM takes on a whole new importance. And what about data? Whereas cloud discussions used to be dominated by talk of spinning up server images, increasingly it's clear that the real point is that enterprises are migrating vast amounts of data off premise.

This unique full-day examination of cloud security as it enters its latest phase will tackle strategy, policy and pragmatics. We'll move beyond phase one and gear up for the projects you'll deploy in 2014.

Join us on 4 December from 8:15AM to 5:00PM EST (UTC–5) to:

  • Connect with thousands of your peers from across the globe
  • Earn 5 FREE CPE hours without the cost of travel
  • Ask questions directly to industry experts and speakers
  • Enhance your professional knowledge

Education Sessions

Session 1: Security Best Practices for Cloud IAM

Presented by: President of security consultancy flyingpenguin Davi Ottenheimer, QSA and PA-QSA for K3DES

Many Enterprise IT groups are shifting from on-premise IAM solutions to approaches that are either based in the cloud or are at least capable of integrating cloud IAM solutions and tying them back to the conventional systems. Just as it does in many other functional areas, cloud offers benefits both in cost and manageability where identity is concerned. But cloud identity systems also potentially present a much larger attack surface than is found on conventional on-premise systems. This session looks at the security concerns as well as the potential benefits of cloud-based IAM, along with best practices for transitioning to this approach.


Session 2: Policies, Standards, and Procedures in the Cloud: Making Your Vision the Mission

Presented by: International Vice President Ramsés Gallego, CISM, CGEIT, CCSK, CISSP, SCPM, Six Sigma Black Belt

In a world that changes at the speed of light, we have grown our systems in chaotic mode. Another application, a new environment. A new solution, a different architecture. Normalizing processes and setting a baseline is critical to success. The discipline of defining the right set of policies, a coherent set of standards and an appropriate group of procedures will provide a robust and solid posture when it comes to the Change Management, Service Delivery and Asset Optimization arenas. And when we consider the Cloud dimension, this just gets amplified because of the diversity of public/private/hybrid Clouds; this just gets expanded since there might be different risk postures and diverse set of data where policies and procedures will have an impact.

The time has come for us a society to go set the right tone at the top. To go from vision to mission. To establish the right framework about who has access to what, when, where and how. In a world that is driven by mobility, Social Media and Cloud, this the time for a business-oriented, process-driven, results-oriented approach to policies, standards and procedures.


Session 3: Cloudy with a Few Gotchas

Presented by: Alan Mayer, CISA, CISSP, Information Security Consultant, Security Management Partners

Many companies have started using cloud services, or are thinking about using them. Going to the cloud to outsource an IT service or function adds specific risks to the customer’s initial risk equation. The cloud can be an opaque place and good preparation is essential. Customers must strive to minimize uncertainty and to control risks as best as possible. Using cloud services can transform IT operations and require significant adjustments to IT management systems and processes. This presentation will examine some specific cloud services security requirements, risks and pitfalls, and corresponding risk mitigation strategies. Recent evolutions in cloud services and their impact on IT operations and services will be discussed.

Session 4: Where Is My Data? Tools for Tracking Cloud-Stored Information

Presented by: Paul Burns, President and Founder of Neovise

Many businesses are turning to the remote cloud servers to store files that include important company information. But where is that data stored, exactly? And does that location provide adequate data security and privacy? These questions make tools for tracking cloud data -– both in motion and at rest – vital to optimize cloud services. In this session, learn about tools such as remote monitoring and management (RMM) software platforms, how these RMM platforms are evolving for cloud monitoring and application management, and new cloud data monitoring tools that are on the horizon.

Further Insight: Participants may submit questions during the live Q&A sessions that follow each presentation.


Agenda and Sessions

Live Show

Date:  4 December 2013
Title:  Cloud Maturity – How to Solve Your Cloud Security Challenges
Show hours:  8:15–5:00 EST (All Times EST / UTC-4)

Virtual Seminar Agenda

8:15AM Doors open
8:45 Session 1: Security Best Practices for Cloud IAM
9:45 Dedicated networking time in the Exhibit Hall
10:00 Technology Spotlight Session
10:45 Dedicated networking time in the Exhibit Hall
11:00 Session 2: Policies, Standards, and Procedures in the Cloud: Making Your Vision the Mission
12:00PM Dedicated networking time in the Exhibit Hall
12:15 Technology Spotlight Session
1:00 Dedicated networking time in the Exhibit Hall (longer for lunch break)
1:30 Session 3: Cloudy with a Few Gotchas
2:30 Dedicated networking time in the Exhibit Hall
2:45 Technology Spotlight Session
3:30 Dedicated networking time in the Exhibit Hall
3:45 Session 4: Where Is My Data? Tools for Tracking Cloud-Stored Information
4:45 Dedicated networking time in the Exhibit Hall and Lounge
5:00 Doors Close


Why Attend?

Gain exposure to new thoughts and ideas to discover, implement and deliver results. The Virtual Conference provides a convenient and open forum where you can:

  • Participate in educational sessions presented by knowledgeable speakers and industry experts
  • Earn up to 5 CPE hours with no travel cost
  • Connect with peers around the world
  • Explore the exhibit hall in between sessions, and interact with sponsors, speakers, experts and peers

A resource center, complete with additional information and materials such as white papers, ISACA Journal articles and speaker materials, will also be available.


FAQs and Tips for an Enriching, Educational Virtual Experience

Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.

How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.

What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.

PC Requirements
Click Here to Run System Check

For Technical Support, please email

To attend this event you will need a Windows PC with Internet Explorer 7.0 (minimum), Firefox 10 or 11, or Google Chrome 18. Mac users will need Firefox 10 or 11, Safari 4.5 or higher, or Google Chrome 18. We support Windows XP, Windows Vista and Windows 7 on PCs;. Leopard, Lion and Snow Leopard on Macs. Red Hat Enterprise Linux Server Release 6.2 (64 bit) is also supported. Adobe Flash Player 10 or higher is required. Access to the internet using high-speed access (Cable, DSL, Network) is highly recommended for the overall environment and required for all presentations. Pop-up blockers must be disabled; cookies and JavaScript must be enabled. On entering the seminar, a system check is run to identify computer requirements essential to interact with the virtual conference. It is recommended to view the environment with the display resolution of 1024 x 768.

Attention Internet Explorer 10 Users: A browser setting change is required before accessing your CPE Certificate. Click here to read more.


The Virtual Conference Environment

  • Exhibit Hall—Stop by vendor booths to learn more about products and services important to you and your organization.
  • Resource Center—Browse content by subject in this digital library. Select content for immediate viewing or save it for future reference.
  • Auditorium—Make yourself comfortable in a virtual auditorium where speakers and presentations take place.
  • Networking Lounge—Connect with attendees from across the globe. Start a discussion, meet new people or capture the latest information from your peers in this live, dynamic environment.
  • CPE Information—Complete the Post-Event survey and learn how you can earn your CPE Certificate.