Archived Webinar: Securing “Shadow IT” and Sensitive Company Data in the Cloud 



Ed Moyle
Director of Thought Leadership and Research


Raef Meeuwisse, CISM, CISA
Cyber Simplicity Ltd.

Martin Johnson
Senior Director of Cloud Security
Symantec + Blue Coat

Mari Heiser
Senior Technical Staff Member
IBM Cloud Division


ISACA Members Earn Free CPE

Date: Thursday, 15 September 2016
Time: 12PM (EDT) / 11AM (CDT) / 9AM (PDT) / 16:00 (UTC)


Rapid employee adoption of cloud apps without IT sanction or oversight, known as Shadow IT, poses substantial problem for IT as CIOs and CISOs work to ensure the security of the cloud services their organizations adopt, control costs and complexity, and effectively manage their overall cloud strategy. Gaining visibility and control over Shadow IT is the first step in ensuring organizations are secure. In addition, uncovering and controlling access to the sensitive corporate data stored and shared in both IT sanctioned and unsanctioned apps, known as shadow data, is often overlooked but arguably even more critical. The costs associated with compliance violations, mitigation costs, and lost reputation that typically follows a cloud account breach can be devastating. This roundtable session will explore the growing risk posed by Shadow IT and Shadow Data and the security obstacles that must be overcome to safely adopt the cloud.

Ed Moyle is currently the Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. In over 15 years in information security, Ed has held numerous positions including: Senior Manager with CTG's global security practice, Vice President and Information Security Officer for Merrill Lynch Investment Managers, and Senior Security Analyst with Trintech. Ed is co-author of Cryptographic Libraries for Developers and frequently contributes to the information security industry as an author, public speaker and analyst.

Raef Meeuwisse is the Director at Cyber Simplicity LTd., holds a CISM, CISA, and CSX Fundamentals certificate, and is the author of several books including Cybersecurity for Beginners. He has organized COBIT aligned security controls frameworks for two multi-billion dollar companies, and created AdaptiveGRC, the world’s first single data source/zero replication governance, risk management and compliance suite. He is a regular speaker at security conferences, including ISACA’s 2016 EuroCACS conference in Dublin, Ireland, and the 2017 InfoSec World conference in Florida, USA.

Martin Johnson is the Senior Director of Cloud Security at Blue Coat. He is responsible for Shadow IT Audit and its integration with Blue Coat proxies, SWG, and Symantec SEP. Martin has 12 years of experience in network security, including firewalls, endpoint, and SIEMs. For the past 5 years, he has been focused exclusively on cloud security including SWG and CASB. He is the author of the bi-annual Blue Coat Shadow Data Report.

Mari Heiser is an IBM Senior Technical Staff Member and IBM/OpenGroup master certified architect in the IBM Cloud Division. She has over 20 years of experience in architecture, security, governance, risk, compliance and technical management experience in cloud, security, networks and web technologies. Her industry specific experience has been concentrated in banking, bio-tech, education, aerospace and defense industries.

CPE Quiz
CPE Quiz is available for active ISACA members ONLY. Please use your ISACA credentials to access the quiz.

To Register for this webinar: Click Attend (in the box below) and create a BrightTALK ISACA Channel account (please do not use your ISACA login credentials). If you already have a BrightTALK account, log in with your BrightTALK credentials and click Confirm Attendance. Please note: There is an option to add to this event to your Outlook calendar once you have registered.

Additionally, please note that this platform does not currently support Firefox or Safari browsers. We suggest you test your system ahead of the event to ensure your ability to participate. If you are viewing from behind a corporate firewall, you may need to ask your IT administrator whether streaming media is blocked. Test your system.