Jeff received the 2007 RSAÆ Conference award for Excellence in the Field of Security Practices. The Bardin-led security team also won the 2007 SC Magazine Award for Best Security Team. Jeff has served as the CSO/CISO for Fortune 1000 firms and is the principal for Treadstone 71. Jeff was most recently the Director of Risk Management at EMC. He has published several articles, is working to publish his first book, and sits on security advisory boards. Jeff holds CISSP, CISM, CHS, and NSA IAM certifications.
Topic:
Cloud Computing is becoming a norm as business move to speed technology deployments, transfer risk, and reduce costs. This session discusses what questions to ask of your cloud provider to ensure the service you expect is truly being provided.† We will cover the types of cloud providers, examine current contracts and terms of service and what this means to you with respect to regulatory and statutory requirements and risk. Many cloud providers offer their service on a ‘use at own risk basis’ providing what seems to be nothing more than a low level availability guarantee with no compensation recompense.† How will you governance this and other such cloud IT contracts? Is a self-direct SAS 70 or ISO27001 certification on the site enough to reduce the enterprise risk presented to your organization? Examine if and what you can and should move to Cloud Computing and when.
HackerJournals