Your SlideShare is downloading. ×
0
Highlights of the CSA Conference       Orlando, Nov. 2010                    	              Guy	  Alfassi	            Alfa...
Agenda•    14:00 Registration, networking and general chaos•    14:20 Highlights of the CSA event in Orlando - Guy Alfassi...
About CSAFormed in 2008 as a non-profit organization.Objectives:•  Promote a common level of understanding•  Promote resea...
CSA Members
CSA Research•  Cloud Control Matrix•  Top threats to Cloud Computing•  Guidance for Identity and Access Management•  Appli...
How to get therehttp://cloudsecurityalliance.org/Managed through a LinkedIn group:Cloud Security Alliancehttp://www.linked...
CSA Israel•  An Israeli chapter of the CSA, formalized in June 2010.•  Our focus:   –  Cloud Security technology innovatio...
About the conferenceFirst independent global event for CSA2 days, 4 tracks , 32 presentations, 4 keynotesHundreds of parti...
About the conferenceKeynotes were very insightfuland surprisingly notown-company-oriented.
About the conference•  General impression: Vendors, clients and   regulators are highly interested in cloud   security.•  ...
FedRAMP•  Federal Risk and Authorization   Management Program•  Providing a standard approach to Assessing   and Authorizi...
FedRAMP – Applicability to Israel•  The standard itself does not apply here.•  The need for such a standard exists.•  A ca...
Quantum DatumInformation Centric Security for CloudComputingRich Mogull, Securossis
Quantum Datum•  An analogy between quantum mechanics   and cloud computing•  Quantum: The minimum unit of a physical   ent...
Quantum Mechanics•  Quantum mechanics looks at the particle,   and tries to explain its behavior.•  Wave- Particle duality...
Why is this relevant?•  The perimeter shrinks to the size of a datum.•  Datum can be in multiple places at the same   time...
What can we do?•  Use data labeling.•  Use data encryption according to security   needs.•  Implement DLP and DRM in our  ...
Upcoming SlideShare
Loading in...5
×

Guy Alfassi - CSA Conference Highlights

482

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
482
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Guy Alfassi - CSA Conference Highlights"

  1. 1. Highlights of the CSA Conference Orlando, Nov. 2010   Guy  Alfassi   Alfa  Consul.ng  
  2. 2. Agenda•  14:00 Registration, networking and general chaos•  14:20 Highlights of the CSA event in Orlando - Guy Alfassi, General Manager, Alfa Consulting•  14:40 CCSK - Ariel Litvin, Technology Innovation Leader, PWC•  14:50 The Technology Showcase Wiki - Iftach Amit, VP Business Development, Security Art•  15:00 Security management to, for, and from the cloud - Oded Tsur, Senior Solution Strategist, CA•  15:30 Short break•  15:50 OWASP Israel & Introduction to OWASP Top 10- Ofer Maor, CTO - Hacktics & Chairman - OWASP Israel•  16:20 Practical Enterprise use cases of data protection in the cloud - Guy Bejerano, Chief Security Officer, LivePerson•  16:50 Virtual Private SaaS - the solution to data privacy and data compliance issues in SaaS - Dr. David Movshovitz, CTO, Navajo Systems
  3. 3. About CSAFormed in 2008 as a non-profit organization.Objectives:•  Promote a common level of understanding•  Promote research•  Awareness•  Create consensus lists and guidance.
  4. 4. CSA Members
  5. 5. CSA Research•  Cloud Control Matrix•  Top threats to Cloud Computing•  Guidance for Identity and Access Management•  Application Security Whitepaper
  6. 6. How to get therehttp://cloudsecurityalliance.org/Managed through a LinkedIn group:Cloud Security Alliancehttp://www.linkedin.com/groups?mostPopular=&gid=1864210
  7. 7. CSA Israel•  An Israeli chapter of the CSA, formalized in June 2010.•  Our focus: –  Cloud Security technology innovations –  localization of Cloud Security best practices –  LinkedIn group: http://www.linkedin.com/groups? mostPopular=&gid=3050440 Join CSA at http://cloudsecurityalliance.org/Membership.html , And then request to join our chapter.
  8. 8. About the conferenceFirst independent global event for CSA2 days, 4 tracks , 32 presentations, 4 keynotesHundreds of participants from all over the world  
  9. 9. About the conferenceKeynotes were very insightfuland surprisingly notown-company-oriented.
  10. 10. About the conference•  General impression: Vendors, clients and regulators are highly interested in cloud security.•  Some might actually try it sometime.
  11. 11. FedRAMP•  Federal Risk and Authorization Management Program•  Providing a standard approach to Assessing and Authorizing (A&A) cloud computing services and products.
  12. 12. FedRAMP – Applicability to Israel•  The standard itself does not apply here.•  The need for such a standard exists.•  A call to action to government / the private sector : Let’s do our own version / adopt FedRamp !
  13. 13. Quantum DatumInformation Centric Security for CloudComputingRich Mogull, Securossis
  14. 14. Quantum Datum•  An analogy between quantum mechanics and cloud computing•  Quantum: The minimum unit of a physical entity.•  Datum: the singular form of Data. A single piece of information.
  15. 15. Quantum Mechanics•  Quantum mechanics looks at the particle, and tries to explain its behavior.•  Wave- Particle duality•  The uncertainty principle: Heisenberg principle
  16. 16. Why is this relevant?•  The perimeter shrinks to the size of a datum.•  Datum can be in multiple places at the same time, and have different security levels.•  A breach for one instance of the datum affects other instances.•  Leakage can occur even when the probability is low.
  17. 17. What can we do?•  Use data labeling.•  Use data encryption according to security needs.•  Implement DLP and DRM in our architecture.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×