January 11, 2012- CSA NY Metro Chapter
|Date||January 11, 2012|
|Event Start Time – End Time||6:30PM – 8:30PM|
|Overall Event Title||Governance, Risk and Compliance in the Cloud: CSA’s leading practices to address Legal, Policy and Organizational Risk issues and a practical application example|
|Event abstract||The CSA has brought together some of the largest cloud providers and cloud customers to define the most important pieces of Governance, Risk and Compliance in the Cloud. The resulting frameworks are the CSA’s Cloud Controls Matrix (CCM) and Consensus Assessment Initiative Questions (CAIQ). We will present an overview of these CSA frameworks as well as hear from experts on how they’ve utilized this work with their clients as well as discuss the legal, Policy and Organizational Risk issues surrounding GRC.|
1290 Avenue of the Americas (between 51st and 52nd Streets)
6th FL, Tavern on The Green Conference Room
New York, NY
|Dress Code||Business Causal|
|Pre-meeting networking||6:15 – 6:45pm|
|Event kickoff opening remarks||6:45 – 7pm|
|Speaker||CSA NY Metro Board Member|
|Session Title||Deep dive on CSA’s CCM, CAIQ and STAR|
|Start Time – End Time||7-7:45pm|
|Session Description||Achieving Governance, Risk Management and Compliance (GRC) goals requires appropriate assessment criteria, relevant control objectives and timely access to necessary supporting data. Whether implementing private, public or hybrid clouds, the shift to compute as a service presents new challenges across the spectrum of GRC requirements. The Cloud Security Alliance GRC Stack provides a toolkit for enterprises, cloud providers, security solution providers, IT auditors and other key stakeholders to instrument and assess both private and public clouds against industry established best practices, standards and critical compliance requirements
|Speakers||Laura Posey, Microsoft Corporation, co-chair of CAIQ|
|Bio||Ms. Laura Posey is a Senior Security Strategist in the Global Security Strategy and Diplomacy (GSSD) team at Microsoft, which focuses on driving strategic change, both within Microsoft and externally, to advance cyber security and resiliency. In her role, Ms. Posey draws upon her 12+ years of experience in the technology space to address global challenges related to information assurance and security policy and standards with a special focus on the challenges of government organizations worldwide. Ms. Posey is a strong voice representing Microsoft in the Cloud Security Alliance (CSA) on issues representing both consumers and providers of Cloud services and technology and a supporting member of SAFECODE, addressing supply chain integrity best practices.|
|Panel Discussion||Governance, Risk and Compliance: The CSA best practices work, legal issues and a practical application example.|
|Start Time – End Time||7:45 – 8:30PM|
Moderator: Brian Peister, iSecure, consultant at MetLife
|Bio(s)||JT Jacoby, NYC Housing Authority, Chief Security Officer
JT Jacoby is Chief Security Officer of the New York City Housing Authority. NYCHA’s 650,000 residents would make it’s resident population the 19th largest city in North America or equivalent to Miami or Boston. As CSO, JT Oversees IT Security, Investigations, Forensics, Policy, Audit and Risk. Mr. Jacoby has also advanced the field of social media cyber intelligence for the government. Previous to NYCHA, JT spent 11 years with Fidelity Investments in several leadership roles including Country Head Information Security – India where he lived in Bangalore for 2 years. Originally from Washington, DC, Mr. Jacoby was Vice President of Auditek, Inc. for 8 years, providing IT security and advisory services for firms such as Citibank, Ford, Deutsche Bank, and many other Fortune 200 firms. He maintains CISA, C-RISC and CISM certifications, serves on NGO boards and is an avid scuba diver. He frequently speaks at IT security conferences and lives in Manhattan.
Joe Cupano, EMC, Global Alliances Solutions Strategist
Mr. Cupano moved into Financial Services sector first with Salomon Smith Barney and then as a Director with UBS (aka Swiss Bank) serving as the Global Technology Manager for Security and eCommerce. At UBS, Mr. Cupano also served as a security industry subject matter expert supporting Corporate Finance and Global Equities business line activities.
In 2006, Mr Cupano joined EMC supporting the company’s investment into the security marketplace starting with the acquisition of RSA. He helped develop the Information Security Practice leading a number of engagements globally and then focused on complex security requirements for various US Federal agencies. He currently works in EMC Global Alliances developing trusted cloud solutions with well branded partners.
Laura Posey, Microsoft Corporation, co-chair of CAIQ (see above)
Brian Peister, iSecure, consultant at MetLife
Brian is presently a Security Consultant for a Fortune 500 insurance, real estate, financial and banking provider. He enhanced the risk mitigation approach and incorporated Cloud Security Alliances guidance on assessing vendor’s cloud computing security controls. He is also building the application security strategy for a number of organizations to align with industry and DoD standards.
Brian holds a Bachelor of Science degree in Management Information Systems from the University of Bridgeport. Brian is one of the founding members of the board of directors of the Cloud Security Alliance NY Metro chapter. He is a former board member of the OWASP NJ/NY chapter, and is an active member of Newark’s Infragard (FBI/Corporate Information Sharing Group).
|Session Title||Wrap Up|
|Start Time – End Time||8:30-8:45PM|