Cloud Security 360 Roundtable
Enabling a secure cloud: benchmarking intelligent cloud security
17 April 2018 – London
Roundtable discussions – 14:00-17:00
Behind the scenes tour at Shakespeare’s Globe: 17:00-17:30
Reception – 17.30- 19:30
Thank you to everyone who attended the Cloud Security 360 Roundtable 2018. This was a multi-faceted benchmarking for CISOs, CIOs and senior IT executives directly responsible for greater adoption of cloud. Sharing good practice taken from lessons learned in managing cloud risk and security to create a health-check and response plan.
As threats become ever more advanced and ubiquitous in the era of digital innovation and industry convergence, organisations need to ensure that the security and risk strategies relating to cloud deployments are up to date and fit for purpose and that teams are prepared to deal with the different risks in each area and across each part of the security infrastructure. While preventing all security breaches might be unrealistic, preparing a veritable ‘360’ health-check and a tested response plan for vulnerabilities and costings in the cloud is something that CISOs, CIOs and senior IT executives must do.
The Cloud Security 360 Roundtable provides the opportunity for CISOs, CIOs and other senior risk and technology professionals with remits covering cloud enablement and cyber risk, to examine in-depth and with combined peer group brain power, the different risk perspectives, and crucially costings associated with each area, and to share the latest approaches and updates on cloud security deployments.
The ideal time and place for CISOs to benchmark with other CISOs as well as to meet with CIOs to share experiences around security in the cloud. Reconnect with peers and expand your network of trusted contacts to strengthen your capacity. Receive threat intelligence about cloud vulnerabilities, due diligence for 3rd party supply chain, incident response measures and defending appropriately in the context of cloud adoption.
A multi-faceted ‘360’ look at how the CISO and cybersecurity directors engage with other key functions that are directly involved in key cloud decisions, for investment, governance, innovation and resilience.
Roundtable 1: JUSTIFICATION: Cloud investment (CFO/ Business engagement perspective)
• Proven ways to win investment budget for your security strategy for the cloud
• What are the financial risks and opportunities involved in cloud adoption
• What is the strategic mission of cloud migration • Security costings
Roundtable 2: WHAT ARE THE RISK CONSIDERATIONS: Health risk check (GRC perspective)
• Risks of unsanctioned cloud applications to your security stance
• Legal, privacy and GDPR challenges with the cloud
• Supply chain due diligence
• Security audit considerations • Security costings
Roundtable 3: ACHIEVING THE CIO/CTO VISION WITH SECURITY BY DESIGN: Cloud innovation and transformation (CTO/CIO perspective)
• What key business technology risk decisions do we make
• How are we wrapping security around infrastructure
• Security costings
Roundtable 4: RESPONDERS PERSPECTIVE: Cloud incident response
(CERT/ CNI perspective)
• What is the scope, source, magnitude and management response?
• What data and information should be collected
• Who is on the crisis team
• At what stage should customers be informed?
• What is the difference between responding to an insider attack as opposed to an attack via your cloud provider?
• What should be agreed in advance in the cloud provider contract – based on real experience examples / pitfalls?
• Security costings
David Cripps, CISO, SETL
Quentyn Taylor, Director of Information Security – Europe, Middle East and Africa, Canon
Further CISOs, CIOs, senior strategists and innovators
Timings – half day
14:00-14:20 Arrivals, tea and coffee
14:20-14:35 Introductions and objectives setting – co-chairs
14:35-14:50 Keynote / Case study
14:50-15:40 Roundtables 1-4 working each on a chosen 1st perspective
15:40-15:45 Short coffee break and participants rotate to chosen new table. Facilitators remain fixed to their allocated perspective
15:45-16:35 Roundtables 1-4 working each on a chosen 2nd perspective
16:35-16:55 Conclusions – each table shares back key findings to the whole group
16:55-17:00 Close of Roundtable
17:00-17:30 Backstage tour of Shakespeare Globe Theatre
17:30-19:30 Networking reception
Two facilitators (a practitioner and a senior strategist) will lead each table. Each of the 4 tables will focus on a given different ‘perspective’ of cloud security risk to consider. Attendees will be asked to select 2 out of the possible 4 Roundtables below, rotating in groups with each session lasting for 1 hour. Facilitators and a note-taker will remain fixed to each table to lead and capture the key discussion points, observing The Chatham House Rule.
Shared output benefits
Notes will be taken throughout the roundtable discussions, observing the Chatham House Rule. Once all the feedback has been compiled and written up, the end-result will become the ‘Cloud security 360 health-check and risk plan’, a report that will be distributed to all attendees in the weeks following the event with the combined thoughts and conclusions from the participating leading UK companies.