Speaker "Jason Hicks" Details Back



Cloud Security Concerns ­ And What Can I Do About It


Abstract: Cloud computing promises to provide many advantages over the traditional application delivery model currently in use at most organizations. Cloud computing can offer service elasticity or the ability to rapidly expand and contract available processing capacity. Cloud computing can also make it possible to reduce your yearly outlay for IT hardware and data center-related expenses. Cloud computing provides rapid application deployment and a streamlined development process. To use an analogy, sunshine in most parts of the country is often followed by rain. While cloud computing promises many advantages, it also comes with its own unique challenges. Your data can be located in a variety of places and geographies. Providers may be reluctant to provide you with sufficient data on their security posture to properly assess the risk of utilizing their services. It¹s possible to find yourself in a situation where an incident has occurred and your staff doesn¹t have access to the infrastructure necessary to conduct an investigation. You could find your data co-mingled with the data of others on shared hardware. Rest assured it¹s not all doom and gloom ahead. I¹m going to focus on some of the security challenges and opportunities posed by the adoption of cloud-based services and applications. I will provide you with a framework to successfully assess the risk of cloud based applications for your organization. How to create a cloud strategy and governance model. How to avoid a myriad of gotchas associated with cloud adoption. How to address the non-technical issues that can make or brake your cloud strategies success.


Jason Hicks is a highly accomplished executive with proven success building, enhancing, and managing best-in-class security organizations and programs. Mr. Hicks has served in multiple consulting capacities and as a Chief Information Security Officer during his career. Prior to his role at Accuvant + FishNet Security helping CISO's, CSO's & CIO's design, communicate and execute enterprise security strategies, Mr. Hicks was responsible for product security at a major medical device maker. His specialties include security program development, privacy program development, software development security, medical device security, penetration testing, ISO 27001 certification, vulnerability management, physical security program development, investigations/forensics, policy and procedure development, incident response, HIPAA security/privacy and disaster recovery. Mr. Hicks holds a Master¹s Degree in Information Technology and is a Certified Information Systems Security Professional, Holistic Information Security Practitioner, PCI Qualified Security Assessor and Core Impact Certified Professional.