RSS
Dr.Shem
feeding my own misguided insanity

Notes from the Cloud Security Alliance (CSA) Congress EMEA 2015

November 27, 2015 Shem Radzikowski No Comments

Last week I was in Berlin attending the Cloud Security Alliance (CSA) Congress EMEA 2015, where I had the opportunity to meet some very interesting security specialists in visualization, cloud, telecom and networking sectors.

My full notes are a bit too long for the post but you are welcome to download the CSA Congress EMEA Notes in PDF format.

Memorable quotes:

  • “If you put software on a donkey, you can hack the donkey
  • “Attesting to software security is the same as attesting that you won’t die in the next five years
  • Secure by Design” — This statement is designed to silence people who want real answers. Vendors don’t want you to know that they have no bulletproof solution to the security problem.
  • DDoS attacks are on the rise and are now starting to be seen as a smokescreen for the “real” or “secondary” attack and ultimate exfiltration of data.
  • Can’t tell difference between APT (advanced persistent threat) i.e., Government or State vs an individual hacker — they all use the same tactics —
  • Time from Theft of data to Monetization is very short — days, rather than months
  • People matter during response to a threat. You can automate most of the things about security, but not during the response phase — you can’t outsource decision making, how to respond, or what you should do next. During security response there is a change in who is in charge — from technology to –> people.
  • Software Defined Perimeter and Single Packet Authorization – aims to be able to withstand at least 1 TB traffic and significantly blacken the server (server does not respond at all — zero scanning footprint)
  • IPfication of devices — “the most profound technologies are those that disappear” — zero-gateway architecture
Fraunhofer FOKUS

It was a real treat rubbing shoulders with researchers in a place responsible for many breakthroughs over the years — Fraunhofer FOKUS

Topics Covered

  • CSA Working Group and Research Workshops (at Fraunhofer FOKUS)
  • Among the topics which were presented:
    • Cloud Computing Security Innovation
    • Cloud Service Level Agreement
    • Risk Management
    • Cloud and Critical Sectors
    • Compliance and Certification
    • New Privacy Regulation
    • Internet of Things Security
    • Mobile and Social Network Security
    • Security Operation and SIEM in the Cloud
    • Forensics and Law Enforcement Access to Data
    • Quantum Safe Cryptography and;
    • Software Defined Perimeter

Download the notes: CSA-Congress-EMEA-2015-Notes.pdf

, , , , , , , , Europe, Security

Leave a Reply

© 2022 Dr.Shem

Subscribe

Subscribe and receive email notifications the moment Dr.Shem publishes a new post.

Our Sponsors

Recent Posts

Tag Cloud

Accra Advanced Persistent Threat Africa Airline Airport Airport Security APT Arab Spring Botswana Business Corruption Cybersecurity Dar es Salaam Diplomacy Dubai Emirates Employment Ghana Government Health Journalism Kenya Lusaka Malta Media Middle East Nepal Paragliding Pokhara Politics Population Privacy Relationships Scam Security Sport Tanzania Taxi Technology Travel UAE UN United Nations Work Zambia

Archives