A survey by Infosecurity Europe of 470 organisations has found that 75% of them intend to reallocate or increase their budgets to secure cloud computing and software as a service within the next 12 months.
Further, interviews conducted by Infosecurity Europe with a panel of 20 Chief Information Security Officers (CISOs) of large enterprises which covered the topic revealed that they are concerned about availability and security aspects of software services in the cloud. They were especially concerned about the lack of standards for working in the cloud, SAAS and secure internet access, all of them said that they would welcome the development of guidelines in this area.
This is the clearest indication that SaaS is well and truly here to stay. With any new technology however a risk assessment must be undertaken before allowing your data to be stored offsite (with a vendor). After all, you can transfer the burden of managing systems, but not the liability if something goes wrong." Raj Samani ISSA
According to Tamar Beck, Group Event Director, Infosecurity Europe, There are many drivers that make Externalisation almost inevitable as competitive new businesses models are underpinned by collaborative working and its ability to enable organisations to seize opportunities as soon as they arise. Cloud computing and SAAS appear to have a pivotal role to play in this new evolving environment where CIOs are challenged to add value to the business and CISOs required to ensure that new services are reliable and secure. The excellent work done by the Jericho Forum in this area is well represented in the keynote programme at Infosecurity Europe 2009 and the subject of working in the cloud SAAS and Externalisation will be covered in a number of business and technical seminars:
In the keynote programme the panel on Externalisation will cover the issues raised by cloud computing and SAAS and consider implications of a more externalised method of working for organisations, and seek to address how Information Security can be managed and maintained when faced with a de-perimeterised business approach. The speakers include Jericho Forum members Paul Simmonds, Global IS Integrated Assurance Director, Astra Zeneca; Adrian Seccombe, CISO, Eli Lilly; John Meakin, Director of Digital Security & CISO, BP; and Raj Samani from the ISSA.
Dr James Blake, Chief Product Strategist, Mimecast talking on Total Email Risk Management from the Cloud who will explain why Cloud Services are emerging as an optimal solution to total email risk management. However without a holistic approach to risk management, threats can infiltrate any business - Trojans can initiate data leaks and application system exploits can start denial-of-service attacks.
Dr Guy Bunker, Chief Scientist, Symantec Corporation will give a seminar on Security in the Cloud which will look at the risks that it poses. From denial of service attacks to malicious insiders he will examine all the risks and recommend solutions.
Peter Wood, Chief of Operations, First Base Technologies and member of the ISACA conference committee on Cloud Computing: 50 Ways to Lose Your Data where he demonstrate some real-world threats posed by ''Cloud Computing'' and suggestions for mitigating the risk.
Infosecurity Europe, running for its 14th year in 2009, is Europes number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Infosecurity Europe is one of five Infosecurity events around the world with events also running in Belgium, Netherlands, Russia, and France. Infosecurity Europe runs from the 28th 30th April 2009, in its new venue Earls Court, London.
To register to attend or for more information please visit www.infosec.co.uk