Registration Opens for the Cloud Security Alliance Research Summit at RSA Conference 2022

The Cloud Security Alliance (CSA) announced that registration has opened for its upcoming CSA Research Summit at RSAC 2022. The event, being held in conjunction with the 2022 RSA Conference on February 7 at the Moscone Center in San Francisco, will showcase the research projects that will define cloud security for years to come.

“For over a decade, the Cloud Security Alliance Summit has been a Monday fixture at the RSA Conference, providing a look ahead at the important trends in cloud and cybersecurity for the coming year. We are proud to be back in person with a special event showcasing the research projects that will define cloud security for years to come,” said Jim Reavis, co-founder and CEO, Cloud Security Alliance. “2022 is commencing with cloud finally entrenched as the primary IT system worldwide and cloud security now the foundation of cybersecurity programs. The CSA Research Summit will provide the latest updates in new and existing research projects, providing critical tools and guidance for the cloud adopting community.”

Featured sessions from key CSA working groups will cover topics such as Zero Trust, top threats in the cloud, vulnerabilities identification and disclosures, cloud key management, and C-suite cloud strategies. including:

• Policy Development and Business Alignment for Cloud. Speakers: Jon-Michael Brook, Ed Hagopian, Sean Heide. This discussion will show the usage of the enterprise architecture to cover key areas of cloud, as well as utilizing the Cloud Controls Matrix (CCM) and Consensus Assessment Initiative Questionnaire (CAIQ) to build out appropriate controls within policy.
• Zero Trust: What it is, what it isn’t. Speakers: Jason Garbis, Junaid Islam. This presentation will examine Zero Trust and present and future approaches to this network security concept, along with the importance of identity within the construct of Zero Trust.
• Pillars for Practical Implementation of Secure DevOps. Speaker: Sam Sehgal. In this session, we will provide an overview of the research from Cloud Security Alliance’s DevSecOps Working Group. From collective responsibility to automation, researchers will discuss the recommendations from CSA’s Six Pillars of DevSecOps whitepaper series and the current state of security within cloud application development.
• Cloud Dev Wars: Serverless vs Containers & Microservices. Panel Speakers: Anil Karmel, Vishwas Manral, Aradhna Chetal. A combination of serverless functions, application containers and other microservices are rapidly becoming the foundation of cloud application development and the successor to virtual machines. In this session, researchers from multiple CSA working groups will compare and contrast these tools, articulate the unique security concerns of each, and provide guidance for security strategies encompassing all of these environments.
• Top Threats- Survey Report. Speakers: Sean Heide, Jon-Michael Brook. The final copy of the Top Threats survey report and note findings will be introduced for this session.
• Global Security Database (GSD) – A New CSA Working Group. Speaker: Josh Bressers. In this session, Cloud Security Alliance researchers will discuss the latest developments from our new GSD working group, which is chartered to identify and understand the problems around vulnerability discovery, reporting, publication, tracking, and classification.
• Taking Control of Your Enterprise’s IoT Security. Speaker: Brian Russell. This presentation will cover the CSA IoT Security Control Matrix and how enterprise organizations can tailor it to their unique risk profiles, leverage the matrix to create or update an Enterprise IoT Security Architecture, and how it can be applied across different industries, including manufacturing, health care operations, and transportation.
• Cloud Security in the Quantum Era: Getting ready for Y2Q. Speaker: Bruno Huttner. Attendees will get an overview of the quantum computer and quantum threat, as well as possible solutions some of which are based on new algorithms, known as quantum-resistant algorithms.
• Guidance from Health Information Management (HIM) Publications. Speakers: Jim Angle, Vince Campitelli. This session will use papers from the HIM Working Group as an outline for providing guidance that can benefit healthcare delivery organizations, medical officials and professionals, and patients.
• CxO Trust Initiative: Research for the C-Suite. Speakers: Vinay Patel, Illena Armstrong, John Yeoh. This session will give an overview on some of the research ideas and strategies from the CxO Trust Advisory Council, which includes personal identifiable information (PII) in the cloud, SaaS provider security, Zero Trust models, cross-cloud-platform security strategy, security operations and response, confidential computing, regulatory compliance, and cloud expertise, among others.

Space is limited and interested parties are encouraged to register today.