Don't miss this candid conversation with expert security leaders from the cloud provider, auditing, managed service provider and enterprise communities as they discuss:
- The Shared Responsibility Model
- How cloud security demands change how we think about and implement security practices
- Common mistakes and critical issue to fix
- Trends to watch for in 2021
Tim Sandage is a Senior Manager, ISV Security & Compliance Accelerations for Amazon Web Services (AWS), where he is responsible for global security partner strategic alignment of AWS cloud computing services with current and future compliance capabilities as well as external consulting with AWS customers, public policy organizations, and standard bodies across the globe. Tim is an active public speaker on secure cloud adoption at both internal and external workshops, conferences, and hands-on labs (boot camps) and a community advocate for organization using and promoting cloud technologies.
Previously, Tim worked as a consultant supporting secure adoption of cloud services across multiple cloud services providers, such as Microsoft, Google, Salesforce, and HP. Tim’s work included the development of secure cloud computing practices, risk assessments, and secure/complaint cloud computing adoption. Tim has an extensive US federal government security background with over 25 years of service in the US Air Force running regional classified and unclassified military networks.
Tim is the past president of the ISACA, Puget Sound Chapter in Seattle, WA, and holds multiple certifications, including Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), and Certificate of Cloud Security Knowledge (CCSK). Tim holds a bachelor’s degree in information technology from the University of Phoenix.
Prism RA provides risk advisory and assurance services, focusing on technology and cyber governance, risk, compliance, and security in order to help organizations get the most out of their technology investment, improve the quality of the data they use for decision making, and improve their resilience in the event of a Cyber Attack.
As Director of Prism RA, Mike focuses on cyber and technology risk and security advisory services. With over 40 years of experience including 8 years experience in mainstream IT and more than 20 years with KPMG, Mike possesses a wide range of GRC experience and a proven track record of helping organizations deliver business value from their use of IT. Mike holds a number of certifications, including Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC).
Mike is extensively involved with ISACA, playing leadership roles both at the local and international levels and helping develop a number of ISACA publications, including COBIT and GDPR. Currently, he leads ISACA’s activities with the Cyber Security Alliance, a group of the UK’s cyber security related bodies, who are currently establishing the UK’s Cyber Security Council on behalf of the UK’s Government.
Mike is also a Non-Executive Director of CyberQ Group, an innovative and award winning cyber security services provider. Additionally, he is a member of the Cyber Advisory Board for Cranfield and Aston Universities and is a member of the UK's Institute of Directors (MIoD).
Jeff Collins, Chief Strategy Officer, Lightstream
Lightstream works alongside the world’s leading technology and telecommunications companies, providing on-premise network and cloud integration services through unique engineering, project management and service-oriented solutions that include network integration, cloud migration, security, and system monitoring, all supported through 24/7 managed services.
Jeff has over 15 years of diverse experience transforming brands, companies and cultures by creating business solutions that drive profitable growth. He's passionate about leading disruption through insight-driven strategy that activates brands and companies by attracting customers, inspiring stakeholders, and creating community. As a proven leader, strategist and investor who leverages the power of innovative technology and business process, Jeff helps differentiate companies from their competition, allowing them to attract, engage and retain customers in manners previously unattainable. Jeff is a “catalyst” at his core, passionate about driving technology and business innovation into action while creating momentum in, with, and through others.
Tyler Kennedy, Application Security Engineer, Rewind
Since 2015, Rewind has been on a mission to help businesses protect their SaaS and cloud data. Today, over 70,000 customers in more than 100 countries use Rewind's top-reviewed apps and support to ensure their software-as-as-service applications run uninterrupted. The Rewind platform enables companies to back up, restore and copy the critical data that drives their business.
Tyler brings more than 20 years of experience to his role as Application Security Engineer at Rewind, where he is responsible for the security of the product, the team, and the infrastructure. To meet day-to-day demands, Tyler is a researcher and problem solver, familiar with everything from the hardware architectures in use, to the nuances of popular browsers, to the local laws in areas of operation.
Prior to joining Rewind, Tyler spent several years as a contractor for various Government of Canada projects which included threat assessments, teaching FTEs, and securing critical systems that could have national impact (e.g., market statistics embargo).
In his spare time, Tyler serves as part of CKAN's technical team, primarily responding to security issues. He can also be found working on his many open-source projects, ranging from JVM introspection frameworks to faster JSON parsing for CPython/PyPy. Tyler enjoys reverse engineering both software and physical SoCs (e.g., getting a smart plug to run dd-wrt). Eight years ago he created a development wiki for the popular game Minecraft, with specifications for the reverse engineered protocols and file formats used by the game.
SecureCloudDB helps organizations keep valuable data safe in the cloud through its security software built specifically for public cloud databases. Designed for AWS, SecureCloudDB delivers defense in depth through asset discovery, security risk scoring, vulnerability assessments, and real-time database activity monitoring as well as alerting.
Our event moderator, Aaron, possesses a deep knowledge of cloud architecture, enterprise software, and over 20 years of managerial experience and vision. Prior to SecureCloudDB, Aaron founded BlocWatch and served as the COO of CloudCheckr, Inc. Prior to founding CloudCheckr, Aaron spent over 15 years in the financial industry. He earned a J.D. from State University of New York at Buffalo and a B.A. from Brandeis University. Aaron currently serves on the Board at the Flaum Eye Institute at the University of Rochester Medical Center.