Organizations are leaping to embrace "cloud computing" - accessing virtualized resources via the Internet. But are they jumping too soon without weighing all the legal considerations regarding security and privacy? Register for this webinar to hear a government security leader's expert insights on:
e-Discovery and records retention challenges;
Security and privacy risks;
What it takes to ensure safe, secure cloud computing.
Cloud computing is among the hottest topics in both the private and public sectors. Business and technology leaders are enamored with the notion of accessing virtualized resources via the Internet. Cloud's efficiencies promise to save significant money for organizations - and eventually consumers.
Yet, despite cloud's attractiveness, few government agencies especially have implemented any type of cloud computing initiative, mostly because of IT security concerns.
This session tackles those IT security concerns head-on, as David Matthews, Deputy CISO for the City of Seattle, discusses key legal considerations such as:
eDiscovery - Where is the data? Who owns it? If requested, how does one retrieve, analyze or protect this data?
Records Retention - Again, who is responsible for the data? How does one enforce retention rules, and who is responsible for the disaster recovery plan?
Pain Points for Organizations - including accessibility issues, confidentiality concerns, verification of data integrity, risk identification and mitigation, as well as insider threats from cloud provider staff.
Matthews also will provide a brief overview of cloud computing, and he'll conclude with a set of strategies and suggestions for successful, safe engagements in the cloud.
former Dir. of Incident Response, Expedia; Principal Consultant, Public Sector Cyber Security Contracting Services
David Matthews has worked in the information technology (IT) field since 1992. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city's information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city's law department as part of his collaboration with them on e-discovery issues.
Matthews is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers.He is also the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association's Science and Technology and Electronic Discovery committees.
David holds the titles of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Digital Recovery Forensics Specialist (DRFS), and CyberSecurity Forensic Analyst (CSFA).