16
A CISO’s Perspective on Cloud Compliance Everything for the CISO to understand J. Hybinette, CISM, CISSP, NSA-IEM, NSA-IAM, ISSAP, ISSMP 1

A CISO's Perspective on Cloud Compliance

  • Upload
    hosting

  • View
    123

  • Download
    1

Tags:

Embed Size (px)

Citation preview

Page 1: A CISO's Perspective on Cloud Compliance

A CISO’s Perspective on Cloud Compliance

Everything for the CISO to understand

J. Hybinette, CISM, CISSP, NSA-IEM, NSA-IAM, ISSAP, ISSMP

1

Page 2: A CISO's Perspective on Cloud Compliance

2

HOUSEKEEPING

• This webinar is being recorded and an on-demand

version will be available at the same URL at the

conclusion of the webinar

• Please submit questions via the button on the upper left

of the viewer

• If we don’t get to your question during the webinar,

we will follow up with you via email

• Download related resources via the “Attachments”

button above the viewer

• On Twitter? Join the conversation: #CISOcloud,

#HOSTINGspeaks and @HOSTINGdotcom

Page 3: A CISO's Perspective on Cloud Compliance

What is Cloud Computing?

• The origin of the term

cloud computing is

unclear.

• Cloud computing is the

delivery of computing as

a service rather than a

product, whereby shared

resources, software, and

information are provided

to computers and other

devices as a utility over a

network.

Page 4: A CISO's Perspective on Cloud Compliance

4

Page 5: A CISO's Perspective on Cloud Compliance

• I cannot afford being compliant

• I am too busy to become compliant

• I don’t know how to become compliant

• Breaches only happens to larger organizations

• The cloud is insecure

5

Compliance Misconceptions

Page 6: A CISO's Perspective on Cloud Compliance

• Where are My IT Assets

• What needs to be moved

• How Valuable are My Assets

• What do I need to Protect my

assets

• Who is Managing the Security

Program

Page 7: A CISO's Perspective on Cloud Compliance

• The change in IT workload

• Track the changing landscape

• Aligning your SLA

• Security is your priority

Page 8: A CISO's Perspective on Cloud Compliance

Three Service Models

Page 9: A CISO's Perspective on Cloud Compliance

Four Deployment Models

Page 10: A CISO's Perspective on Cloud Compliance

We are CompliantTrust me…

Page 11: A CISO's Perspective on Cloud Compliance

• SOC 1,2,3

• Service Organization Control Reports

• PCI

• Payment Card Industry Compliance

• GLBA

• Financial Institutions Gramm Leach & Bailey Act

• HIPAA

• Healthcare Services Compliance.

Page 12: A CISO's Perspective on Cloud Compliance

Almost 1/3 of the people looking for information

about HIPAA, spells it as “HIPPA”; make sure

everyone is on the right page.

Page 13: A CISO's Perspective on Cloud Compliance

The Compliant Cloud

Page 14: A CISO's Perspective on Cloud Compliance

It Makes Sense

• Cloud computing definitely makes

sense if your own security is weak,

missing features, or below average.

• Ultimately, if

• the cloud provider’s security people are “better”

than yours (and leveraged at least as efficiently),

• the web-services interfaces don’t introduce too

many new vulnerabilities, and

• the cloud provider aims at least as high as you

do, at security goals,

then cloud computing has better

security.

Page 15: A CISO's Perspective on Cloud Compliance

• World class security architecture team• Unique secure compliant security cloud

solutions offered nowhere else• Industry leader providing compliant

environments• Security you can depend on• Serious about HIPAA

Page 16: A CISO's Perspective on Cloud Compliance

Q&AJohan Hybinette | HOSTING CISO

For more information about compliant cloud services by HOSTING, please

contact our team at 888.894.4678.

16


COMPLIANCE AND INTEGRITY: AN OIG PERSPECTIVE · 2014. 9. 3. · 1 COMPLIANCE AND INTEGRITY: AN OIG PERSPECTIVE SCCE CONFERENCE FOR EFFECTIVE COMPLIANCE SYSTEMS IN HIGHER EDUCATION

COMPLIANCE AND INTEGRITY: AN OIG PERSPECTIVE · 2014. 9. 3. · 1 COMPLIANCE AND INTEGRITY: AN OIG PERSPECTIVE SCCE CONFERENCE FOR EFFECTIVE COMPLIANCE SYSTEMS IN HIGHER EDUCATION

Documents
Leadership Seminar Brief introduction: Governance, Risk & Compliance from a business perspective

Leadership Seminar Brief introduction: Governance, Risk & Compliance from a business perspective

Documents
CISO's Guide to Securing SharePoint

CISO's Guide to Securing SharePoint

Technology
A CISO's Guide to Cyber Liability Insurance

A CISO's Guide to Cyber Liability Insurance

Software
EU Perspective on Regulatory Issues for Biologics · EU Perspective on Regulatory Issues for Biologics ... – Acceptance of QP Declaration of GMP Compliance by 3rd ... EU Perspective

EU Perspective on Regulatory Issues for Biologics · EU Perspective on Regulatory Issues for Biologics ... – Acceptance of QP Declaration of GMP Compliance by 3rd ... EU Perspective

Documents
RSAC 2016: CISO's guide to Startups

RSAC 2016: CISO's guide to Startups

Software
RSA 2017 - CISO's 5 steps to Success

RSA 2017 - CISO's 5 steps to Success

Technology
Pain Management and Compliance with Regulations: A Medical Directors Perspective · 2016-09-08 · Pain Management and Compliance with Regulations: A Medical Directors Perspective

Pain Management and Compliance with Regulations: A Medical Directors Perspective · 2016-09-08 · Pain Management and Compliance with Regulations: A Medical Directors Perspective

Documents
CISO's Guide for Securing the Remote Workforce

CISO's Guide for Securing the Remote Workforce

Documents
Effective Antitrust Compliance Programsmedia.straffordpub.com › products › effective-antitrust...2011/10/04  · *Antitrust Compliance Programs: The Government’s Perspective,

Effective Antitrust Compliance Programsmedia.straffordpub.com › products › effective-antitrust...2011/10/04  · *Antitrust Compliance Programs: The Government’s Perspective,

Documents
Insider Perspective on Customs Compliance - Webinar, Nov 14, 2013

Insider Perspective on Customs Compliance - Webinar, Nov 14, 2013

Education
Maintaining Calibration Programs – Compliance Perspective ... · Maintaining Calibration Programs – Compliance Perspective (483s, Warning Letters, & Consent Decrees) Andy Ferrell

Maintaining Calibration Programs – Compliance Perspective ... · Maintaining Calibration Programs – Compliance Perspective (483s, Warning Letters, & Consent Decrees) Andy Ferrell

Documents
A Compliance Officer’s Perspective on the Fraud & Abuse Provisions Under PPACA

A Compliance Officer’s Perspective on the Fraud & Abuse Provisions Under PPACA

Documents
NERC Compliance An NWP Perspective

NERC Compliance An NWP Perspective

Documents
ComplianCe and Business ethiCsaztech.org.uk/.../Compliance-and-Business-Ethics.pdf · participants to approach compliance and business ethics from an applied perspective focusing

ComplianCe and Business ethiCsaztech.org.uk/.../Compliance-and-Business-Ethics.pdf · participants to approach compliance and business ethics from an applied perspective focusing

Documents
Compliance Issues: An ED Perspective - SASFAA

Compliance Issues: An ED Perspective - SASFAA

Documents
ADA Compliance: Self-Evaluations and Transition Plans, A Local Perspective

ADA Compliance: Self-Evaluations and Transition Plans, A Local Perspective

Documents
The CISO's Challenge

The CISO's Challenge

Documents
Maintaining Calibration Programs – Compliance Perspective ... · PDF fileMaintaining Calibration Programs – Compliance Perspective (483s, Warning Letters, & Consent Decrees) Andy

Maintaining Calibration Programs – Compliance Perspective ... · PDF fileMaintaining Calibration Programs – Compliance Perspective (483s, Warning Letters, & Consent Decrees) Andy

Documents
Privacy Beyond Compliance: A New Perspective on Enterprise

Privacy Beyond Compliance: A New Perspective on Enterprise

Documents
Tech Clarity Perspective Sustainable Compliance

Tech Clarity Perspective Sustainable Compliance

Technology
Verifying ELP compliance: The SAFA perspective

Verifying ELP compliance: The SAFA perspective

Documents
Medical Devices: Licensing and Compliance Regulator ... › download › presentation › jane-rogers.pdf · Medical Devices: Licensing and Compliance – Regulator Perspective 5

Medical Devices: Licensing and Compliance Regulator ... › download › presentation › jane-rogers.pdf · Medical Devices: Licensing and Compliance – Regulator Perspective 5

Documents
Chain of Responsibility compliance and enforcement from the perspective of road authorities

Chain of Responsibility compliance and enforcement from the perspective of road authorities

Education
Scenaria Perspective #1 - 2025 CAFE Compliance Costs

Scenaria Perspective #1 - 2025 CAFE Compliance Costs

Automotive
Global CISO Forum 2017: A CISO's Journey

Global CISO Forum 2017: A CISO's Journey

Technology
A Publisher’s Perspective on COUNTER: motivation, compliance, outcomes

A Publisher’s Perspective on COUNTER: motivation, compliance, outcomes

Documents
Insolvency review An ODCE perspective Kevin Prendergast Corporate Compliance Manager, ODCE

Insolvency review An ODCE perspective Kevin Prendergast Corporate Compliance Manager, ODCE

Documents
Passport Compliance Issues: The Global Perspective ... Compliance Issues: The Global Perspective & Challenges Dwight MacMANUS Director, Travel Applications, Canadian Bank Note Company,

Passport Compliance Issues: The Global Perspective ... Compliance Issues: The Global Perspective & Challenges Dwight MacMANUS Director, Travel Applications, Canadian Bank Note Company,

Documents
A Federal Perspective on Compliance - PowerPoint presentation by

A Federal Perspective on Compliance - PowerPoint presentation by

Documents