SlideShare une entreprise Scribd logo

Cloud and compliance REX

Télécharger en tant que PPTX, PDF
Antoine Vigneron
Antoine Vigneron

1. The document discusses cloud evolution and regulatory pressures over the past 5 years, SCOR's experience with cloud implementations since 2012, and cloud trends. 2. SCOR's cloud strategy focuses on developing digital capabilities using centralized private cloud or select cloud SAAS. SCOR implements security and compliance controls and works toward SOC certifications for client services. 3. Lessons learned include that cloud complexity requires risk assessments, contractual protections, and internal control frameworks during selection and management. Monitoring competitive cloud industry trends is also important.

Technologie
1  sur  9
Cloud & Compliance SCOR experience Les jeudis de l’Afai 2d of June, 2016 Henri Guiheux, Group CISO
2 Cloud & Compliance Agenda 1 Cloud evolution and Regulatory pressure over the past 5 years 2 Cloud Experience of SCOR 3 Cloud Trends
3 Cloud & Compliance Cloud evolution and Regulatory pressure over the past 5 years  IT Infrastructure models  Traditional architectures: In premises, Co-location, Outsourcing,  Cloud Infrastructure: Public, Private, Hybrid, Sovereign Cloud, IAAS, PAAS, SAAS  Big Cloud players: AWS Amazon, Google, Microsoft Azure, ..  Increase of Data leakage and Cyber attacks  Wikileaks, Snowden, Sony, Target, Anthem, Ashley Madison, T-Mobile, US government agency …  Global environment highly regulated for SCOR  Directives & standards: Solvency II, HIPAA, GLBA, U.S. Privacy Shield, General Data Protection Regulation  Financial authorities: Autorité des marchés financiers, (AMF), Autorité de contrôle prudentiel et de résolution: L'ACPR, Financial Industry Regulatory Authority, Inc. (FINRA), Monetary Authority of Singapore (MAS), Swiss Financial Market Supervisory Authority (FINMA), China Insurance Regulatory Commission (CIRC), Prudential Regulation Authority (PRA) …  Appearance of Security assurances to provide trust from Cloud providers  BSI 27001, SSAE16, ISAE 3402, SOC1 Type 1, SOC 2 Type 2
4 Agenda of the meeting 1 Cloud evolution and Regulatory pressure 2 Cloud Experience of SCOR 3 Cloud Trends
5 Cloud & Compliance SCOR Experience: Approach  SCOR cloud strategy  Develop digital with same SCOR IT resources  Use Centralized Private Cloud if applicable for IAAS or PAAS  Select Cloud SAAS if appropriate  SCOR Implementations since 2012  Move servers from SCOR premises or co-location datacenters to centralized private cloud  Keep into SCOR premises minimum equipment strictly requiring proximity.  Promote SAAS solutions implementation  SCOR security & compliance  Asses and monitor security of Cloud providers  Enforce SCOR IT internal control using COBIT Framework and including cloud environment  Align SCOR IT internal control with regulator security requirements and client security & data privacy commitments  Move toward SOC1 and SOC2 certifications for services provided to its clients.
6 Cloud & Compliance SCOR Experience: SAAS implementation  Corporate services  Time tracking, general expenses, purchase to pay, e-learning, security awareness, …  Collaborative services  institutional web site, social network, streaming video  Security services  mail security gateway, authentication, security operation center  Business services  Marketing, CRM, Specialized Risk Expertise services.  Additional services to come  Messaging, Business Continuity (mass notification maessage), Privacy Compliance service, …
7 Cloud & Compliance SCOR Experience: Lessons learned  Cloud is not magic and simple.  Different level of maturity of security and compliance are observed from cloud based service providers.  Risk Assessment during selection and contractual clauses (compliance, security, audit, intellectual property, reversibility, SLA, …) are key steps.  Transfer of IT activity to the cloud involves IT management transformation moving from doer role to controlling/monitoring role with capacity of formalization.  Network and technical architecture become critical to avoid:  Performance, reliability and quality issues  Interfacing issues with other IT Systems  Hidden costs related to configuration and integration must be anticipated  A strong internal control framework must be established to enable quality and performance conformance and compliance with external requirements (Cobit 5 very valuable)
8 Agenda of the meeting 1 Cloud evolution and Regulatory pressure 2 Cloud Experience of SCOR 3 Cloud Trends
9 Cloud & Compliance Cloud Trends  Key to Monitor cloud players in a very competitive and moving industry  Increase of Private Cloud offers to be competitive with Public Cloud offers  Cloud evolution driven by IoT  Key to watch disruptive cloud technology more economic, secure and productive  Data encryption at rest  application containers (data isolation)  Container hypervisors  Software Modelling enabling complex configuration :  ready to use  Dynamically Scalable,  Highly automated,  Fully traceable

Recommandé

Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)
Paperjam_redaction
 
Challenges of doing security in uncharted territory
Challenges of doing security in uncharted territoryChallenges of doing security in uncharted territory
Challenges of doing security in uncharted territory
PECB
 
What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?
PECB
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
Joseph Wynn
 
The Global Fight for Internet Trust
The Global Fight for Internet TrustThe Global Fight for Internet Trust
The Global Fight for Internet Trust
PECB
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
Rea & Associates
 
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?
Henry Draughon
 
Cyber security
Cyber securityCyber security
Cyber security
Vaibhav Jain
 

Recommandé

Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)Étude mondiale d'EY sur la cybersécurité (2018)
Étude mondiale d'EY sur la cybersécurité (2018)
Paperjam_redaction
 
Challenges of doing security in uncharted territory
Challenges of doing security in uncharted territoryChallenges of doing security in uncharted territory
Challenges of doing security in uncharted territory
PECB
 
What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?
PECB
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
Joseph Wynn
 
The Global Fight for Internet Trust
The Global Fight for Internet TrustThe Global Fight for Internet Trust
The Global Fight for Internet Trust
PECB
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
Rea & Associates
 
Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?Accountability for Corporate Cybersecurity - Who Owns What?
Accountability for Corporate Cybersecurity - Who Owns What?
Henry Draughon
 
Cyber security
Cyber securityCyber security
Cyber security
Vaibhav Jain
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
PECB
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisations
PECB
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
Alexander Akinjayeju. MSc, CISM, Prince2
 
Threat Intelligence Market
Threat Intelligence MarketThreat Intelligence Market
Threat Intelligence Market
Datsun Arnold
 
Renewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorRenewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security Sector
CloudMask inc.
 
Smart Cities – The Security Aspects
Smart Cities – The Security AspectsSmart Cities – The Security Aspects
Smart Cities – The Security Aspects
PECB
 
IBM per la sicurezza del Datacenter
IBM per la sicurezza del DatacenterIBM per la sicurezza del Datacenter
IBM per la sicurezza del Datacenter
Anna Landolfi
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
PECB
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – Finance
Xenith Document Systems Ltd
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
Phil Agcaoili
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Prime Infoserv
 
The State of Cyber
The State of CyberThe State of Cyber
The State of Cyber
businessforward
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
Bob Guimarin
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
sarah kabirat
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?
PECB
 
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Cohesive Networks
 
Cybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautiqueCybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautique
Antoine Vigneron
 
Les ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussieLes ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussie
Antoine Vigneron
 

Contenu connexe

Tendances

Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
PECB
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisations
PECB
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
Phil Agcaoili
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
Alexander Akinjayeju. MSc, CISM, Prince2
 
Threat Intelligence Market
Threat Intelligence MarketThreat Intelligence Market
Threat Intelligence Market
Datsun Arnold
 
Renewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorRenewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security Sector
CloudMask inc.
 
Smart Cities – The Security Aspects
Smart Cities – The Security AspectsSmart Cities – The Security Aspects
Smart Cities – The Security Aspects
PECB
 
IBM per la sicurezza del Datacenter
IBM per la sicurezza del DatacenterIBM per la sicurezza del Datacenter
IBM per la sicurezza del Datacenter
Anna Landolfi
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
PECB
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – Finance
Xenith Document Systems Ltd
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
Phil Agcaoili
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Prime Infoserv
 
The State of Cyber
The State of CyberThe State of Cyber
The State of Cyber
businessforward
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
Bob Guimarin
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
sarah kabirat
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?
PECB
 
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Cohesive Networks
 

Tendances (20)

Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisations
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
 
Security - A Digital Transformation Enabler
Security - A Digital Transformation EnablerSecurity - A Digital Transformation Enabler
Security - A Digital Transformation Enabler
 
Threat Intelligence Market
Threat Intelligence MarketThreat Intelligence Market
Threat Intelligence Market
 
Renewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorRenewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security Sector
 
Smart Cities – The Security Aspects
Smart Cities – The Security AspectsSmart Cities – The Security Aspects
Smart Cities – The Security Aspects
 
IBM per la sicurezza del Datacenter
IBM per la sicurezza del DatacenterIBM per la sicurezza del Datacenter
IBM per la sicurezza del Datacenter
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – Finance
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
 
The State of Cyber
The State of CyberThe State of Cyber
The State of Cyber
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?
 
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
Dwight Koop's Chicago ECFT talk "The Chicago School of Cybersecurity Thinking...
 

En vedette

Cybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautiqueCybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautique
Antoine Vigneron
 
Les ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussieLes ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussie
Antoine Vigneron
 
DSBrowser Concilier securité et simplicite
DSBrowser Concilier securité et simpliciteDSBrowser Concilier securité et simplicite
DSBrowser Concilier securité et simplicite
Antoine Vigneron
 
Les enjeux de la transformation numérique
Les enjeux de la transformation numériqueLes enjeux de la transformation numérique
Les enjeux de la transformation numérique
Antoine Vigneron
 
Galtier Concilier securite et simplicite
Galtier Concilier securite et simpliciteGaltier Concilier securite et simplicite
Galtier Concilier securite et simplicite
Antoine Vigneron
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
Antoine Vigneron
 
Relever le défi SI de la transformation numérique en Europe
Relever le défi SI de la transformation numérique en EuropeRelever le défi SI de la transformation numérique en Europe
Relever le défi SI de la transformation numérique en Europe
Antoine Vigneron
 
Paiement mobile et biométrie, deux piliers de la transformation digitale
Paiement mobile et biométrie, deux piliers de la transformation digitalePaiement mobile et biométrie, deux piliers de la transformation digitale
Paiement mobile et biométrie, deux piliers de la transformation digitale
Antoine Vigneron
 
Challenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital eraChallenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital era
Antoine Vigneron
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
Antoine Vigneron
 
CFAO Concilier securité et simplicite
CFAO Concilier securité et simpliciteCFAO Concilier securité et simplicite
CFAO Concilier securité et simplicite
Antoine Vigneron
 
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOC
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOCJeudi de l AFAI - Evolutions des menaces et adaptation des SOC
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOC
Antoine Vigneron
 
L'informatique et la fraude Aix-en-Provence
L'informatique et la fraude Aix-en-ProvenceL'informatique et la fraude Aix-en-Provence
L'informatique et la fraude Aix-en-Provence
Antoine Vigneron
 
Le risque informatique et sa dimension juridique
Le risque informatique et sa dimension juridiqueLe risque informatique et sa dimension juridique
Le risque informatique et sa dimension juridique
Antoine Vigneron
 
Gouvernance et architecture des données - Groupe PSA
Gouvernance et architecture des données - Groupe PSAGouvernance et architecture des données - Groupe PSA
Gouvernance et architecture des données - Groupe PSA
Antoine Vigneron
 
IoT, Sécurité et Santé: un cocktail détonnant ?
IoT, Sécurité et Santé: un cocktail détonnant ?IoT, Sécurité et Santé: un cocktail détonnant ?
IoT, Sécurité et Santé: un cocktail détonnant ?
Antoine Vigneron
 
Jeudi de l AFAI - Transformations de la cybersécurité
Jeudi de l AFAI - Transformations de la cybersécuritéJeudi de l AFAI - Transformations de la cybersécurité
Jeudi de l AFAI - Transformations de la cybersécurité
Antoine Vigneron
 
Meeting the challenges of big data
Meeting the challenges of big dataMeeting the challenges of big data
Meeting the challenges of big data
Antoine Vigneron
 
Cloud Computing et Protection des Données - Guide pratique
Cloud Computing et Protection des Données - Guide pratiqueCloud Computing et Protection des Données - Guide pratique
Cloud Computing et Protection des Données - Guide pratique
Antoine Vigneron
 
L'entreprise face à ses enjeux et risques numériques
L'entreprise face à ses enjeux et risques numériquesL'entreprise face à ses enjeux et risques numériques
L'entreprise face à ses enjeux et risques numériques
Antoine Vigneron
 

En vedette (20)

Cybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautiqueCybersécurité, IOT automobile et aéronautique
Cybersécurité, IOT automobile et aéronautique
 
Les ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussieLes ECNi : une transformation numérique réussie
Les ECNi : une transformation numérique réussie
 
DSBrowser Concilier securité et simplicite
DSBrowser Concilier securité et simpliciteDSBrowser Concilier securité et simplicite
DSBrowser Concilier securité et simplicite
 
Les enjeux de la transformation numérique
Les enjeux de la transformation numériqueLes enjeux de la transformation numérique
Les enjeux de la transformation numérique
 
Galtier Concilier securite et simplicite
Galtier Concilier securite et simpliciteGaltier Concilier securite et simplicite
Galtier Concilier securite et simplicite
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
 
Relever le défi SI de la transformation numérique en Europe
Relever le défi SI de la transformation numérique en EuropeRelever le défi SI de la transformation numérique en Europe
Relever le défi SI de la transformation numérique en Europe
 
Paiement mobile et biométrie, deux piliers de la transformation digitale
Paiement mobile et biométrie, deux piliers de la transformation digitalePaiement mobile et biométrie, deux piliers de la transformation digitale
Paiement mobile et biométrie, deux piliers de la transformation digitale
 
Challenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital eraChallenges and Risks for the CIO from Outsourcing in the digital era
Challenges and Risks for the CIO from Outsourcing in the digital era
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
 
CFAO Concilier securité et simplicite
CFAO Concilier securité et simpliciteCFAO Concilier securité et simplicite
CFAO Concilier securité et simplicite
 
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOC
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOCJeudi de l AFAI - Evolutions des menaces et adaptation des SOC
Jeudi de l AFAI - Evolutions des menaces et adaptation des SOC
 
L'informatique et la fraude Aix-en-Provence
L'informatique et la fraude Aix-en-ProvenceL'informatique et la fraude Aix-en-Provence
L'informatique et la fraude Aix-en-Provence
 
Le risque informatique et sa dimension juridique
Le risque informatique et sa dimension juridiqueLe risque informatique et sa dimension juridique
Le risque informatique et sa dimension juridique
 
Gouvernance et architecture des données - Groupe PSA
Gouvernance et architecture des données - Groupe PSAGouvernance et architecture des données - Groupe PSA
Gouvernance et architecture des données - Groupe PSA
 
IoT, Sécurité et Santé: un cocktail détonnant ?
IoT, Sécurité et Santé: un cocktail détonnant ?IoT, Sécurité et Santé: un cocktail détonnant ?
IoT, Sécurité et Santé: un cocktail détonnant ?
 
Jeudi de l AFAI - Transformations de la cybersécurité
Jeudi de l AFAI - Transformations de la cybersécuritéJeudi de l AFAI - Transformations de la cybersécurité
Jeudi de l AFAI - Transformations de la cybersécurité
 
Meeting the challenges of big data
Meeting the challenges of big dataMeeting the challenges of big data
Meeting the challenges of big data
 
Cloud Computing et Protection des Données - Guide pratique
Cloud Computing et Protection des Données - Guide pratiqueCloud Computing et Protection des Données - Guide pratique
Cloud Computing et Protection des Données - Guide pratique
 
L'entreprise face à ses enjeux et risques numériques
L'entreprise face à ses enjeux et risques numériquesL'entreprise face à ses enjeux et risques numériques
L'entreprise face à ses enjeux et risques numériques
 

Similaire à Cloud and compliance REX

Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
SLA-Ready Network
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
East Midlands Cyber Security Forum
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
Jody Keyser
 
Private Cloud Hosting Services Market Trends Analysis.pdf
Private Cloud Hosting Services Market Trends Analysis.pdfPrivate Cloud Hosting Services Market Trends Analysis.pdf
Private Cloud Hosting Services Market Trends Analysis.pdf
shreyaporekar9
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
ShivamSharma909
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
 
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Cloud Security Alliance Lviv Chapter
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
Scalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
patmisasi
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
CompTIA UK
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
Rochester Security Summit
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
Padma Jella
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011
Ramy Houssaini
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
Ciente
 
Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptx
SaadZaman23
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
Matthew Moldvan
 
Why CCSK with InfosecTrain (1).pdf
Why CCSK with InfosecTrain (1).pdfWhy CCSK with InfosecTrain (1).pdf
Why CCSK with InfosecTrain (1).pdf
infosec train
 
Risk management for cloud computing hb final
Risk management for cloud computing hb finalRisk management for cloud computing hb final
Risk management for cloud computing hb final
Christophe Monnier
 

Similaire à Cloud and compliance REX (20)

Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
Arthur van der Wees, Arthur's Legal on Making Cloud SLAs readily usable in th...
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Private Cloud Hosting Services Market Trends Analysis.pdf
Private Cloud Hosting Services Market Trends Analysis.pdfPrivate Cloud Hosting Services Market Trends Analysis.pdf
Private Cloud Hosting Services Market Trends Analysis.pdf
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
 
Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011Ciphercloud Solutions Overview hsa oct2011
Ciphercloud Solutions Overview hsa oct2011
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptx
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
 
Why CCSK with InfosecTrain (1).pdf
Why CCSK with InfosecTrain (1).pdfWhy CCSK with InfosecTrain (1).pdf
Why CCSK with InfosecTrain (1).pdf
 
Risk management for cloud computing hb final
Risk management for cloud computing hb finalRisk management for cloud computing hb final
Risk management for cloud computing hb final
 

Plus de Antoine Vigneron

L'automatisation au service de la cybersécurité
L'automatisation au service de la cybersécuritéL'automatisation au service de la cybersécurité
L'automatisation au service de la cybersécurité
Antoine Vigneron
 
La signature électronique et eIDAS - De nouveaux usages
La signature électronique et eIDAS - De nouveaux usagesLa signature électronique et eIDAS - De nouveaux usages
La signature électronique et eIDAS - De nouveaux usages
Antoine Vigneron
 
La signature électronique et les nouveaux services eIDAS
La signature électronique et les nouveaux services eIDASLa signature électronique et les nouveaux services eIDAS
La signature électronique et les nouveaux services eIDAS
Antoine Vigneron
 
La signature électronique chez les notaires
La signature électronique chez les notairesLa signature électronique chez les notaires
La signature électronique chez les notaires
Antoine Vigneron
 
Bitcoin et le bitcoin
Bitcoin et le bitcoinBitcoin et le bitcoin
Bitcoin et le bitcoin
Antoine Vigneron
 
La Blockchain: la fin des tiers de confiance?
La Blockchain: la fin des tiers de confiance?La Blockchain: la fin des tiers de confiance?
La Blockchain: la fin des tiers de confiance?
Antoine Vigneron
 
CIO advisory English
CIO advisory English CIO advisory English
CIO advisory English
Antoine Vigneron
 
Les objets connectés
Les objets connectésLes objets connectés
Les objets connectés
Antoine Vigneron
 
Internet des objets - Doc@Post
Internet des objets - Doc@PostInternet des objets - Doc@Post
Internet des objets - Doc@Post
Antoine Vigneron
 
Objets connectés: un 360° pour les comprendre
Objets connectés: un 360° pour les comprendreObjets connectés: un 360° pour les comprendre
Objets connectés: un 360° pour les comprendre
Antoine Vigneron
 
Données personnelles et SI - GDPR
Données personnelles et SI - GDPRDonnées personnelles et SI - GDPR
Données personnelles et SI - GDPR
Antoine Vigneron
 
La transition numérique un des facteurs clé vers une performance globale des...
La transition numérique un des facteurs clé vers une performance globale des... La transition numérique un des facteurs clé vers une performance globale des...
La transition numérique un des facteurs clé vers une performance globale des...
Antoine Vigneron
 
Lexpresse de la Banque Postale - Privacy et Big Data
Lexpresse de la Banque Postale - Privacy et Big DataLexpresse de la Banque Postale - Privacy et Big Data
Lexpresse de la Banque Postale - Privacy et Big Data
Antoine Vigneron
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
Antoine Vigneron
 
Cybercriminalité: menaces et parades
Cybercriminalité: menaces et paradesCybercriminalité: menaces et parades
Cybercriminalité: menaces et parades
Antoine Vigneron
 

Plus de Antoine Vigneron (15)

L'automatisation au service de la cybersécurité
L'automatisation au service de la cybersécuritéL'automatisation au service de la cybersécurité
L'automatisation au service de la cybersécurité
 
La signature électronique et eIDAS - De nouveaux usages
La signature électronique et eIDAS - De nouveaux usagesLa signature électronique et eIDAS - De nouveaux usages
La signature électronique et eIDAS - De nouveaux usages
 
La signature électronique et les nouveaux services eIDAS
La signature électronique et les nouveaux services eIDASLa signature électronique et les nouveaux services eIDAS
La signature électronique et les nouveaux services eIDAS
 
La signature électronique chez les notaires
La signature électronique chez les notairesLa signature électronique chez les notaires
La signature électronique chez les notaires
 
Bitcoin et le bitcoin
Bitcoin et le bitcoinBitcoin et le bitcoin
Bitcoin et le bitcoin
 
La Blockchain: la fin des tiers de confiance?
La Blockchain: la fin des tiers de confiance?La Blockchain: la fin des tiers de confiance?
La Blockchain: la fin des tiers de confiance?
 
CIO advisory English
CIO advisory English CIO advisory English
CIO advisory English
 
Les objets connectés
Les objets connectésLes objets connectés
Les objets connectés
 
Internet des objets - Doc@Post
Internet des objets - Doc@PostInternet des objets - Doc@Post
Internet des objets - Doc@Post
 
Objets connectés: un 360° pour les comprendre
Objets connectés: un 360° pour les comprendreObjets connectés: un 360° pour les comprendre
Objets connectés: un 360° pour les comprendre
 
Données personnelles et SI - GDPR
Données personnelles et SI - GDPRDonnées personnelles et SI - GDPR
Données personnelles et SI - GDPR
 
La transition numérique un des facteurs clé vers une performance globale des...
La transition numérique un des facteurs clé vers une performance globale des... La transition numérique un des facteurs clé vers une performance globale des...
La transition numérique un des facteurs clé vers une performance globale des...
 
Lexpresse de la Banque Postale - Privacy et Big Data
Lexpresse de la Banque Postale - Privacy et Big DataLexpresse de la Banque Postale - Privacy et Big Data
Lexpresse de la Banque Postale - Privacy et Big Data
 
Protéger ses données: mission impossible?
Protéger ses données: mission impossible?Protéger ses données: mission impossible?
Protéger ses données: mission impossible?
 
Cybercriminalité: menaces et parades
Cybercriminalité: menaces et paradesCybercriminalité: menaces et parades
Cybercriminalité: menaces et parades
 

Dernier

Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
saastr
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
BibashShahi
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Pitangent Analytics & Technology Solutions Pvt. Ltd
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
Edge AI and Vision Alliance
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 

Dernier (20)

Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 

Cloud and compliance REX

  • 1. Cloud & Compliance SCOR experience Les jeudis de l’Afai 2d of June, 2016 Henri Guiheux, Group CISO
  • 2. 2 Cloud & Compliance Agenda 1 Cloud evolution and Regulatory pressure over the past 5 years 2 Cloud Experience of SCOR 3 Cloud Trends
  • 3. 3 Cloud & Compliance Cloud evolution and Regulatory pressure over the past 5 years  IT Infrastructure models  Traditional architectures: In premises, Co-location, Outsourcing,  Cloud Infrastructure: Public, Private, Hybrid, Sovereign Cloud, IAAS, PAAS, SAAS  Big Cloud players: AWS Amazon, Google, Microsoft Azure, ..  Increase of Data leakage and Cyber attacks  Wikileaks, Snowden, Sony, Target, Anthem, Ashley Madison, T-Mobile, US government agency …  Global environment highly regulated for SCOR  Directives & standards: Solvency II, HIPAA, GLBA, U.S. Privacy Shield, General Data Protection Regulation  Financial authorities: Autorité des marchés financiers, (AMF), Autorité de contrôle prudentiel et de résolution: L'ACPR, Financial Industry Regulatory Authority, Inc. (FINRA), Monetary Authority of Singapore (MAS), Swiss Financial Market Supervisory Authority (FINMA), China Insurance Regulatory Commission (CIRC), Prudential Regulation Authority (PRA) …  Appearance of Security assurances to provide trust from Cloud providers  BSI 27001, SSAE16, ISAE 3402, SOC1 Type 1, SOC 2 Type 2
  • 4. 4 Agenda of the meeting 1 Cloud evolution and Regulatory pressure 2 Cloud Experience of SCOR 3 Cloud Trends
  • 5. 5 Cloud & Compliance SCOR Experience: Approach  SCOR cloud strategy  Develop digital with same SCOR IT resources  Use Centralized Private Cloud if applicable for IAAS or PAAS  Select Cloud SAAS if appropriate  SCOR Implementations since 2012  Move servers from SCOR premises or co-location datacenters to centralized private cloud  Keep into SCOR premises minimum equipment strictly requiring proximity.  Promote SAAS solutions implementation  SCOR security & compliance  Asses and monitor security of Cloud providers  Enforce SCOR IT internal control using COBIT Framework and including cloud environment  Align SCOR IT internal control with regulator security requirements and client security & data privacy commitments  Move toward SOC1 and SOC2 certifications for services provided to its clients.
  • 6. 6 Cloud & Compliance SCOR Experience: SAAS implementation  Corporate services  Time tracking, general expenses, purchase to pay, e-learning, security awareness, …  Collaborative services  institutional web site, social network, streaming video  Security services  mail security gateway, authentication, security operation center  Business services  Marketing, CRM, Specialized Risk Expertise services.  Additional services to come  Messaging, Business Continuity (mass notification maessage), Privacy Compliance service, …
  • 7. 7 Cloud & Compliance SCOR Experience: Lessons learned  Cloud is not magic and simple.  Different level of maturity of security and compliance are observed from cloud based service providers.  Risk Assessment during selection and contractual clauses (compliance, security, audit, intellectual property, reversibility, SLA, …) are key steps.  Transfer of IT activity to the cloud involves IT management transformation moving from doer role to controlling/monitoring role with capacity of formalization.  Network and technical architecture become critical to avoid:  Performance, reliability and quality issues  Interfacing issues with other IT Systems  Hidden costs related to configuration and integration must be anticipated  A strong internal control framework must be established to enable quality and performance conformance and compliance with external requirements (Cobit 5 very valuable)
  • 8. 8 Agenda of the meeting 1 Cloud evolution and Regulatory pressure 2 Cloud Experience of SCOR 3 Cloud Trends
  • 9. 9 Cloud & Compliance Cloud Trends  Key to Monitor cloud players in a very competitive and moving industry  Increase of Private Cloud offers to be competitive with Public Cloud offers  Cloud evolution driven by IoT  Key to watch disruptive cloud technology more economic, secure and productive  Data encryption at rest  application containers (data isolation)  Container hypervisors  Software Modelling enabling complex configuration :  ready to use  Dynamically Scalable,  Highly automated,  Fully traceable