Legacy Publications and Presentations

image11

GDPR & CCPA privacy executive summits

  • Seattle and Boston (11/2018)
  • London, Paris & Malta (10/2018)
  • San Francisco and San Jose (9/2018)
  • New York and Chicago (9/2018)
  • Scottsdale, Beverly Hills & Orange County (8/2018)

image12

Cloud & changing technology sessions

  • Hot Topics in tech, media & telecom (2015 & 2016)
  • Venture capital in the cloud outlook panel - OnCloud (2015)
  • Developments in cloud & IT/security assurance - ISACA (2014)
  • SOC2, CSA STAR attestation and the future of cloud attestation - CSA Congress (2014)
  • Security and reliability concerns panel - Cloud East (2013)
  • Content in the cloud - CES Las Vegas (2013)
  • Changing technology standards - CACS & IIA (2010-2011)
  • The changing Internet environment - ISACA (2010)
  • Managing the risks of cloud adoption - Digital Hollywood (2010)

image13

Cloud & compliance publications

  • Negotiating cloud contracts (2015)
  • Thorough SOC 2 reports for cloud assurance paper (2013)
  • Agile cloud issue brief (2012)
  • Effectively using SOC reports white paper (2012)Evaluating cloud computing risk for the enterprise - Shared Assessments paper contributor (2010)
  • Executive considerations for building a successful cloud service - white paper co-author (2009)
  • Cloud Security & Privacy an enterprise perspective - O’Reilly book contributor (2009)
  • Audit and compliance in the cloud white paper (2009)

image14

SOC 2 webcast series

  • Are you ready for the new SOC 2? (5/2018)
  • Harnessing the power of SOC 2 FAQs (9/2015)
  • Harnessing the power of SOC 2 for vendor risk management (8/2015)
  • SOC 2 and ISO 27001 in Europe (2/2014)
  • Enhancing vendor risk and compliance management using SOC 2 and SOC 3 reports (7/2013)
  • SOC 2 frequently asked questions (11/2012)
  • SOC 2 to address industry requirements (10/2012)
  • Effectively using SOC 2 reports (4/2012)
  • The retirement of SAS 70: a new breed of SOC reports (5/2011)

image15

Building cloud services executive sessions

  • Building and managing a sustainable cloud service - Dreamforce (2009)
  • Executive considerations when building and managing a successful cloud service webcast (2009)
  • Cloud financial, operations & regulatory - Oracle Open World (2009)
  • Cloud executive business summit - Palo Alto, CA (2009)

image16

PKI security & GRC publications

  • Unified IT compliance white paper (2009)
  • Risk management and standards in financial services - ISO Focus magazine (2009)
  • New ISO 21188 PKI standard - ISO Focus magazine (2007)
  • Digital certificates, authentication and trust on the Internet research paper (2002)
  • Auditing and certification of a public key infrastructure - ISACA Journal co-author (2002)

image17

PKI security presentations

  • PKI audit standards update - Bank of America security conference (2011)
  • PKI update for government and industry - Taiwan (2008)
  • Changing PKI audit standards - RSA (2007)
  • Ten critical success factors for PKI deployment - RSA (2004)
  • Enterprise PKI deployment considerations - ISACA (2003)
  • Trust is the key to unlock the digital economy - Taiwan (2001)

image18

Security standards development

  • ISO 27001, 27002, 27017, 27018 - working group participant
  • ISO 19092 biometric security (2008) - interim editor
  • ISO 21188 PKI management (2006) - editor and lead author
  • ANS X9.79 (2001) - editor and lead author
  • WebTrust suite of standards for EV, SSL, code signing - contributor
  • WebTrust for CAs v2 (2011) - co-editor and contributor
  • WebTrust for CAs (2000) - editor and lead author

image19

Training programs developed/delivered

  • Cloud security privacy technical updates (7/2019 & 8/2019)
  • Hot topics in the tech industry (6/2015 & 6/2016)
  • Global SOC 2/SOC 3 approach for Europe and Asia (Amsterdam 2/2013 & Kuala Lumpur 4/2014)
  • Assessing cloud security controls (2013)
  • SOC 2 / SOC 3 methodology (3/2012)
  • SOC 1 methodology (2011)
  • Technology industry issues forum (12/2010)
  • Executive relationship development (2010)
  • SAS 70 methodology (various)
  • ICOFR IT audit methodology (2003-2004)

image20

More to come