conference overview - isacaisacabangalore.org/isacabc/main/media/downloads/... · conference...

1

ISACA BANGALORE CHAPTER

14TH ANNUAL KARNATAKA CONFERENCE

TRUST IN, AND VALUE FROM,INFORMATION SYSTEMS

JULY 22,23,-2011HOTEL MATTHAN

BENGALURU

Conference OverviewSPONSORS

Bronze

Supported by Media Partner

14TH ANNUAL KARNATAKA CONFERENCE – ISACA BANGALORE

TRUST IN, AND VALUE FROM INFORMATION SYSTEMS 2

Chief guest: Mr. S Prabhu,Principal Accountant General,Govt. of Karnataka

Brief profile:

Shri S. PRABHU, IAAS is a seasoned Finance and Auditing Professional with top level manage-ments and business strategy experience, possessing strong leadership, communication, motivationaland inspirational skills. His 30 years of rich experience entails driving strong business perform-ance, developing financial and governance strategies. He is an expert in Accounting, Auditing andInternal Auditing activities. He also has rich experience in Information Systems, Financial analysis,Budgeting, Contract negotiations, forecasting, ensuring compliance to all administrative matters,including legal and tax requirements.

He has a Masters Degree in Defence & Strategic Studies from Madras University. He is a CertifiedInformation Systems Auditor (CISA) awarded by ISACA, USA, a Certified Internal Auditor (CIA)specialized in Internal Auditing, Financial and Management Accounting awarded by Institute ofInternal Auditors, Florida, USA. Has completed Post Graduate Diploma on Alternate DisputeResolution, Nalsar University. He is also a Member of ISACA,IIA,IDSA,IIPA,ICADR,ICA,CSIand IPAI.

DAY 1-

ADDR

ESS BY

CHIEF

GUEST



Special Address: Mr. Ken Vander WalInternational President,ISACA, USA

Brief profile:

Kenneth L. Vander Wal, CISA, CPA, International President ISACA is a retired national partner inthe Technology and Security Risk Services practice of Ernst & Young, where he was responsiblefor the firm’s global TSRS quality and risk management program. With more than 40 years of ITexperience, he has worked in multiple areas of information systems in a variety of industries, in-cluding systems development, systems programming, project management, quality assurance, ITauditing and systems security. Before joining Ernst & Young in 1979, Vander Wal worked at thePentagon, where he developed systems to support the Department of Army staff, and for a com-puter software company in a systems technical support role. He is a co-author of IT Control Objec-tives for Sarbanes-Oxley, 2nd Edition, published by ITGI, and serves on ISACA’s GovernanceAdvisory Council and Strategic Advisory Council. He is a past member of the ISACA Guidanceand Practices Committee, Knowledge Board, and Professional Issues and Advocacy Task Force.He was international vice president of ISACA from 2007-2011.

DAY 1-

SPECIA

L ADD

RESS



Session 1: Mr.Masoor Venkatesh,Senior Vice PresidentNorthern Trust - Bangalore

Brief profile:

He is the Head of Audit Services for the APAC region and is responsible for audit coverage of In-dia, Asia-Pacific, Australia and China.

Prior to joining Northern Trust, Mr. Venkatesh served as a Senior Director of Audit Services atFidelity Investments in Bangalore. He specializes in the areas of audit, risk management and enter-prise financial systems.

Mr.Venkatesh earned a Master's Degree in Management Information Systems from USA and aBachelor of Commerce (Hons) degree from India.

In addition to being a fellow Certified Information Systems Auditor, Mr. Venkatesh is a CharteredAccountant and a Project Management Professional.

DAY 1-

SESSIO

N 1

Presentation highlights:

“Securing Your Information at an ODC”

In today’s scenario, most MNCs are utilizing a Global In-House Center (GIC) in India and/or haveOffshore Development Centers (ODCs) execute specific tasks. Depending on the risk appetite ofthe organization and the industry in which it operates, the level and quantum of information avail-able to third-party ODCs can vary. The question then is – how do organizations secure this infor-mation and ensure that the ODCs do not become the weakest link thereby risking information leak-age for the enterprise.



Session 1: Mr.Gopinath K N,Director, Engineering,Airtight Networks

Brief profile:

Gopinath KN (Gopi) has more than 13 years of experience in systems, networks and security. Hehas devoted the previous eight years to understand mobile and wireless security issues, and buildcutting-edge security systems. He has several patents and technical publications to his credit.

Gopi speaks at international conferences such as Interop, CSI and RSA. He contributes regularly toinfluential technology magazines and blogs. He is a CERT (India) instructor and has also deliveredseveral online tutorials that are widely referred to. He has been a member of Bell Labs, USA and iscurrently, Director, Engineering at Airtight. Gopi holds a Master of Technology (M. Tech.) degreefrom IIT Kanpur, India. He can be reached at [email protected] .

DAY 1-

SESSIO

N 2


“Can You Trust your Airwaves?”

With the ubiquitous availability of Wi-Fi, organizations are faced with the challenge of containingcertain threats that are unique to Wi-Fi. Examples include Rogue APs, client mis-associations, mis-configured devices and adhoc connections. These threats cannot be circumvented by traditionalsecurity mechanisms such as firewalls and anti virus systems. This session delves into the abovethreats in detail and discusses solutions both from a technology and audit/compliance viewpoint.



Session 2: Mr. Nishchal BhallaPresidentSecurity Compass

Brief profile:

Nishchal Bhalla, a noted expert and a published author, is an information security veteran withmore than 17 years of experience as a developer and network security administrator. As the founderof Security Compass & SD Elements and more recently SecurityByte, Nish not only manages andgives direction to these company, but also is actively involved in researching various attack vectors.Nish is a frequent speaker on emerging security issues. He has spoke at reputable Security Confer-ences such as RSA, BlackHat Europe, Reverse Engineering Conference, HackInTheBox, Shmoo-con, CSI, and ISC2's Infosec Conference.DAY

1-SES

SION 3


“Hidden vectors – Shining the light on mobile security for developers”

The mobile message is clear, applications are the new enterprise driver for efficiency and custombuilt enterprise apps will be ubiquitous. I will present a case study of a mobile application whichwill demonstrating various attack vectors not immediately obvious to mobile developers and man-agers. Attendees will gain insight into both common and uncommon mobile app flaws that theyshould be aware of before choosing to buy and deploy an application in that gives mobile devicesfull access to corporate environment.



Session 3: Mr.Manikandan Natarajan,Consultant,Mahindra SSG

Brief profile:

An expert Information Risk consultant, Member of ISACA and Data Security Council of India[DSCI], he currently consults CXO’s of India’s leading companies on Risk Management throughMahindra Special Services Group (MSSG) - a leading corporate risk consulting firm that helpsorganizations reduce risk and enhance competitive advantage.A double Master’s, Manikandan graduated from the University of East London specializing in con-cepts of Cryptography (and Quantum Cryptography). Manikandan plays a vital role in the dissemi-nation of Information Security in India. India is known as the IT hub. He intends to make thisknowledge infested country a hub that imbibes Information Security as prime factor to preservecommon interests among corporate.Specialties:His expertise of consulting extends into:1. Technical Advisory Services2. Information Security Management System [ISMS]3. DeRisking Outsourcing/ Third Party Security Advisory5. Governance & Fraud Prevention Advisory

DAY 1-

SESSIO

N 4


“Growing vulnerability in Telecom Sector”

Telecom Industry is more vulnerable to fraudulent acts today. This presentation will focus on thenature of frauds today. It will highlight the Telecom Fraud Statistics to show the recent increase infraudulent activity. It will go on to elaborate the Real time security breaches and focus in the differ-ent types of telecom fraud that are visible today. Finally, it will highlight the holistic approach totackle frauds in the telecom sector. It will highlight the importance of Fraud Risk Management toensure Business Continuity and Growth by focusing on the role of people, process and technology.



Session 4: Mr.Amit K. Gupta,VP Business Development,Nevis Networks India Pvt Limited,

Brief profile:

Amit has 20+ years of marketing, technical support experience at India & International level. Amitworks as VP – Business Development for Nevis Networks, a specialist security startup. He foundedUbiQTech Software in the area of Gateway Security in 2004. UbiQTech has close to 500 SMEcustomers with leading stock exchanges, banks & a few ET500 companies. UbiQTech wasamongst NASSCOM’s Top 100 Indian Innovators for two consecutive years 2007 & 2008.UbiQTech was sold to leading private security company in 2008. He headed the VXL marketing &technical support at the corporate level AS Vice President and was responsible for setting-up ofsales channels in Asia Pacific and was on the board of VXL Australia. In 1996, he introduced EMCto the Indian storage market under an exclusive distribution arrangement. In 1995, he spearheadedthe business side merger of Godrej Networking business with VXL. As a business strategist, he hasplayed a critical role in discovering new and emerging markets, translating opportunities into busi-ness and building relationships. Amit is an Electronics Engineering graduate of BITS, Pilani, India.www.nevisnetworks.com

DAY 1-

SESSIO

N 5


“Security Imperatives for Cyber Space towards Trust & Value”

The technological innovations during last two decades in IT & Internet have made this world - asmaller planet and has created Cyberspace. Simply stated - anything that deals with information(devices, content, programs, networks, people) constitutes Cyberspace.

While the Cyberspace has helped in increased collaboration of ideas, culture, and economies & ishelping to build an environment of trust at much faster speed. But the Cyberspace has also broughtforward innumerable conflicts related to the shared interests at individual, community, religion,political, business and national level. The value generated by this trust is under threat through aninvisible war of promoting selfish interests by using technological means for the business, political& military advantages. In current day’s context, the global Cyber crime economy exceeds the econ-omy of fast growing countries like India and has been a matter of serious concern for the entireglobal community.

This presentation covers a wide spectrum of transnational threats on the Cyberspace, methods &impacts. Besides it also examines the motives, discusses the future environment and presents possi-ble solutions.



Session 5: HUTTI GOLD MINES

Brief profile:

Hutti Gold Mines Company Limited (HGML), Government of Karnataka Undertak-ing (Established in 1947 as Hyderabad Gold Mines), has the unique distinction ofbeing the only producer of primary gold in the country. HGML has been active inthe exploration, development and exploitation of gold deposits occurring in Kar-nataka. The Company's Corporate Office is situated in Bangalore and it operatestwo units-The Hutti Gold unit (HGU) ,in Raichur district and the Chitradurga GoldUnit (CGU) in Chitradurga district with an operating mine at Ajjanahalli (TumkurDistrict)

DAY 1-

SESSIO

N 6


TRUST IN, AND VALUE FROM INFORMATION SYSTEMS

Session 6: Mr. Bikas Barai,CEO,Iviz Technosolutions

Brief profile:

Bikash is the founder and CEO of iViZ, the first company in the industry to provide cloud basedand On Demand Penetration Testing for applications and networks. He has been awarded as a topinnovator by several organizations like University of California- Berkeley, London BusinessSchool, Intel, Department of Science and Technology, National University of Singa-pore, Nasscom, TiE, US Navy etc. He is credited of several product and technology innovations inthe areas of Network Security, Simulation of a Hacker's mind using Artificial Intelligence, Cogni-tive Hacking, Social Engineering, Anti-Spam technologies, Attack Simulation and has patents filedunder his name.

He of has done Double B.Tech from Indian Institute of Technology (IIT), Kharagpur in 'ComputerScience' (Hons) and 'Architecture' and also a Masters in 'Computer Science and Information Tech-nology' from IIT. Apart from professional activities he actively pursues painting, magic and pro-motes Indian Art in the Online Community. He actively promotes entrepreneurship and is a Chartermember of TiE, the largest entrepreneur body in the world. Bikash is also an active speaker and hasspoken at various platforms like Nasscom, University of California - Berkeley, NUS Singapore,Global Security Challenge and TiE.

DAY 1-

SESSIO

N 7


“Leveraging Cloud to Secure: Emergence of Security as a service.”

In this talk the speaker would discuss the impacts the emergence of cloud and how it impacts theworld of security. The talk would outline on how the different existing security solutions are mov-ing to the cloud and how one could leverage cloud to have security solutions in any easy, cost ef-fective and scalable manner. The speaker would also touch upon the security risks in using cloudsolution, how to detect them and mitigate them.



Session 7: Mr.Vishal Gupta,CEO,Seclore Technology

Brief profile:

Vishal Gupta is an IIT Bombay graduate in Electrical Engineering and a specialist in fingerprintingtechnology. His ideation in fingerprinting imaging let to the development of the core technologybehind Herald Logic, a company he founded in 2000. The company showed record 220% annualgrowth for the next three years, spreading to Singapore, Australia and UK, until he entrusted it inthe hands of an independent Board.

Vishal Gupta is Founder & CEO at Seclore Technology – a leading provider of information secu-rity solutions in the areas of information usage control, information rights management (IRM) andsecure outsourcing. Vishal handles the corporate development, Investor Relations and Marketing &Sales.

Vishal is also an active participant in the Physics stream activities, with the IAPT (Indian Associa-tion of Physics Teachers), and NSEP (National Standard Examination in Physics); he is amongstthe top 1% in the country in Physics.

Vishal is an active sports person, a keen blogger on information security solutions and an intrepidspeaker at various information rights management forums.

DAY 1-

SESSIO

N 8


“DLP / IRM / Both or None - A view of considerations for protecting unstructuredinformation”

Unstructured information in the form of documents, emails, drawings, images etc. contributes tothe largest information base and therefore the largest risk source for enterprises. Various forms oftechnology like classification, encryption, Data Loss Prevention & Information Rights Manage-ment have emerged over the past few years.This talk by Vishal Gupta focuses on considerations while making technology road map choicesfor protecting unstructured information.



Chief guest: Mr. MN VidyashankarPrincipal SecretaryIT-BT, Govt. of Karnataka

Brief profile:

Currently working as Principal Secretary, e-Governance Department, Government of Karnatakafrom 1st July 2009, he is an IAS Officer of 1982 batch. He has a Masters in Economics and M.Philfrom Delhi School of Economics from University of Delhi and has also obtained a Post Graduatedegree in Business Administration from Harvard University, USA.Served in different Departments in the State Government of Karnataka, in Government of India andwas Chairman, BWSSB from the year 2000 – 2004, was Commissioner, BDA from July 2004 toMay 2006, was Principal Secretary to Government, Department of Information Technology, Bio-technology and Science & Technology from October 2006 to March 2008. Role of Technology ineGovernance and Downsizing, right sizing, Re-engineering, Customer Relations Management(CRM) and Enterprise Resource Planning (ERP) are his areas of Interest.

DAY 1-

SPECIA

L ADD

RESS



Keynote speaker: Mr. Rajiv Nandwani,Executive Vice President,ING Life Insurance

Brief profile:

Rajiv Nandwani is working as an Executive Vice President – Risk Management in ING Life Insur-ance, Bangalore. He heads the Enterprise Risk Management, Operational Risk Management, Infor-mation Risk Management and Corporate Security functions. He has a total of 21 years experiencein Risk Management, Audit, Compliance and various facets of IT.

Prior to ING, Rajiv was working as Chief Risk Officer in HCL Technologies taking care of RiskManagement, Audit and Compliance functions and before that in EXL Services as Principal Con-sultant and AVP - IT in Business Process Risk Services.

He is a qualified Company Secretary, MBA – Finance and M.Com with loads of IT experience. Hiscertifications include CRISC, CISA and Lead Auditor for ISO 27001.

DAY 2-

KEY NO

TE SPE

AKER



Session 1: Mr.CA A Rafeq,Managing Director,Wincer Infotech Limited

Brief profile:

CA A.Rafeq is founder promoter and Managing Director of Wincer Infotech limited. Wincer pro-vides software solutions for the digital auditor.

Rafeq is an IT Governance and assurance professional with experience over 25 years in variedroles such as CEO, CFO, CIO, IT implementer, IT consultant, IT Auditor and COBIT Trainer. Hehas made presentations on IT Governance, IT assurance and COBIT implementation at interna-tional conference of ISACA across the world (more than 14 countries).

Rafeq is a globally recognized trainer on COBIT (an IT Governance framework). He has conductedmore than 140 days of training on using COBIT for IT Governance and IT assurance for ISACAand its chapters and for public, private and government companies. Rafeq has also made presenta-tions for ICAI, ICSI, ICWAI, IIM, ISACA and other Professional Associations.

Rafeq was Member of the CGEIT certification and is currently Member of CobiT 5.0 Task Force.He is Past President of the Bangalore Chapter of ISACA.

DAY 2-

SESSIO

N 1


“How to enhance Trust and Value by using COBIT”

COBIT 5 provides renewed and authoritative governance and management framework for enter-prise information and related technology, building on the current widely recognized and acceptedCOBIT framework, linking together and reinforcing all other major ISACA frameworks and guid-ance such as: Val IT, Risk IT, BMIS, ITAF, Board Briefing, and Taking Governance Forward.COBIT 5 is also expected to connect to other major frameworks and standards in the marketplace(ITIL, ISO standards, etc.)

This presentation will enable participants to learn about:



Session 2: Mr. Lloyd Sanford,Managing Director,Applied Logistics India Pvt Ltd.

Brief profile:

Mr. Lloyd Sanford is the Managing Director, Applied Logistics India Pvt. Ltd based out of Banga-lore. He has over 30 years of senior executive supply chain and logistics experience in global oceanand air transportation, warehousing and related supply chain management technology.

Lloyd has lived and worked in India for the last three and one-half years helping clients be moreefficient and shape their international and domestic supply chains for significant cost savings andcompetitive edge. His India specialty is design and implementation of reverse logistics, new busi-ness processes and supply chain logistics technology improvements with tailored training thatdrives quick results, satisfactory ROI and ongoing solution sustainability.

Lloyd’s recent work experience includes consulting for Attero Recycling, Sequel Logistics, Uni-world Logistics and PCF. Prior to moving to India he led the ShipLogix (now INFOR) design andset for UPS-SCS, BAX Global and AAFES (Army & Air Force Exchange Service) on-line TMSapplications. Before that, Lloyd worked with Scanwell, Arena, Inchcape, APL and Sea-land Ser-vices stationed in the USA, Japan, Korea, The Philippines, Hong Kong and Singapore acquiringleadership qualifications and domain expertise in multi-cultural environments.Contact Details:Applied Logistics India Pvt LtdA119 Smilee GreensHuskur Road Bangalore 560099Office: +91 80 27848266

DAY 2-

SESSIO

N 2


“Environment Solutions – e-Waste Management”

Technically e-Waste comprises a steadily multiplying range of obsolete electronic devices or endof life electrical and electronic units and fast growing e-Waste (near to 800,000 tons p.a.) generatestoxic chemicals like zinc, lead, cadmium, mercury, PVC and arsenic that are left to pollute the air,ground and water while creating serious health issues for the entire population. In India, an esti-mated 95% of all e-Waste is recycled by unauthorized recyclers in an unorganized sector, whichinclude local scrap dealers or kabadiwalas.As the honorable Dr. APJ Abdul Kalam quoted in January 2010, at Attero’s inauguration, “A vi-able method is needed to contain the problem and ensure that in the future, e-Waste does not be-come a health issue for the nation. In that respect, I appreciate the Attero’s “The beginning” pro-gramme. Attero’s initiative is commendable to start an organized, safe and viable e-Waste recy-cling plant in India with an annual capacity for recycling nearly 36,000 tonnes of e-Waste. Effortslike this could lead the way for India becoming a global player in e-Waste recycling systems withinthe next decade”.



Session 3: Mr.Maninder Bharadwaj,Director,Deloitte Touche Tohmatsu India Pvt Ltd

Brief profile:

Maninder is a Director in Enterprise Risk Services and focuses on Information Technology Risk.He has extensive experience in various aspects of Information Technology Risk and InformationSecurity Consulting. He is the national lead for Vulnerability Management. He has 7 years of inter-national experience and was part of Center for Excellence for Identity & Access Managementwhile in Deloitte & Touche LLP in USA.

Maninder has led multiple projects in areas of Information Security Strategy and Roadmap, Infor-mation Security Awareness, Identity and Access Management, Data Privacy, PKI, Two Factor Au-thentication, RBAC, Information Security Policy and Procedures, Vulnerability Management /Ethical Hacking, Web Portal Security, Software License Compliance, Role Management for SAP,Information Security Architecture, IT General Computer Controls, SoX and Managed SecurityServices for clients in Financial Services, Healthcare, Telecommunication, FMCG, Shipping,Manufacturing, IT and so on.

DAY 2-

SESSIO

N 3


“Measuring Value of Information Security”

The information Security and Risk management departments are regularly questioned about thevalue delivered by investments made by their respective departments. IT security metrics provide apractical approach to measuring the value of information security. Evaluating security at the systemlevel, IT security metrics are tools that facilitate decision making and accountability through col-lection, analysis, and reporting of relevant performance data. Based on IT security performancegoals and objectives, IT security metrics are quantifiable, feasible to measure, and repeatable.



Session 4: Mr. Debashis Banerjee,Senior Engineering manager,Yahoo - India

Brief profile:

Debashis Banerjee is a technology professional with 12+ years of expertise in development andleading global teams in development of Mobile Web, Cloud, Security and Telecom products. He iscurrently a Senior Engineering Manager with Yahoo! India.Email: [email protected]: +91-9845418197DAY

2-SES

SION 4


“The Cloud is as secure as YOU want it to be”

Security breaches on the cloud can compromise data leaving people and business' compromised topotential financial and identity theft. As part of this session one will gain an architectural view ofsecurity to be used and introduced as part of the entire cloud infrastructure and user levels be itpublic, private or hybrid clouds. Topics such as cloud related data encryption, multi tenancy, wipe-out, authentication, privileged user management, identity management will be discussed. Addition-ally an introduction into the multi device cloud security including mobile phones and multi factorauth methods will be available.



Session 5: Mr.Ganapathi Subramaniam,Information Protection Lead ,Global Asset Protection, Accenture

Brief profile:

An accomplished professional with close to 20 years of industry experience, Gan’s passion andprofession has always been Information Security. In addition to his Master’s degree in ComputerApplications (MCA), he has achieved/held number of industry certifications such as CISA, CISM,CISSP, SSCP, CISMP, CCNA, CCSA and ISO27001:2005 Lead Auditor.

Gan is currently employed at one of the leading multinational organizations and operates out ofChennai, India.

As one of the Contributing Editors / Columnists of the ‘ISACA Journal’ published by the Informa-tion Systems Audit and Control Association, USA, Gan has been writing a regular column titled‘Help Source Q & A’ answering readers’ questions on Security and Audit since 2004. In the past,Gan’s columns on Security have appeared in magazines such as Smart Inc., (formerly known asComputers Today) published by the India Today group. He has also co-authored study materialsaiding CISA examination preparation published by ISACA.

As an International Conference Speaker, Gan has addressed a number of gatherings comprisingCIOs and CISOs on Information Security and Risk Management in various countries such as theUK, Netherlands, Switzerland, South Africa, UAE (Oman & Qatar), Singapore and India since2003. He was recently invited to be a member of the Board of Studies, Department of BankingTechnology, School of Management, Pondicherry University for three academic years starting2010; in addition, as a Visiting Faculty he has been delivering regular lectures on Information Se-curity at Pondicherry University. Gan has also taught multiple subjects to MBA students, including‘Strategic IT Management’ at Jamnalal Bajaj Institute of Management Studies, Mumbai,

DAY 2-

SESSIO

N 5


“How much is enough? This is the eternal dilemma of security practitioners .”

“ Should we invest more or reduce it? How much should be logged? what is the ideal length ofpasswords? to what extent should we test our BCP? " - the question of 'how much' always remainsand continues to rattle all practitioners.

The aim of the talk is to share some insights on if and how whether the limit of saying 'enough' canbe determined and measured.



Session 6: Mr.Simran Gambhir,Independent Consultant(Seclore)

Brief profile:

Simran is an independent consultant specialising in the realms of leading/bleeding edge technolo-gies. Simran started his career a score of years ago building websites since the invention of the veryfirst web browser. His interest in technology and computer security saw him become a leading de-veloper for large media houses such as Fairfax in Australia. Simran then went on to become CTOof News Interactive (News Corp's Digital Media arm) and Loyalty Pacific - Australia's largest loy-alty program (part of Australia's largest Bank (NAB) and largest Retailer (Coles Group)).Simran moved to India in 2008 and actively helps VC's perform due diligence on tech companiesprior to investment. Simran's passion in security is also represented in that he is a founding memberof null (India's largest open hacker community).

DAY 2-

SESSIO

N 6


“Information audits in a perimeter-less world”

Performing information audits in an era of LinkedIn, Salesforce.com & Google Apps is an increas-ingly difficult exercise. Traditional methods of performing audits on systems deployed within theenterprise are falling into the "Necessary But Not Sufficient" category.This talk by Simran Gambhir, focuses on challenges associated with information audits in a border-less world and introduces pointers as to how auditors can make the audit process more relevant.



Panelist: Mr.Samrat BhasinInformation Security ManagerACS, A XEROX Company

Brief profile:

Samrat Bhasin work for ACS,a Xerox Company as Information Security Manager. He manages theglobal Information Security Program for a line of business and is also responsible for developingthe information risk posture of the business units.Prior to ACS, Samrat worked as Information Risk Manager with JP Morgan Chase and managed

the Risk program for the technology group covering the Asia Pacific region.Samrat is an engineer (E&C) by qualification and holds CISSP and CISM certification. Prior to

moving to Security domain he worked as Network Lead and has hands on experience in imple-menting network & security infrastructure products.

PANEL

IST



Panel Discussion :

Cloud Security-Trust and Value Challenges

Trust and value are two sides of a coin and this is true today than at any otherpoint in time with mankind standing at the cusp of change in every aspect of life;this is brought home to us IS/It professionals every time new technologies andnew technology applications are on the horizon and every time loss, fraud andother negative events emanate for the use of these technologies and their applica-tion. Very often one hears the mention of the cloud and how this will revolution-ize the very use of information technology and bring benefits all around. How-ever very little is understood about the cloud and what we as professionals andthe organizations we work for and society in general should expect from this newanimal the Cloud?; Is it the alchemist that is it made out to be providing solutionsto practically every problem that ails us or is it the bogeyman your motherwarned you about one moonlight night.

The panel discussion aims to bring together an eminent group of subject matterexperts, who will approach the ‘trust’ and ‘value’ conundrum from the perspec-tive of the cloud and will provide insights from the governance, audit, user, com-pliance, regulatory and other angles. At the conclusion of the panel discussion, wehope there is a small albeit significant improvement in the understanding andapproach to the cloud especially from the IS/IT professionals perspective; confer-ence participants will be enriched and the markers to the way forward are a tadclearer.

PANEL

DISCU

SSION



Panel Discussion :

Cloud Security-Trust and Value Challenges

Panelists:

Mr.Amit K Gupta

Mr.Dabashis Banerjee

Mr.Ganapathi Subramaniam

Mr.S Prabhu

Mr.CA A Rafeq

Mr.Samrat Bhasin

PANEL

DISCU

SSION

23

SPONSORSBronze

Supported by

Media Partners

conference overview - isacaisacabangalore.org/isacabc/main/media/downloads/... · conference...

Documents