An ISACA GWDC and CSA-DC Joint Event

 

2021 Cloud Conference

September 9 @ 8:30 am - 12:30 pm EDT

 $10 for Members, $80 Non Members

CSA-DC Members: Register today using this exclusive CSA-DC promotional code and get $70 off: use code "2021ISACACloud"

Join us on Sept 9th for the 2021 Cloud Conference! Cloud computing presents a tremendous opportunity with 94% of all enterprises currently using cloud services as organizations continue to migrate their data and operations to the cloud. By 2025, it is projected that the cloud computing market will exceed $800 billion with over 100 zettabytes of data being stored in the cloud. In a study by Cloud Security Alliance, around half of organizations are concerned about lack of cloud expertise and 79 percent of respondents report staff-related issues. The 2021 Cloud Conference will enable participants to learn what is new and innovative in cloud computing and to enhance their cloud strategy. 

Agenda:

  • 08:30-09:30  FedRAMP Strategic Initiatives 
  • 09:30-10:30  Lessons Learned on Cloud Security and Assessment
  • 10:30-11:30   How NIST's OSCAL Can Help Automate and Reduce Risk for FedRAMP Users
  • 11:30-12:30  NIST OSCAL in Action:  Tools to Deliver Continuous ATO Documentation
Who Should Attend?
Cloud security and enablement professionals, IT advisory or audit professionals, Business executives, Cybersecurity professionals, students or professionals interested in learning more about cloud in the public sector space.
 
CPE
Earn up to four CPE credits in the area of Information Technology. Please refer to additional details on the Event Details link above.

 

When

Thursday September 9, 2021
@ 0830 - 1230 EDT
Four (4) NASBA CPE credits

 

Session 1 - FedRAMP Strategic Initiatives
(8:30am - 9:30am)
Presented by Brian Conrad (GSA FedRAMP)
FedRAMP has seen an incredible increase in the adoption of the program, which is marked by both an increase in agency participation and reuse of authorizations. Brian Conrad, FedRAMP's Acting Director, will highlight FedRAMP's growth and the program's FY21 focus on strategic initiatives - like automation and a threat based authorization approach - to transform FedRAMP, with a focus on continued partnerships with stakeholders.  Brian will also touch on the high level updates that were made to the draft Authorization Boundary Guidance which is currently open for public comment.

Session 2 - Lessons Learned on Cloud Security and Assessment
(9:30am - 10:30am)
This panel will include representatives from Amazon Web Services (AWS), Government Accountability Office (GAO), and TalaTek, which is a FedRAMP Third Party Assessment Organization (3PAO). Will be a Q&A panel format where we will discuss lessons learned from these three different perspectives on cloud security and compliance. Some of the topic that will be covered include what cloud providers and federal agencies are doing well with cloud compliance and future trends around cloud security and federal policy.
Speakers: 
Vijay D'Souza (United States Government Accountability Office)
Tyler Harding (Amazon Web Services Security Assurance)
Baan Alsinawi (TaleaTek)
Moderator: 
Phil Moore (Kearney & Company)

Session 3 - How NIST's Open Security Controls Assessment Language (OSCAL) Can Help Automate and Reduce Risk for FedRAMP Users
(10:30am - 11:30am)
NIST’S Open Security Controls Assessment Language, developed as a partnership between NIST, industry and FedRAMP, serves as a standardized language to represent control catalogs, control baselines, systems security plans (SSPs), assessment plans and results in both human- and machine-readable formats.  This session will dive into the language itself, showcasing how one can leverage this approach to automate resource-intensive tasks and deliver insightful information to auditors and decision makers in an agile manner.  Attendees will be able to ask questions during a Q&A following the presentation
Speaker:
Michaela Iorga (National Institute of Standards and Technology)
Moderator:
Chris Hughes (Cloud Security Alliance – Washington DC Metro Area)

Session 4 - NIST OSCAL in Action: Tools to Deliver Continuous Authorization to Operate (ATO) Documentation
(10:30am - 11:30am)
Public/private partnerships are crucial to advancing the state of the art and bringing innovation to life.  To that end, come learn how MITRE and a slew of innovative tools are putting NIST OSCAL to work, delivering great user experiences to accelerate and automate the ATO process, producing actionable documentation for both the auditor and the audited.  Attendees will be able to engage with presenters in the Chat throughout the session.
Speakers:
Aaron Lippold (MITRE)
Greg Elin (GovReady PBC)
Travis Howerton (C2 Labs)
Jasson Walker (cFocus Software)
Moderator:
Dr. Mari Spina (Cloud Security Alliance - Washington DC Metro Area)

Volunteer - Become a CSA-DC Chapter Member

EVENTS: All our Events can be found on our CSA-DC Meetup. Events are typically free to attend.

RESEARCH: Our Chapter conducts research that is relevant to our local community. Find out more on our Research page.

VOLUNTEER: If you’d like to help support this chapter and our local community, we encourage you to Get Involved!

STAY CONNECTED: Our chapter uses the Cloud Security Alliance’s Circle platform to Stay Connected. We encourage you to sign up for free and join the Washington DC Metro Area Chapter as well as check out all the working groups that CSA Global has to offer.

CSA-DC-chapter-logo-1
Cloud Security Alliance - Washington DC Metro Area Chapter (CSA-DC), 1775 Tysons Blvd FL 5, Tysons, VA 22182