PCI – DSS in the Cloud: Practical Guide for Cloud Computing Security and Compliance
Payment Card Industry Data Security Standard compliance remains to be a challenge for many financial institutions but PCI DSS compliance in a cloud computing environment is even more challenging. It is therefore essential for financial institutions to be in the know with the latest and most significant issues with respect to this important topic to ensure cloud computing security and compliance whilst minimizing the risk of potential pitfalls.
The Knowledge Group is producing “PCI – DSS in the Cloud: Practical Guide for Cloud Computing Security and Compliance LIVE Webcast,” to help you find answers to your questions regarding security and compliance on PCI DSS in a cloud computing environment. In a two-hour live webcast, our panel of key experts will discuss:
- Fundamentals of PCI DSS
- Cloud Provider Responsibility
- Virtualization Infrastructure
- Audit and Assessment of Service Providers
- Strategic Ways for Cloud Security & Compliance
- Legal and Regulatory Issues
- And a much more!
James S. DeGraw , Partner,
Ropes & Gray
** Speaker Talking Points to be added soon.. **
Douglas W. Barbin, CPA, CISSP, PCI QSA, Principal,
- Scope – #1 issue for cloud PCI assessment – What are the boundaries of the system or cloud service provided? What are the boundaries of the audit? Are they the same? How are in-scope versus out-of-scope systems segmented?
- Shared control responsibility – Where does the cloud provider’s responsibility end and the customers’ begin? This can be complex and the answer may vary by control requirement.
- Configuration management – The Achilles heal for cloud providers. How are configurations being consistently and security applied across hundreds if not thousands of managed systems? How does the configuration scale with the “elasticity” associated with cloud computing?
- Continuous monitoring – How is the cloud provider collecting and maintaining the appropriate historical security and event log data?
Robert E. Braun, Partner,
Jeffer Mangels Butler & Mitchell LLP
- Key Contract Provisions – What are the key provisions which should be contained in any Cloud Computing agreement?
- Security Breach Issues – What do I need to do to protect against a security breach, and what are the responsibilities of the Cloud Provider?
- International Relations – Cloud Computing is an international endeavor – how to foreign jurisdictions impact my obligations?
- Mobile Devices and Applications – How do mobile devices and applications change the playing field?
Who Should Attend:
- Security Officers
- Senior Executives
- Bank Executives
- Financial Crime Attorneys & Consultants
- Risk and Compliance Officers
- IT Heads
Doug Barbin is a Principal (Shareholder) at BrightLine where he is responsible for all service delivery for the western United States as well as the PCI and federal (FedRAMP) compliance practices firm-wide. After starting his career with Price Waterhouse, he spent the next ten years building and operating information security and compliance programs for Fortune 500 enterprises and major technology providers. Prior to BrightLine, Doug was the director of product management for VeriSign’s managed security services business up through its sale to SecureWorks (Dell). He is a licensed CPA, QSA, and CISSP and one of the first CSA Certificate of Cloud Security Knowledge (CCSK) recipients. Doug volunteers for several non-profits including the CSA and the ISSA, where he is currently chairman of the international audit committee. He has dual-degrees in Accounting and Administration of Justice from Penn State and an MBA from Pepperdine.
Doug Barbin is a Principal (Shareholder) at BrightLine where he is responsible for all service delivery for the western United …
Robert Braun, a partner in JMBM’s Corporate Group, specializes in transactions with an emphasis on data security, privacy and information technology. Bob’s practice includes establishment and development of strategies to implement computer software, cloud computing, computer hardware, communications and e-commerce solutions, designing and implementing privacy and security programs and protocols, as well as remediating security breaches.
Bob counsels a variety of firms on software development and licensing; franchising, Web sites design and ownership; electronic commerce transactions and related matters. In addition, Bob represents clients in corporate structuring, financing, acquisitions and divestitures; joint ventures and strategic alliances. Bob is also a frequent lecturer as an expert in technology, privacy and data security issues, and is one of only two attorneys in the 2013 listing of SuperLawyers to be recognized for expertise in Information Technology. Bob is an advisor to the Information Systems Security Association, Los Angeles chapter, and a member of the International Association of Privacy Professionals.
Robert Braun, a partner in JMBM’s Corporate Group, specializes in transactions with an emphasis on data security, privacy and information …
Jim DeGraw is a corporate technology partner who works with clients to anticipate and handle the legal issues ever-changing technologies present. He regularly leads transactions for which technology or IP assets are key drivers, provides clients with strategic advice on protecting and maximizing their investments in technology, and advises clients on handling and securing the data their businesses collect and process. Jim brings to any representation his computer science background, his significant litigation experience, which includes handling complicated patent litigation matters, such as Affymetrix v. Incyte, Data General v. IBM, and State Street v. Signature, and his experience of having spent years working on cross-border technology matters while based in Asia.
Jim is a founding member and former Managing Partner of the firm’s first international office in Tokyo.
Jim DeGraw is a corporate technology partner who works with clients to anticipate and handle the legal issues ever-changing technologies …
Print and review course materials
Method of Presentation:
NASBA Field of Study:
NY Category of CLE Credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
BrightLine CPAs & Associates, Inc. is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body and a FedRAMP 3PAO. Renowned for expertise tempered by practical experience, BrightLine’s professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives using a single third party assessor.
About Jeffer Mangels Butler & Mitchell LLP
Jeffer Mangels Butler & Mitchell LLP is committed to providing clients with outstanding results. We are one of a few full-service law firms serving individuals, family-owned businesses and middle market clients — in addition to Fortune 500 companies — counseling them across a broad range of commercial and business issues. From our offices in Los Angeles, San Francisco and Orange County, we serve our clients’ needs worldwide. For more information about our attorneys and practice areas, visit www.JMBM.com.
About Ropes & Gray
Ropes & Gray LLP is a leading global law firm with offices in New York, Washington, D.C., Boston, Chicago, San Francisco, Silicon Valley, London, Hong Kong, Shanghai, Tokyo, and Seoul.
Built on a foundation of more than 140 years of forging strong client relationships, we represent interests across a broad spectrum of industries in corporate law and litigation matters. In addition, we offer counsel on labor and employment issues, tax and benefits, creditors’ rights, and private client services. Our clients range in size from large to small companies and include leading industrial companies, financial institutions, government agencies, hospitals and health care organizations, colleges and universities, as well as families and individuals.
Over 1,000 lawyers and professionals provide the highest-quality legal advice. Our firm combines superior talent with a supportive environment that is conducive to nationally-recognized problem solving and service for our clients.
We have a reputation for high-quality work, a positive outlook, and the highest standards of service and ethics. We continue to attract excellent clients, challenging assignments — and outstanding lawyers. All this translates to a team of legal counsel solely focused on providing the best service possible for our clients.