Virtual Conference 2022

A virtual experience that unites global tech leaders to provide you with first-hand insights. Topics on progress in Cryptography, PKI, Encryption, Data protection, Cloud key management, and other related topics.

Speakers

Puneet Singh, President

Puneet Singh

President at Encryption Consulting LLC

Welcome & Key note

Encryption Consulting has grown exponentially since its inception and has emerged as a leading global data security consulting company. With the remarkable success of CodeSign Secure and CertSecure Manager, it has now expanded its footprint by foraying into DLP, CASB and HSM-as-a-Service. It is armed with a team of dedicated and deeply committed data protection experts extending their services to nearly 100 customers in the Fortune 500.

Tim Phipps, Director Cloud Alliances

Tim Phipps

Director Cloud Alliances, EMEA at Thales

Can You Trust The Cloud With Your Sensitive Data?

  • What is currently driving the demand for putting sensitive data into the Cloud?
  • Hyperscalers have invested huge sums in cloud security so shouldn’t we just rely on native encryption keys and key management provided by them to protect sensitive data in the cloud?
  • Is Schrems II now invalid with the recent commitment to the new Trans-Atlantic Data Privacy Framework?
  • What measures can organizations adopt to control their Digital Sovereignty and how to remediate risk once it knows where its sensitive data resides.

Mark Bower

VP – Product Management at Anjuna

Data Security and Privacy with Confidential Computing

All major cloud providers now deliver powerful hardware-grade security services every enterprise requires to maintain the highest level of security. Anjuna extends these Confidential Computing technologies to create hardened private environments that protect sensitive applications and data from insiders, bad actors, and malicious processes–even from a physical machine breach. The strong, impenetrable protection of the Anjuna Confidential Computing software automatically extends everywhere workloads and data are processed, stored, and networked. Now, highly regulated organizations and government agencies like Israel’s Ministry of Defense can protect sensitive workloads in secure private environments built on public cloud infrastructure from AWS, Microsoft Azure, Intel, AMD, and others. See how, as we dive deeper into Israel’s Ministry of Defense case study.

Shiran Maor

Sr Principal Platform Architect at Anaplan

Bring Your Own Key for SaaS

Using SaaS offering increase the risk for businesses, as businesses’ data is managed by others. Most SaaS companies will offer security guards to protect from the outsiders, but are they protected from the inside?

Watch the session on advanced data protection that your business should consider implement to give more protection and control to your customers.

  • What is BYOK and should I consider implement BYOK?
  • What are the advantages and disadvantage of BYOK?
  • Go over some common use cases for BYOK
  • BYOK at Anaplan

Govind Palanisamy

Sr. Solutions Architect at Global Payments

Data Loss Prevention

Cloud data loss prevention (DLP) to help organization’s keep their sensitive or critical information safe from cyber attacks, insider threats and accidental exposure.

Sid Dutta

VP – Data Privacy & Protection at Activision

Designing & Implementing a Data Protection Framework taking a Risk-based approach

As enterprises are grappling with data breaches and compliance to various local and regional privacy regulations, it has become a daunting task for businesses to develop and implement data protection strategies and frameworks, that are effective, yet practical and scalable.

Given not all data elements are the same, and that they aren’t subject to the same risk exposure and the same level of magnitude in terms of impacts, a one-size-fits-all strategy for protecting data would either over-protect or under-protect data. A blanket approach to address data protection could be either too lengthy, expensive, and complex to implement or leave a big risk exposure for the business to pay for massively at a later time.

Data privacy and protection techniques vary across multiple dimensions and layers – with varying degrees of effectiveness and implementation complexity. Applying optimum techniques for data protection is more art than science, and enterprises often struggle to adopt an appropriate model for developing their data protection strategy.

Watch the session, you will learn how to adopt a risk-based approach to design and implement an effective and practical data privacy and protection framework, as Sid shares his learning and experience while driving cross-functional data privacy and protection programs across various large and complex organizations during his career.

Jeff Farinich

Chief Information Security Officer at New American Funding

How a Data Classification initiative turned into an organization wide Data Protection Portfolio of Programs

Are you storing PII and PCI data in your environment? If yes, then how strong is your data classification schema? Data classification helps you centralize data management by rapidly.

Identifying, normalizing, and classifying data across on-prem and cloud sources – protecting data that strengthens a business. We will discuss why a data classification initiative is necessary for your organization and how it can be turned into an organization-wide data protection portfolio program.

Lane Sullivan

Chief Information Security Officer at Magellan Health

Data comes first

The crucial first step in privacy and data protection is to know what constitutes sensitive data, where it is stored, and how it is used. If an organization does not have a proper understanding of their sensitive data, it will not be able to efficiently protect data across the enterprise, mitigate the risks associated with it and will remain non-compliant with regulatory mandates and industry best practices.

Anand Kashyap

Co-founder, CTO at Fortanix

Are you ready for PQC?

In recent years, the research in quantum computers has accelerated, and what seemed possible in a distant future is now predicted to be only a few years ahead. If quantum computers become real, then they will have the ability to break many of the widely used cryptographic algorithms currently in use, such as RSA, and elliptic curve cryptography. This problem will be exacerbated for machines and IoT devices which are in use currently and are expected to be in the field for several years, but have firmware and other software using conventional cryptography.

Post quantum cryptography deals with this problem by creating cryptographic algorithms which are safe from both quantum and classical computers. This has been an active area of research as well as standardization efforts from NIST in the last few years. In this talk, we will present the state of affairs with the PQC algorithms, their state of development, as well as adoption and usage in industry.

Anthony Cammarano

VP, Principal Security Architect at Protegrity

Achieving Cross Border Data Privacy Compliance in the Enterprise With a Secure Data Service

At the enterprise level operating a multi-national business sensitive data is sourced, moved, and consumed across complex legal, privacy, geo-political, and regulatory data flows in all kinds of software stacks. This adds risk and prevents business growth. The scale and complexity of this problem cannot be satisfied by traditional protection patterns and requires a simple solution that empowers business with secure data.

Einat Shimoni

Director, Data security at Anaplan

POV on PKI and Certificate Lifecycle Management

The Right PKI infrastructure and Certificate Management is necessary for enterprise-level security posture. It is important you understand the need for it for your environment. Digital certificates provide power, and PKI-based security enables the creation of trusted device identities. However, the lifespan of these certificates is shrinking, which helps enterprises stay more secure but also means that they must be renewed more frequently. Without the right management solutions, this administrative aspect of managing hundreds or thousands of digital certificates can be daunting for organizations and may even lead to a breach. This session will discuss why PKI and Certificate management is necessary, the drawbacks and benefits, the architecture, the certificate management lifecycle, etc.

Tomas Gustavsson

Chief PKI Officer at Keyfactor

Operating PKI in the new zero trust, multi-cloud era

Cybersecurity is a fast evolving area. Moving from traditional enterprise boundaries to zero trust, multi cloud environments have many technical challenges. PKI as concept see some changes but the large changes is in how PKI is deployed and operated in the new era. With the move to zero trust the volume of identities are growing fast, migration to cloud requires new hybrid deployment models, automation is needed to keep up with DevOps and, and new HSMs offerings are appearing quickly, not to mention what to transition to post quantum cryptography algorithms means.

Watch the session on these topics, showing real examples how organizations are able to leverage new technology in a traditional security field, and show technical details on what changes under the hood.

Adam Cason

Vice President at Futurex

Encryption Is Easy, Key Management Is… Also Easy?

Deploying a robust cryptographic key management infrastructure is widely regarded as a difficult challenge with complexities that can stump even experienced technical architects. But is this actually the case in reality? Not necessarily.

This session dispels common myths around key management and details a range of best practices built over many years in the “crypto trenches.” In particular, the session focuses on how end-users can architect their ecosystem to make key management less challenging, how application developers can natively integrate FIPS-validated key management into their own products, and how security technologists can maintain a forward-looking stance on the needs of their organizations.

With topics ranging from “Help! I manage keys on an Excel spreadsheet. Where do I start?” to “as an application developer, how do I design my own products for easy integration“, to “how do I decide whether my application should use PKCS #11, KMIP, or something else entirely to interface with HSMs?” and more, this session will cover a broad set of topics with cross-industry applications.

Dr. Sonny Kleinow

Sr. Enterprise Solution Architect at Comforte

Data Protection: Identifying Risks, Implementing Methodologies, and Unlocking Value in Business Analytics

The importance of data protection is reflected in the unprecedented growth of the amount of data being created and stored. To meet this trend, privacy regulations are finally being passed and enforced, as organizations have also been exposed to increased threats of data breaches and cyberattacks. Therefore, it’s crucial for organizations to proactively protect their data and continuously update their protective measures. The key principle of data protection is safeguarding the data from bad actors and adverse circumstances. However, data protection technologies have also evolved to unlock new business value with otherwise dormant copies of data for reporting, test/dev enablement, and more. We will discuss how data protection methodologies like encryption and tokenization help companies comply with regulations, avoid costly fines, and play a key role in unlocking the value of business analytics.

Riley Dickens

Cyber Security Consultant at Encryption Consulting LLC

Code Signing

Code Signing is one of the most important things an organization can do to protect their software. Attackers are well known for masquerading software as a well-known organization to infect victims. In this session, you will learn about the importance of code signing, how code signing works, and the strengths and weaknesses behind code signing.

Abstract

Complete the form below to view the video







    Explore the full range of services offered by Encryption Consulting.

    Feel free to schedule a demo to gain a comprehensive understanding of all the services Encryption Consulting provides.

    Request a demo