Contact Us   |   Print Page   |   Sign In   |   Register
May 2013

BYOD to the Cloud

Recorded Live: May 28, 2013
Start Time: 9:00 a.m. US Pacific/ 12:00 p.m. US Eastern/ 5:00 p.m. London

Click here for presentation slides.

Click here to view recorded web conference.

Generously supported by:

Web Conference Overview:

Every so often a new disruptive technology or use model arises. The hot topics, for the past few years, have been Consumerization and Cloud Computing. But what happens when these two topics combine? In today’s world you can now use your personal device to access the cloud. On the surface things may not seem confusing, but what happens when you access corporate data and personal data from the same device? What issues can exist with bleed over and residual information, and how can we deal with them?


Roy Wattanasin - New England, USA Chapter
Information Security Officer, MITM

Roy Wattanasin is the information security officer for MITM. He spends most of his time leading and developing the organization's information security program, performing penetration tests, finding vulnerabilities and working on other projects. He enjoys teaching a variety of topics about healthcare information security and speaking at security conferences. He teaches at Brandeis University and is a part of many advisory boards. Previously, Roy was a Senior Security Engineer for Children's Hospital Boston (now Boston Children's Hospital), where he led the application security, vulnerability management, incident response programs, security awareness and security engineering initiatives.

Roy is also a member of the MedSec (Medical Security) Linkedin group. He is also the lead organizer of Security BSides Boston 2013. He is affiliated with OWASP, ISSA International, HIMSS, the Boston Security Meetup and many other security and privacy related groups. He also enjoys doing part-time security research.

Presentation Abstract:

Bring Your Own Device (BYOD) and the cloud are both terms and keywords that everyone has now heard about. Learn more about the challenges, security risks and results of performing both at the same time. How do you protect the data on mobile devices that are also personal devices? What are the best recommended ways to accomplish this? How do you start and what policies should you implement? Companies have moved now from the model of mobile devices wasting productive time to embracing the supporting mobile devices in enterprises to efficiently perform tasks. Additionally, learn some ways to alleviate this common issue.

David Willson - Colorado Springs, USA Chapter
Attorney/Security Consultant, Titan Info Security Group, LLC

David is a leading authority in cyber security and the law. He is a licensed attorney in NY, CT, and CO, and owner of Titan Info Security Group, a Risk Management and Cyber Security law firm, focused on technology and the law, and helping companies lower the risk of a cyber-incident and reducing or eliminating the liability associated with loss or theft of information. He also assists companies with difficult legal/cyber-security issues. David is also a partner of OnlineIntell, an online company that provides brand and reputation protection, corporate intelligence, and domain, trademark, copyright, and patent infringement detection and solutions. He is also on the Board of Advisors with Cylance.

David is a retired Army JAG officer. During his 20 years in the Army he provided legal advice in computer network operations, information security and international law to the DoD and NSA and was the legal advisor for what is now CYBERCOM.

He has published many articles, such as, "Hacking Back in Self-Defense: Is It Legal; Should It Be?”, "Cyber War or Cyber Cold War?”, and recently, "The Legal Issues of Forensics in the Cloud.” His speaking engagements include: the FBI ICCS conf., RSA (2009-2013) and RSA Europe, CSI, HTCIA, ISSA, FBCINC, the 4th Int'l Cyber Crime Conf., Australia, Cornerstones of Trust, FISSEA, ASIS, ISSA International, Hacker Halted, the OWASP SnowFroc 2013, and others.

He holds the CISSP & Security + certifications and has two LLM’s in International Law and in Intellectual Property law. He is a VP of his local ISSA chapter and a member of InfraGard.

Presentation Abstract:

BYOD and Cloud Present Legal Challenges. Combine Them and You Have a Nightmare.
BYOD raises a lot of legal and security issues as does the Cloud. Depending on which side you are on some of the issues include: privacy, who owns the data, who controls the data, how is the data kept secure, what happens when there is a breach (of the device or the Cloud), and many more. These questions and more will be explored from a legal perspective.

K. Scott Morrison
Chief Technology Officer, Layer 7 Technologies

K. Scott Morrison is the Chief Technology Officer at Layer 7 Technologies, where he is leading a team developing the next generation of security infrastructure for cloud computing, API Management and SOA. An architect and developer of highly scalable, enterprise systems for over 20 years, Scott has extensive experience across industry sectors as diverse as health care, travel and transportation, and financial services. He has been a Director of Architecture and Technology at Infowave Software, a leading maker of wireless security and acceleration software for mobile devices, and was a senior architect at IBM. Before moving to the private sector, Scott was a member of the world-renowned medical research program of the University of British Columbia, studying neurodegenerative disorders using medical imaging technology.

Scott is a dynamic, entertaining and highly sought-after speaker. His quotes appear regularly in the media, from the New York Times, to the Huffington Post and the Register. Scott has published over 50 book chapters, magazine articles, and papers in medical, physics, and engineering journals. His work has been acknowledged in the New England Journal of Medicine, and he has published in journals as diverse as the IEEE Transactions on Nuclear Science, the Journal of Cerebral Blood Flow, and Neurology. He has written articles that have appeared in Forbes and CNN. He is the co-author of the graduate text Cloud Computing, Principles, Systems and Applications published by Springer, and is on the editorial board of Springer’s new Journal of Cloud Computing Advances, Systems and Applications (JoCCASA). He co-authored both Java Web Services Unleashed and Professional JMS. Scott is an editor of the WS-I Basic Security Profile (BSP), and is co-author of the original WS-Federation specification. He is a recent co-author of the Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing, and an author of that organization’s Top Threats to Cloud Computing research. Scott was recently a featured speaker for the Privacy Commission of Canada’s public consultation into the privacy implications of cloud computing. He has even has lent his expertise to the film and television industry, consulting on a number of features including the X-Files. Scott’s current interests are in cloud computing, API security and secure mobile computing—and of course, his wife and two great kids.

Scott’s blog is at

Presentation Abstract:

Identity Sits At The Intersection Of Cloud And Mobile
Two of the most compelling trends in IT today are cloud computing and mobility. Either of these alone carries the potential for massive disruption to enterprise IT; together, they represent an overwhelming force. But are these technologies truly separate, or do they have commonalities that IT management can exploit to gain better control?

Identity is arguably the architectural keystone bridging these trends. To be successful with these technologies, we need to change our approach to managing identity. In this presentation, by CA Technologies and Layer 7 Technologies, you will learn how to leverage emerging technologies like OAuth, OpenID Connect and SCIM to construct a modern, consumer-centric enterprise.

Matthew Mosley - Northern Virginia, USA Chapter
ISSA Web Conference Committee, Session Moderator

Matt Mosley has been working as a security professional for more than 20 years in roles within corporate IT and risk management, strategic consulting, and product development. In his current role with ThreatTrack Security, Matt leads product management activities for a portfolio of malware protection solutions. Prior to this role, Matt held senior leadership roles with leading security firms including NetIQ, Internet Security Systems, Intellitactics and Brabeion Software. Matt is an active member of security industry groups including ISACA and ISSA, and sits on the ISSA Web Conference Committee. Matt holds the CISSP, CISM, and CISA designations, teaches CISSP courses for ISSA-NOVA, and is a frequent speaker at security conferences.

Community Search
Sign In


4th Annual Healthcare Cybersecurity Summit

ISSA Thought Leadership Series: Exploring The Frontier For Maliciousness In IPv6

ISSA Thought Leadership Series - Zero Trust: The evolution of Perimeter Security

ISSA of Wisconsin - Annual Meeting and Conference

ISSA Thought Leadership Series: Security-as-a-Service for Small and Medium Sized Businesses

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information