An Introduction to Cloud Security Assessments Using HECVAT (separate registration is required)

As more new people join the higher education information security community or start new responsibilities around cloud security for SaaS services or cloud vendor risk management, they need an introduction to learning how we assess the security of SaaS cloud services. As key part of this assessment is HECVAT. This workshop will introduce you to using HECVAT across your campus to manage risk around SaaS cloud services. We’ll discuss tactical and strategic aspects to include in these efforts. This year, we’ll do breakouts based on institution size to help you work with the group to identify the next strategic and tactical steps for developing your cloud security assessments program with HECVAT as the core of your campus processes. We’ll scale the discussion from one-person security offices to larger programs! We’ll have an additional exercise focusing on choosing a specific area of cloud vendor risk management to improve on your campus. We’ll ask for questions in advance of the workshop to frame the discussion.

The registration fee for this preconference workshop includes:
• Lunch on Wednesday, May 1 from 11:30 a.m. - 12:30 p.m.
• Refreshment breaks
• All workshop materials