=== Cloud Security Issues === Randy Marchany\\ Chief Information Security Officer of Virginia Tech Thursday, July 22, 2010 \\ 10:00 - 11:00 am \\ HED 116 \\ Abstract: This presentation discusses the 13 different areas that need to be examined when an organization is considering moving their applications to a cloud computing environment. There are significant security issues that can arise if a site doesn't do a careful analysis of the cloud computing model. Biography: Randy Marchany has been involved in the computer industry since 1972. He is the Chief Information Security Officer of Virginia Tech. He is also the director of the VA Tech IT Security Testing Lab, a component of the university's Information Technology Security Office. He is the author of VA Tech's Acceptable Use Statement and a co-author of the original FBI/SANS Institute's "Top 10/20 Internet Security Vulnerabilities" document that became a standard for most computer security and auditing software. He is the co-author of the SANS Institute's "Responding to Distributed Denial of Service Attacks" document that was prepared at the request of the White House in response to the DDOS attacks of 2000. He was part of the SANS Institute's Secure Code project that developed a set of exams to test programmers' knowledge of secure coding techniques. He has been a member of the SANS Institute's faculty since 1992 and developed its original IT Audit course. He was on the original Center for Internet Security (CIS) team that developed Unix and Windows security benchmarks and scanning tools. He is currently developing the US Cyber Camp Instructor School training curriculum. The Cyber Camp Instructors will facilitate and teach Cyber Camps around the country under the auspices of the US Cyber Challenge (www.uscyberchallenge.org). The US Cyber Competitions is a national effort to identify high school and college students who Demonstrate cybersecurity aptitude. He is a co-author of the EDUCAUSE "Computer and Network Security in Higher Education" booklet. He is a member of the EDUCAUSE security task force focusing on risk assessment and security metrics. He was a coauthor of the original Center for Internet Security's series of Security Benchmark documents for Solaris, AIX and Windows2000. He is one of the founders of the Virginia Alliance for Secure Computing and Networking (www.vascan.org), a consortium of security practitioners and researchers from VA Tech, U of Virginia, James Madison Univ., George Mason Univ. He has been a frequent speaker at national and international conferences such as EDUCAUSE, SANS, IIA, ISACA, ACUA, Network Security, IEEE Symposium on Systems Management, NIST, NY State OIT Security conference, FBI-Infraguard chapters, US Forest & Wildlife Service, Computer Security Conference, DECUS-Canada, Air Force Material Command. He's been the subject of articles in the Chronicle of Higher Education on security issues at university campuses. He worked as a systems administrator for almost 20 years managing Unix (Solaris, AIX, RedHat, Centos), IBM VM, VAX VMS, VAX Ultrix, RT-11, IAS. He has worked on a variety of hardware platforms ranging from Intel 8080, 8001, 8008, z80, to state of the art hardware platforms. He was a recipient of the SANS Institute's Security Technology Leadership Award for 2000. He was a recipient of the VA Governor's Technology Silver Award in 2003. He was part of the team that won the EDUCAUSE Excellence in Information Technology Solutions Award in 2005. He is acknowledged as one of the North American masters of the hammer dulcimer. He is the author of the original theme song of National Public Radio's nationally syndicated radio program, "World Cafe". His band, "No Strings Attached" was nominated for or won "Indie" awards (independent record label's version of the Grammy) for Best Album (String Music) category in 1984, 1985,1986, 1988, 1990. Host: Michael Neely, mjneely@usc.edu, EEB 520, x03505 Back to [[start | CommNetS Seminar Page ]]
