Welcome!

Containers Expo Blog Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Blog Post

Compliance and Security | @CloudEXPO #Cybersecurity #GDPR #ArtificialIntelligence

The Real Drivers of Cloud, IoT, and AI Outsourcing and Performance

Compliance and Security: The Real Drivers of Cloud, IoT, and AI Outsourcing and Performance

In 2018, the shifting emphasis to IoT, Artificial Intelligence (AI), virtual reality (VR) and automation seem to overshadow cloud; yet, I believe it is just the opposite.  A recently published industry survey shows that by 2020, the use of public cloud will grow dramatically.  Business goals related to actively adopting AI, IoT and machine learning strategies are prompting IT teams to consider outsourced cloud and cloud experts to move faster than competitors. The formats and pilots incorporating these technologies can be seen across multiple markets and segments including government, retail, and industrial bases.  The use of AI, VR, and IoT is also driving the technology, compliance and cybersecurity markets necessary to support these innnovations. For example, nowadays there are a number of automotive, entertainment and digital marketing companies with dedicated cyber teams.

Although the new hot-button terms are IoT, AI, and VR, the reality is that these applications are dependent on mobile gateways and extended infrastructures that are cloud-based. New entrants to the marketplace could not exist without cloud and the tsunami of innovations are absolutely dependent upon new applications and redefined cybersecurity and operational compliance.

With all these changes taking effect, we are seeing the extended liabilities of the cloud supply chain. Although in many instances, cloud infrastructure provides greater management of cyber risks, the opposite may be true related to the expanded threat surface of due diligence. Recent awareness of Meltdown and Spectre flaws in Intel, AMD and ARM provided a renewed focus on more than just encryption.

While the implications of privacy and responsibility for data flow through known and unknown cloud applications (infrastructure through SaaS) places data owners at risk for privacy, General Data Protection Regulation (GDPR), controlled unclassified information (CUI) and the implications of the Draft Guidance in NIST SP 800-53, Rev. 5. Updated NIST guidance in Rev. 5 provides a challenging environment wherein attributes and privacy consent are directly linked to data flow and information risk management.

This article details the next steps for meeting compliance.

Balancing Innovation and Compliance

Balancing the risks and rewards of innovation and compliance means incorporating known FTC precedence, CUI/DFARS, FedRAMP, and European Union's GDPR requirements.  New technologies are entering the field as Software-as-a-Service (SaaS) to address IoT, Cloud, VR and AI in a more automated fashion. Consistent with containerization and microservices as well as other rapid cloud development, an automated compliance strategies may make sense.

For many corporate leaders, before an executive decision is made to automate compliance, it may be better for leaders to acquaint themselves with the standards and what might constitute due diligence and risk reduction in liabilities at the business level.  Revenue derived from innovation is always balanced by the financial liabilities or lost revenue of privacy or compliance violations.

FedRAMP and CUI have generated standard requirements, PII and GDPR are specific about actions to be taken, and FTC and FCC claims for consumers, translate into a complicated and complex path to meeting compliance. For some, the cloud apps and capabilities will improve their overall security posture.  For others, cloud applications and the extended services of automation and IoT we see today, will drive complications.

Although there is no shortcut to compliance and due diligence, there are three keys to present to organizational executives or to take as a technology leader:

  • Understand your boundaries and data.  Boundaries in the cloud are considerably different than information and data held by the company.  The contractual, managerial, and technical services internal to and external to the organization may cross corporate and customer needs.  The risks related to third parties and the supply chain means understanding the data handoffs between systems. When attacks occur, can you understand the risks related to where the data meets your architecture/cloud services under contract?  Ongoing review may find that different elements of data are at different stages within and external to your boundaries.

  • Implement technical enforcement.  Automated technical enforcement of security is a force multiplier. As IoT and AI provide non-stop data collection and sharing, only automated technical capabilities will be able to alert, audit, management and report on the more commonplace functions of the digital world. Through continuous technical management, dynamic assessments and reprioritization of complex multi-tiered applications becomes possible.  In some instances, adapting technologies may create more competitive knowledge for your organization.

  • Document Data Risks. Understanding the boundaries of the system used for business data and the technical protections are the first and second steps.  However, knowing the risks and the risk tolerance is the final step in determining value of the data and the liabilities that could affect the business/organization.  The ability to translate the risks into a plan of actions serves to demonstrate due diligence and prudence. Risk documentation helps to prioritize at the executive and operational levels which responses should and shouldn't be prioritized.

Looking ahead, current and active compliance mandates such as CUI/DFARS, Privacy, and FedRAMP will likely drive how companies approach their pilot steps into AI, IoT, AR, VR and automation.  Emerging tools and solutions offer an advantage for compliance if the enterprise perspective is visible. Small and medium businesses (SMBs) often bear a greater burden to demonstrate compliance.  The real burden is crafting the right cloud solution at the right cost to meet the requirements even as they evolve.

Business leaders and technologists should remain focused on cloud as a method to integrate and address the challenges of innovation and compliance in their go-to-market/lead-the-market strategies.  Like other forms of cloud computing, the convenience and cost may be more manageable.

Don't be afraid to cloud hop to get the solution or services you need.  Stay Nimble Cloud Lover.


DXWorldEXPO LLC, the producer of the world's most influential technology conferences and trade shows has announced the conference tracks for CloudEXPO | DXWorldEXPO 2018 New York.

DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City.

Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.

A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throughout enterprises of all sizes.

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

Sponsorship Opportunities Here

Speaking Opportunities Here

Sponsorship and Speaking Inquiries: [email protected].

2018 Conference Agenda, Keynotes and 10 Conference Tracks

DXWordEXPO New York 2018 and Cloud Expo New York 2018 agenda present 222 rockstar faculty members, 200 sessions and 22 keynotes and general sessions in 10 distinct conference tracks.

  • Cloud-Native | Serverless
  • DevOpsSummit
  • FinTechEXPO - New York Blockchain Event
  • CloudEXPO - Enterprise Cloud
  • DXWorldEXPO - Digital Transformation (DX)
  • Smart Cities | IoT | IIoT
  • AI | Machine Learning | Cognitive Computing
  • BigData | Analytics
  • The API Enterprise | Mobility | Security
  • Hot Topics | FinTech | WebRTC

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

DXWorldEXPO | CloudEXPO 2018 New York cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 200 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor brings together the world's leading companies throughout the world of Cloud Computing, DevOps, FinTech, Digital Transformation, and all they entail.

As your enterprise creates a vision and strategy that enables you to create your own unique, long-term success, learning about all the technologies involved is essential. Companies today not only form multi-cloud and hybrid cloud architectures, but create them with built-in cognitive capabilities.

Cloud-Native thinking is now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector.

CloudEXPO is the world's most influential technology event where Cloud Computing was coined over a decade ago and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals.

FinTech Is Now Part of the DXWorldEXPO | CloudEXPO Program!

Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.

Accordingly, attendees at the upcoming 22nd CloudEXPO | DXWorldEXPO November 11-13, 2018 in New York City will find fresh new content in two new tracks called:

  • FinTechEXPO
  • New York Blockchain Event

which will incorporate FinTech and Blockchain, as well as machine learning, artificial intelligence and deep learning in these two distinct tracks.

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

Sponsorship Opportunities Here

Speaking Opportunities Here

Sponsorship and Speaking Inquiries: [email protected].

FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.

More than US$20 billion in venture capital is being invested in FinTech this year. DXWorldEXPOCloudEXPO are pleased to bring you the latest FinTech developments as an integral part of our program.

DXWorldEXPO | CloudEXPO are accepting speaking submissions for this new track, so please visit Cloud Computing Expo for the latest information or contact us at [email protected]

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

Sponsorship Opportunities Here

Speaking Opportunities Here

Sponsorship and Speaking Inquiries: [email protected].

Download Slide Deck ▸ Here

Only DXWorldEXPO | CloudEXPO bring together all this in a single location:

Attend DXWorldEXPO | CloudEXPO. Build your own custom experience. Learn about the world's latest technologies and chart your course to Digital Transformation.

22nd International DXWorldEXPO | CloudEXPO, taking place November 11-13, 2018, in New York City, will feature technical sessions from a rock star conference faculty and the leading industry players in the world.

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

Sponsorship Opportunities Here

Speaking Opportunities Here

Sponsorship and Speaking Inquiries: [email protected].

Download Slide Deck: ▸ Here

Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS - software, platform, and infrastructure as a service.

With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.

Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers.

Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)

Sponsorship Opportunities Here

Speaking Opportunities Here

Sponsorship and Speaking Inquiries: [email protected].

Download Slide Deck: ▸ Here

Companies are each developing their unique mix of cloud technologies and services, forming multi-cloud and hybrid cloud architectures and deployments across all major industries. Cloud-driven thinking has become the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, and the public sector.

Sponsorship Opportunities

DXWorldEXPO | CloudEXPO are the single show where technology buyers and vendors can meet to experience and discus cloud computing and all that it entails. Sponsors of DXWorldEXPO | CloudEXPO will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers.
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35-minute technical session
  • Online advertising on 4,5 million article pages in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage.
  • Unprecedented PR Coverage: Unmatched editorial coverage on Cloud Computing Journal.
  • Tweetup to over 100,000 plus Twitter followers
  • Press releases sent on major wire services to over 500 industry analysts.

Secrets of Our Most Popular Sponsors and Exhibitors ▸ Here

For more information on sponsorship, exhibit, and keynote opportunities, contact [email protected].

Sponsorship Opportunities Here

Download Slide Deck:Here

Speaking Opportunities

The upcoming 22nd International DXWorldEXPO | CloudEXPO November 11-13, 2018 in New York City, NY announces that its Call For Papers for speaking opportunities is now open.

Secrets of Our Most Popular Faculty Members ▸ Here

Submit your speaking proposal Here or by email [email protected].

Download Slide Deck: ▸ Here

About DXWorldEXPO LLC

DXWorldEXPO LLC is a Lighthouse Point, Florida-based trade show company and the creator of DXWorldEXPODigital Transformation Conference & Expo. The company produces and presents CloudEXPO, DevOpsSummitFinTechEXPO Blockchain Event, the world's most influential conferences and trade shows.

More Stories By Maria C. Horton

Maria C. Horton, CISSP, ISSMP, IAM, is Founder and Chief Executive Officer of EmeSec Incorporated. She founded EmeSec in 2003 after retiring from two decades as a Navy Officer where she rose to the rank of Commander. As a hands-on cybersecurity expert, she grew the company to become a leading provider of Cloud Security and Engineering Services delivering cyber assessments, protections and business enablement.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determ...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...