David Cass

Security and Privacy are essential in today’s digital economy. 2014 was a year of large-scale security and privacy breaches, leaving everyone asking themselves how much should we trust companies with our sensitive information. Currently, there are more than 80 countries with privacy laws. Violating these laws may result in fines, brand damage, and/or loss of revenue.

Cyber intrusions and attacks have increased dramatically over the last decade, exposing personal and business information, disrupting operations and imposing high costs on affected businesses. Despite its expertise in security, the gaming industry is no stranger to this threat. During this session, learn about potential vulnerabilities for all businesses as well as those unique to the gaming industry and how best to safeguard against them. Attendees also will gain insights on developing a… Show more

Cyber intrusions and attacks have increased dramatically over the last decade, exposing personal and business information, disrupting operations and imposing high costs on affected businesses. Despite its expertise in security, the gaming industry is no stranger to this threat. During this session, learn about potential vulnerabilities for all businesses as well as those unique to the gaming industry and how best to safeguard against them. Attendees also will gain insights on developing a response plan for use in the unfortunate event of an attack.
• Learn how, and why, hackers do what they do.
• Hear about the technology available to protect your data.
• Assess your organization’s vulnerability to cybercrime. Show less

With the increasing utilization of cloud, mobile, social and big data, the traditional model of Information Security has changed. As organizations grapple with these key changes how do you know if your information security program is protecting the right things and how do you gauge security maturity in this new paradigm? How can you answer the question: “How mature is my Information Security program?”

Abstract: Greater London has one of the largest concentrations of CCTV cameras in the world and its police service is among the first to experiment with body-worn cameras for its officers and other government agencies and corporations are managing and securing records and data of tens of millions of people. All of these entities stand to benefit from the cloud, but the sensitivity of their data makes its' security paramount. Can we trust the cloud with our most sensitive data types? What should… Show more

Abstract: Greater London has one of the largest concentrations of CCTV cameras in the world and its police service is among the first to experiment with body-worn cameras for its officers and other government agencies and corporations are managing and securing records and data of tens of millions of people. All of these entities stand to benefit from the cloud, but the sensitivity of their data makes its' security paramount. Can we trust the cloud with our most sensitive data types? What should a cloud model include to ensure the integrity, reliability, security and availability of sensitive information for those who need to see it? What solutions make sense and what should we be asking of our cloud providers? This panel will explore these issues and identify areas where industry and government can work together to fully achieve the benefits that the cloud can deliver - including a secure environment that can also protect our privacy. Show less

David Cass is the most softly spoken and unassuming security executive that I've had the pleasure of meeting. Surprisingly young in comparison with many of his peers, his experience and insight...

The way organizations and people work today has dramatically changed. Social, Mobile, and Cloud require us to change the way that we practice information security. We must move from a short term focus to having a long term vision and strategy.
We will discuss:
- What is adaptive security?
- Achieving business alignment
- Moving from an operational view of security to an outcome based view
- Focus on principles
- Positioning your security team for success
-… Show more

The way organizations and people work today has dramatically changed. Social, Mobile, and Cloud require us to change the way that we practice information security. We must move from a short term focus to having a long term vision and strategy.
We will discuss:
- What is adaptive security?
- Achieving business alignment
- Moving from an operational view of security to an outcome based view
- Focus on principles
- Positioning your security team for success
- Putting it all together Show less

The public cloud has not only settled on the IT landscape, it has infiltrated every facet of the business. It presents complex issues around identity management, compliance and data intelligence, and CISOs wonder if the risk is worth the ROI. For David Cass of Elsevier, successful cloud adoption is about establishing governance that takes advantage of the cloud’s versatility. This means engineering the appropriate intelligence for your organization, building a data security framework and… Show more

The public cloud has not only settled on the IT landscape, it has infiltrated every facet of the business. It presents complex issues around identity management, compliance and data intelligence, and CISOs wonder if the risk is worth the ROI. For David Cass of Elsevier, successful cloud adoption is about establishing governance that takes advantage of the cloud’s versatility. This means engineering the appropriate intelligence for your organization, building a data security framework and assessing providers on cloud security standards. In this session, learn how his risk-based approach to cloud translates into competitive advantage. Show less

As information security teams grapple with the challenges of securing an increasingly complex and ever changing threat landscape they have an opportunity to transform information security into an enabling function, supporting and adding value to the business as it transforms and innovates.

So how can an information security function evolve to become business-led? How do you bring business knowledge into the security team and educate security practitioners about the implications of… Show more

As information security teams grapple with the challenges of securing an increasingly complex and ever changing threat landscape they have an opportunity to transform information security into an enabling function, supporting and adding value to the business as it transforms and innovates.

So how can an information security function evolve to become business-led? How do you bring business knowledge into the security team and educate security practitioners about the implications of threats for the business? How can you challenge negative perceptions of risk within information security? How can security functions start thinking like the business and become a business partner? How does information security become fundamental to the business rather than just a compliance issue? How should information security practitioners engage the business and get management and stakeholder buy-in? How can information security and business work together to create a common language to ensure the effective communication of risk intelligence without instilling FUD?

During this session the panel will discuss how information security practitioners can position security as an enabling function and truly support the business including:

How to integrate security into agile business practices and transformation
New strategies to educate the security team to understand business objectives and speak the language of the business
How security can help the business collaborate internally, with suppliers and with customers
How the security function can inform and contribute to business decision-making
What skills are required for an effective security professional and what does this all mean for the role of the CISO? Show less

Information security professionals must have a good understanding of the business they support, says David Cass, chief information security officer (CISO) for publishing firm Elsevier.

“They must know what is important to the business and what the key business drivers are so that information security can be aligned with those,” he told Computer Weekly.

Industry and academic experts from around the world will share their knowledge and research on systems engineering topics in the area of Emerging Technologies for Evolving Systems: Socio-technical, Cyber and Big Data