Outsourcing critical business functions into the cloud can present challenges in creating and sustaining assurance and control over legal and regulatory obligations for data management and protection. The real challenge, however, is the creation of trust in the cloud through transparency and evidence-based confidence that everything that is claimed to be happening is, indeed, happening … and nothing else. The end result of such trust generation is the creation and capture of real payoffs for the consuming enterprise, and greater market utility for the provider enterprise. The CSA GRC stack and practice is designed to generate and make evident those layers of trust and transparency between cloud service providers and their customers. In this one-day workshop, you will learn how to leverage the Cloud Security Alliance (CSA) GRC stack, giving you a snap shot of emerging cloud standards development efforts, and the CSA Security, Trust & Assurance Registry (STAR). These insights will help you meet your organization’s due diligence requirements associated with trustworthy cloud supply chain adoption.
About Sean Cordero

Mr. Sean Cordero is a co-chair of the Cloud Security Alliance’s Cloud Control Matrix working alongside other industry leaders to drive the development of cloud security standards. He brings over 12 years of information security and IT experience across a diverse set of industries including: state and federal programs, bio-technology, retail, manufacturing, and financial services.
Mr. Cordero is also the founder of Cloud Watchmen, Inc. an information security firm focused on solving root cause IT security and compliance issues.
Prior to establishing his company Mr. Cordero is served as the CSO for EdFund, where his team oversaw information security over $39B loan portfolio. His previous leadership and technical roles have included: Director of Security and Compliance for Charlotte Russe, and global leader for Life Technologies Distributed Systems program.
Mr. Cordero has presented for CSO Magazine, Bsides, and ISACA events where he has applied his dynamic, but simple, message of pragmatic information security. Mr. Cordero is a certified CISSP, CRISC, CISM, and CISA.