Michael Berman joined Catbird as Chief Technology Officer in October 2006, with over 20 years experience in system engineering, architecture, design and implementation of secure computing. Michael's experience in information security is far-reaching, including implementation of C2 UNIX; Fortune 100 enterprise security; and expert support in the prosecution of high profile computer crimes such as "United States v. Robert S. Gordon." Michael was previously a principal at IS–DATA, LLC an elite enterprise security design and computer forensic investigation professional services company. He performed hundreds of computer forensic investigations, designed enterprise security solutions and lead security assessments. Michael served in numerous roles for his service customers: ISO 27001 compliance manager, Chief Security Officer and Incident Response Manager. Prior to IS–DATA, Mr. Berman was the Western Region, VP of Professional Services for Predictive Systems, Inc, delivering security services and assessments nationally to numerous industries. Michael received his BA in Computer and Information Sciences from the University of California Santa Cruz. He is a Certified Information Security Systems Professional (CISSP 4097) and a member of the SF Electronic Crimes Task Force and High-Tech Crime Investigation Association.
Security, Protection, and Compliance for Virtual Infrastructure (and the Cloud) - Building Security into the Fabric
Commodity virtualization based on VMware and Xen platforms (among others) is driving a new technology wave in the data center. This wave is transforming space, power, and infrastructure utilization; drastically altering how resources are provisioned, protected, and audited. On this foundation, service providers are building a new type of data center — the cloud data center. The cloud data center combines flexibility, elasticity, and virtualization with self-service, on-demand multi-tenancy. With over 400 million users already interacting in the cloud, the cloud data center will be the ubiquitous data center of the future. This talk will describe from the cyber-crime investigator’s perspective, the past, present and future of cloud security with an emphasis on: • Threats and attacks • Prevention, detection, and incident response • Audit and compliance