SIGS Special Interest Group
5th Cloud Security Forum

Save the DateClick on the .ics file to save the date

Target Audience Cloud/Cloud Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in Cloud Security

From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in this topic in their daily job) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

Rules This platform is held under Chatham House Rules!
CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS forum. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free park places available.
Train: railway station Zurich Airport – take the hotel shuttle

Date of Event 3rd November 2020
Further planned dates 2021: will follow
Language English
Participation Costs Fr. 55.— per participants
Organization, presentations, beverages and apéro riche included



1:30 – 2:00 pm Registration & Coffee
2:00 – 2:20 pm Giulio Faini, President CSA Chapter Switzerland

Introduction Cloud Security Alliance in Switzerland
The mission of the Cloud Security Alliance, Swiss Chapter is to advocate and promote a set of cloud security best practices based on guidance from the Cloud Security Alliance. Our goal in this area is to increasing awareness about the importance of security and privacy in the Swiss cloud services market and establish ourselves as a leading entity in this domain where Swiss industry can review documentation and speak to a subject matter expert.

Giulio will present the overall mission and the objectives for the CSA Chapter Switzerland for coming 2020 period.

2:20 – 2:40 pm Yves Gogniat, LL.M. in Information Technology Law / Attorney-at-Law and Partner at Wicki Partners AG as well as Board Member at CSA Chapter Switzerland

What happens to my data if my service provider goes bankrupt?
If a cloud provider goes bankrupt, this can lead to business-critical problems for customers. One of the biggest challenges is not to lose access to their data or how a customer can regain access.

The major problem is that the current law only provides a right of segregation for physical objects (Article 242 para. 1 SDCBA). From a legal point of view, data does not constitute an object. Therefore a customer of a bankrupt data centre does not have the possibility to make a request for separation and return of the data under current law.

The problem of an unsatisfactory legal situation has been known for some time, and it has now been included in the ongoing revision of the law regarding the adaptation of the blockchain.

What are the benefits of the revision of the law, and will all problems now have been solved?

2:40 – 3:00 pm Thomas Schaefer, Expert in the CISO Office at Swiss Mobiliar

Cloud Security – is that all it takes?
There are a lot of changes going on in today’s world. Most of them are relevant for security, call it IT security, information security or even cyber security. A lot of people currently talk about cloud security, but this is only one topic. There are a lot of other hot topics, especially third party management, which might be one of the most underestimated vulnerability in the common security setup of organizations. But this is one important precondition for the whole cloud transformation – cloud provider are third parties!

The key takeaway of this session is one simple point: if you want security, you have to know, control and reduce your risks. This is neither new nor fancy, it is simply a unavoidable fact.

3:00 – 3:30 pm (details will follow)


3:15 – 4:00 pm Break
4:00 – 4:45 Roundtable Discussions
3 different tables to discuss different topics. You can chose the one you like to attend and we will change the tables two times

–> Roundtable 1
moderated by Thomas Schaefer, Expert in the CISO Office at Swiss Mobiliar

Follow up “Cloud Security – is that all it takes?”

–> Roundtable 2
moderated by Yves Gogniat, LL.M. in Information Technology Law / Attorney-at-Law and Partner at Wicki Partners AG as well as Board Member at CSA Chapter Switzerland

Follow up “What happens to my data if my service provider goes bankrupt?”


–> Roundtable 3
moderated by Harman Singh, Co-Founder and Managing Consultant at Defendza Ltd.

Azure Active Directory – Cloud Security Threats & Countermeasures
Almost all – I mean more than 95% of the Fortune 500 companies – organisation use active directory services. Directory services have come a long way, especially looking down from cloud (Azure). From my experience of security consulting helping organisations protect their AD and delivering hacking trainings and assessments – I will be sharing some tricks and treats to immune your Active Directory infrastructure. The talk will include threats as well as mitigations around azure active directory, traditional AD security. You may need a basic technical mindset around functioning of active directory to understand certain/all parts of the talk. I can assure you takeaways to help you boost your AD security without much fuss of new products and ££££ spends!

4:45 – 5:30 2nd turn – change to another table

5:30 – 6:15 3rd turn – change to another table


The Sponsor of this event is:

Main Sponsor


This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share to use it with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.