(The Hosting News) – Everywhere you turn the “cloud” is the latest big thing when it comes to storing data and reducing costs for companies worldwide. Many assume that because their data is being stored offsite it is securely preserved and they no longer have to worry about risk.
“Au contraire. Risk cannot be outsourced,” says professional ethical hacker, Dave Chronister of Parameter Security (St. Louis, MO). Mr. Chronister went onto say, “It’s because of this mindset that hackers are preying upon the cloud and are gaining control of huge stores of information through a single attack” – which is exactly what Mr. Chronister recently did.
Mr. Chronister went onto say, “During a recent cloud security audit, I was able to identify a zero day exploit and within minutes gained access to the cloud sphere and every system that was on that cloud—giving me complete control. Needless to say, the client was shocked because they were touting their cloud offering as 100% secure.”
Bringing his real-world cloud hacking experience to event goers at TakeDownCon in Dallas in May, his presentation entitled “The Cloud is a Smoke Screen” provides eye-opening information about the false sense of security cloud providers and users possess. Specifically, Chronister’s presentation will:
- Expose various cloud vulnerabilities
- Address cloud security issues
- Provide insight into selecting cloud providers and questions to ask with regards to data security, risk and incident response
- Offer ways to successfully implement your own cloud solution and mitigate risk
- Share his real-world experiences hacking multiple cloud environments
- And much more
Chronister’s presentation will take place at EC-Council’s TakeDownCon Hacking Conference and Training event, May 9, 2012 at 2 p.m. at the Westin Central Park Dallas in Texas.
About Dave Chronister
Dave Chronister is a professional ethical hacker and managing partner of St. Louis-based ethical hacking firm Parameter Security. He has provided auditing, forensics and training to clients worldwide. His expertise has been featured in various media outlets including: CIO Magazine, Information Security Magazine, InfoWorld Magazine, Computerworld, St. Louis Post Dispatch, St. Louis Business Journal, Bank News, American Banking Journal, KTVI Fox News and more.
About Parameter Security
Parameter Security™, an ethical hacking firm, was born out of the need to help protect our businesses, government, health care, financial and educational institutions and various organizations globally from vicious hackers. As Certified Ethical Hackers, we emulate the minds and behaviors of malicious hackers to test the security of your systems and employees. What makes us different is that we use the information gathered to empower you by explaining how we gained access to your sensitive data, the type of information we retrieved and offer recommendations on how to improve your overall information security. Parameter Security offers IT compliance audits, penetration testing, vulnerability assessments, social engineering, wireless security audits, secure code reviews, computer forensics and much more. Contact Parameter Security at 314.442.0472 or http://www.parametersecurity.com.
This highly technical IT security conference series was launched in 2011 in Dallas, Texas. TakeDownCon is a no-frills and topic focused conference series that is targeted toward security engineers, researchers and analysts. The topical theme of this unique event series is broken up into two tracks (Attack & Defense.) which revolve around some of the most talked-about security issues such as Web Application Security, SCADA and Critical Infrastructures and Cloud Security. For more information about TakeDownCon please visit: http://www.takedowncon.com
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker, Computer Hacking Forensics Investigator, Certified Security Analyst, License Penetration Tester programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacking (CEH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional, Certified Security Analyst, and Licensed Penetration Tester (LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).
For more information about EC-Council, please visit http://www.eccouncil.org.