Financial Service Stakeholder Platform Working Group Meeting

Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector.

He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, cyber security and privacy.

Currently he is the Chief Technology Officer, at Cloud Security Alliance, where he is responsible to drive, on a global scale, the adoption of the technology strategy roadmap within key CSA lines of business: Research, Membership Services, Standards, Education and Products. He identifies technology trends, global policies and evolving social behavior and their impact on information security and on CSA’s activities.

Daniele leads the product management for CSA and chairs the Futures Advisory Committee.

Mr Catteddu is the co-founder and executive of the CSA Open Certification Framework / STAR Program. Moreover he leads definition and implementation of the CSA research agenda in Europe and manages the relations with European public institutions and is member of the CSA International Standardization Council.

He has been recently appointed as Member of the Policy and Scientific Committee of the European Privacy Association.

In past he worked at CSA as Managing Director for the EMEA Region, at ENISA (European Network and Information Security Agency), as Expert in areas of Critical Information Infrastructure Protection (CIIP) and Emerging and Future Risks Management, and in particular, having a leading role in developing EU cloud security research. Before joining ENISA, Daniele worked as an Information Security consultant in the banking and financial sector.

Daniele graduated from the University of Parma (Italy) in Business Administration and Economics, and he is an ISACA Certified Information Security Manager.

Aaron Kleiner is Director, Industry Assurance and Policy Advocacy in Microsoft’s Global Security Strategy and Diplomacy team. In this role, Aaron leads a globally-distributed team responsible for enabling use of cloud computing by regulated industries and providing strategic direction for Microsoft’s engagement with cybersecurity policy forums.

Prior to joining Microsoft, Aaron served as an international trade attorney and market access policy specialist in the U.S. Department of Commerce, which he joined through the Presidential Management Fellows program. Aaron was also the Senior Legislative Assistant for the American Israel Public Affairs Committee.

Aaron received his undergraduate and law degrees from the University of Washington in Seattle, and he completed executive studies in regulatory management at the Harvard Kennedy School of Government. Away from work, Aaron represents asylum seekers and their families as a volunteer attorney.

As a Cyber Security Architecture consultant specialising in Security Architecture, Security Assurance and Cyber Innovation, Shittu has over 18 years experience in multi-national organisations and diverse business cultures. He is currently a consultant Cloud Security Architect with the Financial Conduct Authority (FCA) where he is responsible for providing guidance on assurance architecture of a cloud adoption programme.

Shittu pioneered and delivered innovative solutions while working with industry-leading organisations including the BP, trainline, Visa Europe, Cubic Corporation, British Midland International (BMI), British Airways, and SITA. He has led various security strategy, assurance and architecture initiatives based on multiple frameworks delivering business values across Europe, North America, Middle East and Africa.

Shittu holds a master’s degree in Information Security from the Royal Holloway University of London (RHUL), business education qualifications from Edinburgh Business School and Wits Business School (South Africa), and bachelor’s degree in computer science and engineering.

He is designated BCS Chartered IT Professional (CITP), (ISC)2 Certified Information Systems Security Professional (CISSP), PMI Project Management Professional (PMP). Shittu also holds practitioner level certifications in The Open Group Architecture Framework (TOGAF), BCS Enterprise and Solutions Architecture amongst others.

For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security and related technology industries as co-founder, CEO and driving force of the Cloud Security Alliance. Jim has been named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com.

Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, governments, large enterprises and other organizations on the implications of new trends such as Cloud, Mobility, Internet of Things and how to take advantage of them. Jim founded SecurityPortal, the Internet’s largest website devoted to information security in 1998, and guided it until a successful exit in 2000. Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and formerly served on WWU’s alumni board. Jim was recognized as a WWU Distinguished Alumnus in 2015. In 2016, Jim was inducted into the Information Systems Security Association (ISSA) Hall of Fame.

Damir Savanovic is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO 27001 and PCI DSS and before that for quality of IT processes based on COBIT and ITIL frameworks. Before joining Société Générale Group, Damir worked as Information Systems Auditor at Ernst & Young. His field of expertise is information security, cloud computing and assurance. He worked in variety of industries including financial, telecommunications, manufacturing and retail in the Central Eastern Europe. Damir has performed multiple information system audits, security and compliance audits in various banks and financial institutions in the region. With his broad knowledge of information security and understanding of IT and business processes, he is capable of communicating technical topics to business managers. He is very active in the community as board member of CSA Slovenia chapter and ISACA Slovenia chapter. Damir graduated from University of Ljubljana (Slovenia) in Information Technology and holds CCSK, CISM and CISA certifications.

With 14+ years in information security Jim has experience in a wide range of security topics like physical security and IT security. Jim is specialised in cloud computing security. Outside of his work he is active as a Dutch chapter board member for ISSA and Cloud Security Alliance.