From September 27 to 29, security experts will meet in Lausanne at CRITIS, the Conference on Critical Information Infrastructures Security. The conference is academically focused, but also provides an interface with the business community.
I am pleased to speak on Cloud Security Risks.
Critical infrastructure software, whether embedded software to manage smart grids, software on medical devices, or digital infrastructure such as a digital identity card, must be developed at some point. In the context of supply chain attacks, this means that software must also be produced in a secure manner.
However, software is not developed by one person alone in a quiet room. Often, several groups write code at the same time. This is also the case across company and organizational boundaries. As a result, a collaboration platform is needed.
The question that arises is whether the cloud can serve as a secure collaboration environment for software development, even for critical infrastructure systems. In this talk, I will explore this question and share lessons learned from the field.