Volunteers recognized for dedication, efforts to furthering cloud security best practices
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the recipients of its Ron Knode Service Award, recognizing CSA members from the Americas, Asia-Pacific, and EMEA regions for their excellence in volunteerism. The honorees were selected by the CSA executive team and chosen based on their valuable contributions towards fulfilling CSA’s mission of promoting best practices to help ensure a secure cloud computing environment.
“Ron’s passion for advancing cloud security set the bar for what it means to be a CSA volunteer and is matched each year by the recipients of this eponymous award. Each of them in their own way channels his volunteer spirit, and we are grateful for their ongoing commitment,” said Jim Reavis, co-founder and CEO, Cloud Security Alliance.
Ron Knode was an information security expert and member of the CSA family who passed away in May 2012. He is remembered as an innovative thinker with endless energy and humor to guide his volunteer contributions. He also was the creator of the CSA CloudTrust Protocol, which today remains an important asset for the continuous monitoring and auditing for cloud assurance and transparency certification. Established in 2012, the Ron Knode Service Award is awarded annually to CSA members whose contributions reflect Ron’s passion for volunteerism and embody the spirit for which this award was established.
This year’s recipients are:
Dr. Ricci Ieong. Dr Ricci Ieong is the principal consultant of eWalker Consulting (HK) Ltd. and has over 20 years of industry experience in information technology, as well as more than 17 years of experience in IT security, where he specializes in security risk assessment, IT audit, penetration testing, and computer forensics investigation. He is the former vice chairman of professional development of Cloud CSA (HK & Macau Chapter) and has served on the CSA Cloud Incident Response Working Group. He is an active speaker at numerous security events, including CSA summits, in Hong Kong and throughout APAC, as well as being a qualified Certificate of Cloud Security Knowledge (CCSK) instructor and grandfathered to teach the Certificate of Cloud Auditing Knowledge (CCAK). Additionally, he is an adjunct assistant professor at a Hong Kong university, a program director in HKUSpace for the Digital Forensics Diploma course, and an authorized ISC2 Certified Cloud Security Professional (CCSP).
Claudius Lam. Claudius Lam is the marketing manager for Trend Micro, responsible for addressing the security challenges of enterprises by connecting market problems with Trend Micro’s solution and service offerings. He served as the chairman of CSA’s Hong Kong & Macau Chapter from 2015 to 2020, and today hosts monthly networking sessions to build awareness of CSA among the local community. He has organized several CSA CxO roundtables and hosted a CloudSEC talk in Hong Kong with CSA Federal Director Katie Lewin. Lam is continuously working to promote CSA and enlist Hong Kong companies as corporate members. A marketing and communication professional, Lam has been involved in information technology for more than 25 years.
Juan-Pablo Perez-Etchegoyen. Juan-Pablo Perez-Etchegoyen is the chief technology officer of Onapsis, where he leads the innovation team to ensure the company stays on the cutting edge of the business-critical application security market. He serves as co-chair of the CSA Enterprise Resource Planning (ERP) working group, where he leads the development of multiple documents and surveys to help organizations secure their ERP applications while migrating to the cloud. He is a sought-after industry speaker and holds his CCSP.
Shawn Harris. With more than 25 years of information security experience, Shawn Harris is currently the managing principal security architect at Starbucks Coffee Co. His background includes engineering, architecture, and executive responsibilities. Shawn is currently co-chair of the CSA Cloud Controls Matrix working group, where he led efforts to develop the Cloud Control Matrix 4.0. Additionally, he has served on CSA’s Consensus Assessments (CAIQ) and Enterprise Architecture working groups and has contributed material for ISC2 CISSP, ISSAP, and Certified Cloud Security Professional examinations. Further, he has served on the NIST Cloud Computing Security and IETF JOSE working groups.
Paul Rich. Paul Rich is the executive director, data management and protection for JPMorgan Chase & Co., where he leads the strategy and implementation within the company for unstructured data protection both in the cloud and on-premises. He is the co-chair of the CSA Cloud Key Management Working Group, which he envisions as a means of hearing diverse perspectives on the use of cloud services and expectations for both data privacy and security.
Michael Roza. Michael Roza is a risk, audit, control and compliance professional with 20-plus years of experience with organizations such as Bridgestone EMEA, Komatsu International, Mitsui Novus International, Johnson & Johnson Inc., and Baxter, Inc. Within CSA, he has served as lead author/contributor for 11 projects completed by CSA’s Internet of Things, Blockchain/Distributed Ledger, Top Threats, Cloud Control Matrix, and Software Defined Perimeter working groups. Professionally, he has worked with several high-tech startups serving the network management and contact center software markets, in addition to disk manufacturing, and radiological cancer treatment markets. He has held lead positions in SAP configuration and transformation teams, as well as SAP Segregation of Duties and IT General Controls projects. Roza also served as secretary or observer of various committees and councils such as internal audit, risk management, governance and risk, information security, and corporate social responsibility. He is a Certified Information Systems Auditor, Certified Public Accountant, and Certified Internal Auditor.