Storage Security Summit 2022 Agenda


Wednesday, May 11, 2022

7:00 AM

Breakfast Roundtable
Storage Security: Preparing for disruption

This roundtable is a live session with internationally recognized experts who will set the stage for the Summit. The threat and regulatory landscapes, as they relate to storage, will be highlighted. Storage security challenges and opportunities will also be explored with an eye to possible future directions. Lastly, the concept of “reasonable” security within the context of storage will be probed, including the legal implications and ramifications.

Eric Hibbard, Fredrik Forslund, Lucy Thomson & Johann Amsenga. Moderated by Thomas Rivera

8.30 AM


Before the sessions start, selected speakers will provide you with a 5-minute primer on their subject. These short introductions will help you understand the terminology and acronyms before attending the session.

9:00 AM


9:00 AM


Mandatory cybersecurity certification requirements coming of age in the EU
Miguel Banon, Convenor of ISO/IEC JTC 1/SC 27/WG 3, CEN/CLC TC 13/WG 3

9:35 AM


Secure your storage or we'll see you in court!
Lucy L. Thomson, Esq. M.S. CISSP CIPP, Founding Principal, Livingston PLLC

10.10 AM


A Moving Target Defense for Data Storage Devices

Don Matthews, President and CEO, NexiTech Inc

10:40 AM



Cybersecurity and Privacy Track

Emerging Security Technology Track

Standards Track

10:50 AM

Importance of Cyber-Resiliency for next data decade

Anay Pathak, Advisory Consultant, CTO Ambassador, Dell Technologies


Key Per IO - Fine Grain Encryption for Storage

Fred Knight, Principal Standards Technologist, NetApp

ISO 27000 Series Update for ISMS

Eric Hibbard, Director, Product Planning - Storage Networking & Security, Samsung Semiconductor Inc.

11:10 AM

Warfare against digital extortions: Machine learning to secure your systems

Anand Kayande, Senior Principal Software Engineer, Veritas

ISO Storage Security Standard gets a refresh

Eric Hibbard, Director, Product Planning - Storage Networking & Security, Samsung Semiconductor Inc.

11:30 AM

Let Your Object Storage Save You From the Bad Guys!

Yuval Lifshitz, Principal Software Engineer, Red Hat

Computational Storage: Security call to arms and opportunities

Bill Martin, SSD IO Standards, Samsung Semiconductor Inc & Jason Molgaard, Co-Chair, SNIA Computational Storage TWG

The SPDM Protocol: Overview of Component Integrity as a Security Standard

Scott Phuong, Cisco & Brett Henning, Broadcom

11:50 AM

Cyber Storage: A little less conversation, a little more action

Doron Pinhas, CTO, Continuity Software

TCG DICE & DMTF SPDM Binding Overview

Chandra Nelogal, Distinguished Member of Technical Staff, Dell Technologies

12:10 PM

Quantum Safe Cryptography for Long Term Security

Basil Hess, Research Engineer, IBM Research Europe


12:30 PM

Persistent Data for Secured Containers – A Realisable Vision?

Nick Connolly, Chief Scientist, Datacore Software

Setting the Security Standard for OCP Hardware
Andres Lagar-Cavilla, Open Compute Project & Principal Engineer, Google
Symlink Races for dummies, and how to deal with them
Volker Lendecke, Developer, SerNet GmbH

12:50 PM



Cybersecurity and Privacy Track

MEDIA Sanitization Track

Storage Security & EXPLOITS Track

1:10 PM

Zero Trust or bust

Thomas Rivera, Cybersecurity & Privacy Professional, VMware Carbon Black

IEEE(TM) 2883 - Sanitization of Storage

Jim Hatfield, Firmware/Standards Engineer, Seagate Technology

Securing Access to Network Files whether on-premises or in the Cloud: SMB3.1.1 Security Overview

Steve French, Principal Software Engineer - Azure Storage, Microsoft

1:30 PM


Storage with Embedded Cybersecurity to Truly Protect Data

Tom Ricoy, Vice President of Strategic Alliances Cigent Technology Inc.

NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications
Konstantin Taranov, Research Assistant, ETH Zurich

1:50 PM

Sanitization or Anti-forensics? Implications of IEEE P2883 for digital forensic practitioners

Richard Austin MS, CISSP-Retired, AUXC

How to protect the integrity of electronic components and storage devices from supply chain attacks

Thorsten Stremlau, Co-Chair of the Marketing Work Group, Trusted Computing Group

2:10 PM


Zero Trust is all the rage, but where do we go from here?

This BoF session will discuss what Zero Trust is and where it is going, including considerations for implementation. For example, what does this mean in regards to existing Firewalls?

Hosted by Thomas Rivera, with contributions from Dr Ron Martin


3:00 PM


SNIA SMI Presents: The Security Protocol and Management Horizon - Discussing Potential Features for New Use Cases

Join panelists from DMTF, SNIA, CXL, TCG, OCP, and the PCI-SIG, as they discuss some potential new security features and enhancements under consideration to address divergent use cases.

Moderated by Jeff Hilland, with contributions from Scott Phuong, Mahesh Natu, Brett Henning and David Harriman

3:50 PM


This live session is intended to give the Reader’s Digest version of the SNIA Storage Security Summit, recounting the highlights from the various sessions. In addition to identifying what we learned during the event, it will provide a roadmap for further discovery for those sessions that participants may have missed.
This BoF is also an opportunity to ask specific questions that may not have been addressed in the earlier sessions. Depending on the questions and discussions, the panelists will explore topics that are top-of-mind. Lastly, we will ponder potential future storage security endeavors.
Hosted by Eric Hibbard, with contributions from Thomas Rivera

4.40 PM