Mike Bursell
Executive Director, Confidential Computing Consortium
Cambridge, United Kingdom
Actions
Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project (https://enarx.dev), and was CEO and co-founder of Profian, a start-up based on Enarx. He has previously served on the Governing Boards of the CCC and the Bytecode Alliance and currently holds advisory board roles with various start-ups. Previous companies include Red Hat, Intel and Citrix, with roles in security, virtualisation and networking.
Mike is author of "Trust in Computer Systems and the Cloud", published by Wiley in 2021.
Area of Expertise
Topics
Uncouth users, dopey developers and crazy cryptographers OR why it's never the architect's fault
In this session, two jaded cybersecurity architects will present a taxonomy of personae who passively or actively get in the way of good security, explain why it's all definitely your fault and express frustration that the golden age of cybersecurity is always escaping their grasp. With examples and humour/humor (if they can agree on a spelling), your hosts will encourage you to do better next time and point out all the obvious (to them) things you've been doing wrong all these years.
Data and application sovereignty with Confidential Computing
There are increasing moves globally to protect data, applications and AI models from foreign interference, including from potential state actors. What place does Confidential Computing have in this world, and what still needs to be put in place to encourage progress?
An alternative approach to digital sovereignty: Confidential Computing
Digital sovereignty is a hot topic not only for governments but also for organisations that operate across jurisdictional and national boundaries - and therefore all major financial businesses. Restricting the ability of foreign-owned or foreign-controlled organisations OR GOVERNMENTS to access data owned by, about or important to national citizens or interests and reducing dependence on foreign-owned or -controlled infrastructure is complex, but becoming a firm requirement from regulators and lawmakers.
Most approaches attempt to move computing resources - often to less-appropriate or favourable locations - or to rely on contractual agreements. This session introduces an alternative: using Confidential Computing to isolate applications and their data from the underlying infrastructure, operators and owners.
We will discuss the basics of the technology and then examine how well it fits the needs of digital sovereignty, taking a risk-based approach balanced with the operational realities of running complex systems in a financial environment.
A technical introduction to Confidential Computing
Confidential Computing is widely available and provides a variety of capabilities to help manage sensitive data within the financial sector. This session, by a long-term expert in the field, and Executive Director of the Linux Foundation's Confidential Computing Consortium, will introduce the technical basics around Confidential Computing, providing a foundation for teams to understand its relevance to their needs and to plan how they might adopt it. It will also introduce some of the most visible open source projects in the area.
"I didn't peek: and I can prove it": Confidential Computing for audits and regulators
Protecting privacy for customers and business partners is a key requirement across jurisdictions and sectors, but proving that privacy is preserved can be extremely difficult. Confidential Computing, available as a chip-level capability across servers and clouds, provides not only isolation for sensitive data and applications, but also cryptographic assurances that it is in place.
This session explains how Confidential Computing can be used as the basis for privacy-centric systems and processes, and the types of assurance that can be derived using remote attestation.
Confidential Computing also has uses across supply chain, collaboration, AI and blockchain - we will touch on these topics as well.
"Of course it's not a heart attack" - my wife
Spoiler - sometimes it is a heart attack. Burn-out isn't just a mental phenomenon: there can be major physical impacts, too. In this session, we'll look at a signs to look for in yourself, colleagues and family members that might suggest it's time to re-evaluate your approach to work and life generally. And, equally important, we'll also discuss what we can do to reduce the likelihood of burn-out in our communities, organisations and families, from monitoring activities to cultural changes.
With lots of humour and pictures of cuddly animals, why not come along and learn fun lessons like:
- how not to have a heart attack!
- how to recognise when you might be having a heart attack!
- what to do if you think someone else is having a heart attack!
- why I don't plan on having another heart attack!
What, who, why and when we trust: open source defined
This session discusses how trust is established within and around communities, and the very particular characteristics of trust and open source. Trust is often ill-defined, and understanding what it means allows us to model our interactions - and plan how we build, deploy and operate open source (and even proprietary) software. Mike is the author of "Trust in Computer Systems and the Cloud" (Wiley, 2021), and has been involved with open source for over 20 years. Join him to uncover what we can do to explain trust around open source, how we can model what we do and how we can improve trust towards, within and between our communities.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top