Different countries have different sets of requirements in terms of regulatory compliance when adopting cloud services. In the Philippines specifically in the financial sector, there are 3 methods to engage in cloud providers which are private cloud, hybrid-cloud and multi-tenant cloud. The multi-tenant option needs stringent compliance protocol and CISO must do their due diligence in risk assessment, controls and cloud infrastructure. Marlon will share his journey to adopting cloud services with the Philippine’s regulatory framework and compliance in mind with focus on: 

• What you need to take note of when putting data on the cloud and ensuring security checklist is in accordance with controls in place 
• Being compliant with privacy and abiding with regulators on cross-border data, who is liable when there is a breach of data and how to avoid this 
• The dos and donts of engaging cloud services in the financial sector and protecting company core data  
• Making your own thorough checklist as reference to conduct due diligence on the right cloud provider