API Security & Legal Risk Workshop #3 - Security & Legal Risk Management

In collaboration with FRSecure, and TeejLab, ISACA San Diego is excited to announce our interactive online workshop series on API Security. Consisting of 4 workshops in total, each workshop is designed to help individuals and organizations understand the importance of Web APIs in today's digital economy, and various business risks they pose to organizations.

Web APIs benefit organizations immensely through accelerated innovations, newer business models, competitive differentiation. Their growing significance can be measured based on the fact that APIs contribute 83% of the Internet traffic today. This growing API usage also means increased cybersecurity risks for enterprises. Given the importance of APIs in digital transformation and the risk they pose to enterprises, it is imperative for Security, Compliance and Audit professionals to better understand various API risks.

In this 4-series workshop, we'll discuss various risks that originate from enterprise API ecosystems. In particular, we'll talk about business risks that are tied to the underlying API security problems. We’ll then provide an overview of an API Governance framework that effectively manages API business risks. This framework is inspired by Software Composition Analysis (SCA) and Zero Trust model. Throughout these workshops, we’ll highlight the best industry practices and hands-on examples for API Risk Management.

Note that these workshops are online, open to the public, available at no cost, and designed for curious minds of all ages and level(s) of technological experience. Participants will receive 4 CPEs per workshop for attending complete sessions. Therefore, aspiring attendees have the chance to receive up to 16 CPEs by attending all 4 workshops.

Details of the first workshop are already provided below. Do not forget to register through the link provided below. Note also that there will be separate/unique registration links for each of the workshops. Details of the remaining 3 workshops (and their registration links) will be provided later. So please continue to visit this page for more updates.  

SESSION CONTENT
Section 1:
20 mins: The Basis of Legal Framework
- What is an API – Definition and the importance of backend/frontend
- API compliance for businesses, developers, and legal teams

25 mins: The Legal Landscape of APIs and Data
- Key API Agreements & Policies: ToS, EULA, SLAs, DPAs, Privacy Policy, Platform Policy
- Data privacy (GDPR, CCPA, HIPAA) and Security compliance (authentication, encryption)

30 mins: API Types, Ownership and Intellectual Property Rights
- Open-source APIs vs. proprietary APIs; Licensing models (e.g., open API licenses, restrictive licenses)
- Who owns the APIs and the data it processes? Intellectual property (ownership of API code and data)

15 mins: {Account Setup/Help and Break}

Section 2:
50 mins: Key Considerations for API Producers
- Understanding API Monetization Models
- Legal Considerations for API Monetization
- Intellectual Property (IP) & Licensing

10 mins: {Break}

Section 3:
50 mins: Key Considerations for API Consumers
- Understanding API Restrictions: Rate Limits, Fair Use, and Quotas
- The Hidden Risks of Third-Party APIs: Legal Liabilities You Need to Know
- Avoiding API Integration Nightmares: Legal and Compliance Strategies

30 mins: Summary and Conclusions

Section 4:
- Take Home Exercises
- Questions and Answers

NOTE
For viewing the workshop, please attend via a laptop or desktop computer, as a mobile phone will not allow you to perform the hands-on exercises.

REGISTRATION PROCESS
To fully participate in the workshops, it requires you register for the Zoom webinar and be enrolled in TeejLabs’ website. The steps below describe how the process works.

1. Register for the workshop, using the Zoom registration (above)
2. We will import your Zoom registration in TeejLab’s website, which will automatically enroll and send you a welcome notification.
3. The invitation from TeejLab’s webiste will be sent from ZWRzbi1hZG1pbiB8IHRlZWpsYWIgISBjb20=. Make sure and spam filters are configured to accept emails from this address.
4. Follow the prompts to complete the setup of your account.
5. Download and familiarize yourself with the TeejLab Platform - Community Guidelines

We recommend completing this as soon as possible. For anyone having challenges, there is some time set aside during the workshop to provide assistance. If you have any questions, please contact us at aXNhY2FzYW5kaWVnbyB8IGdtYWlsICEgY29t.

SPEAKERS

Dr. Baljeet Malhotra is an award-winning researcher and a global tech leader known for his work in Open Source and API Risk Management. He founded TeejLab in 2019 and steered the team to build API Discovery and Security™, world's first end-to-end API Risk Management platform. Prior to TeejLab, he established the R&D unit of Black Duck Software in 2016 (acquired by Synopsys for $565 million). He also served as Research Director at SAP and Senior Software Engineer at MahindraTech. He received a PhD in Computing Science from the University of Alberta and won several awards including NSERC (Canada) scholar and Global Young Scientist (Singapore). He concurrently holds Adjunct Professor positions at the University of British Columbia, University of Victoria and University of Northern BC. He has given numerous ISACA, ISSA, IIA, ISC2, OWASP talks globally, and published several papers, patents and articles.

Visit Baljeet on LinkedIn: https://www.linkedin.com/in/baljeetmalhotra/

Also check out other Workshops in San Diego, Virtual events in San Diego.