Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)
|
|
- Baldric Horton
- 5 years ago
- Views:
Transcription
1 Make Cloud the Most Secure Environment for Business Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)
2 Enterprise cloud apps Consumer cloud apps The average organization now uses 1,935 cloud apps an increase of 15% over last year Source: McAfee Cloud Adoption Report, Nov
3 The average Financial Services organization uses 1,545 cloud apps Source: Work Finance 2018, Okta 3
4 Most Cloud Apps are not Enterprise-ready Source: McAfee Cloud Adoption Report, Nov
5 Office365, Workday, AWS, Azure?
6 Most Organizations: 38 days to patch a vulnerability regardless of security level 34 days to patch most critical CVEs Source: Tcell Report on Security Patching
7 Mature Cloud Providers: Weekly planned patching model Critical vulnerabilities patched in 24 hours Source: Tcell Report on Security Patching
8 Source: Gartner Through 2020, public cloud infrastructureas-a-service (IaaS) workloads will suffer at least 60% fewer security incidents than those in traditional data centers
9 Source: Microsoft Microsoft s annual security budget: $1bn
10 Source: Gartner Through 2022, at least 95% of cloud security failures will be the customer s fault
11 Cloud security is a shared responsibility
12 Shared Responsibility Model for Cloud IaaS PaaS SaaS Data Classification & Accountability Shared Responsibility Client & End-Point Protection Identity & Access Management Application Level Controls Network Control Customer Responsibility Service Provider Responsibility Host Infrastructure Physical Security 12
13 Shared Responsibility Model for SaaS Data Classification & Accountability Client & End-Point Protection Identity & Access Management 13
14 Shared Responsibility Model for SaaS Rogue Employee Unmanaged devices Compromised Accounts Collaboration Malware 14
15 87% companies permit employees to use unmanaged devices to access business apps Source: McAfee Cloud Adoption Report, Nov 2018
16 Source: McAfee Cloud Adoption Report, Nov % of cloud data is sensitive
17 83% of organizations worldwide admit that they store sensitive data in the cloud Source: McAfee Cloud Adoption Report, Nov 2018
18 48.3% of files in the cloud are shared
19 12% of shared files are accessible to anyone with a link 14% of files shared with a personal address Source: McAfee Cloud Adoption Report, Nov
20 Cloud is the new favorite target of threat actors Source: McAfee Cloud Adoption Report, Nov
21 81% of all hacking-related breaches leveraged either stolen and/or weak passwords Source: Verizon Data Breach Investigation Report 2018
22 Of All Organizations, Every Month 94%: at least 1 insider threat 80%: at least 1 compromised account threat 92%: stolen cloud credentials on dark web Source: Verizon Data Breach Investigation Report 2018
23 Persistent Login Attack Brute Force Logins Distant Cousin Attack MO Enumerate usernames (using first, middle and last names) 5-60 different username combinations attempted per User Number of attempts vary proportionally, to the value of the User Attempt logins for each of the usernames Multiple IPs used, one attempt by one IP using one password Threat Objectives Assess the organization s O365 authentication framework (username validation, SSO, MFA etc) Identify valid usernames, system accounts etc; and if they federate to an SSO/MFA Compromise O365 accounts 23
24 KnockKnock Attack Attack MO Target system accounts, that do not have MFA or federate to an SSO Target admins & accounts that have higher privileged access (non-federated auth accounts like *.onmicrosoft.com for O365) Threat Objectives Compromise high privilege system accounts Widen a breach using malware or phishing leading to deep-set infiltration Rogue Machines Originating Geos & Networks Large Enterprises Service Accounts 24
25 Identifying cloud threats is like finding a needle in the CloudStack 100M:1 events:threats Source: McAfee Cloud Adoption Report, Nov
26 High-Risk Shadow Med/Low-Risk Shadow Salesforce Custom Apps 5% 5% 16% Office 365 contains the most sensitive data, at 31% AWS 13% 11% 31% Slack 2% Google Docs 2% 7% 8% Office 365 Box ServiceNow Source: McAfee Cloud Adoption Report, Nov
27 Threats in Office365 have grown 63% in past two years
28 Shared Responsibility Model for IaaS/PaaS Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Control Host Infrastructure Physical Security 28
29 Shared Responsibility Model for IaaS/PaaS Rogue Use Provisioning Sprawl Compromised Accounts Containers and Workloads Misconfiguration Workload to Workload Communication Malware 29
30 AWS dominates in terms of user access count Source: McAfee Cloud Adoption Report, Nov
31 Most organizations have a multi-cloud strategy Source: McAfee Cloud Adoption Report, Nov
32 Average organization has 14 misconfigured IaaS services running at a given time Source: McAfee Cloud Adoption Report, Nov 2018
33 Top 10 most commonly misconfigured AWS services 1. EBS Data encryption is not turned on 2. There s unrestricted outbound access 3. Access to resources is not provisioned using IAM roles 4. EC2 security group port misconfigured 5. EC2 security group inbound access misconfigured 6. Unencrypted AMI 7. Unused security groups 8. VPC Flow logs disabled 9. Multi-factor authentication not enabled for IAM users 10.S3 bucket encryption not turned on Source: McAfee Cloud Adoption Report, Nov
34 Source: McAfee Cloud Adoption Report, Nov
35 GhostWriter Threat Attack MO Identify publicly readable, writeable or AWS user readable, writeable buckets Identify publicly modifiable or AWS user modifiable ACLs Plant malware in the publicly accessible AWS buckets Threat Objectives Leak hundreds of thousands of records from misconfigured S3 buckets Distribute malware using trusted-iaas instances 35
36 Average organization experiences 1,527 DLP incidents in IaaS/PaaS per month Source: McAfee Cloud Adoption Report, Nov 2018
37 Source: Gartner In 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience 33% fewer security failures
38 Source: Gartner Security of the past is inadequate
39 Security of the Past was Network-centric Enterprise Data and Applications were Secured by Locking Everything Down Network Devices Enterprise Data center 39
40 Security of the Cloud has to be Cloud-native SaaS IaaS/PaaS Enterprise Data Creation and Access in the Cloud Bypasses Existing Network Security Infrastructure 40
41 Security of the Cloud has to be Cloud-native SaaS IaaS/PaaS and has to be convenient enough! 41
42 Cloud-native Security Regaining Visibility w/o Friction SaaS Devices Cloud-native Security Platform IaaS/PaaS Connect and Regain Visibility 42
43 Cloud-native Security Enforcing Control w/o Friction SaaS Devices Cloud-native Security Platform IaaS/PaaS Connect and Regain Visibility Enforce Threat and Data Protection Policies 43
44 Cloud-native Security Platform SaaS Managed and Unmanaged Devices IaaS/PaaS Visibility Control Gain complete visibility into data, workloads, containers and user behavior in the cloud Apply persistent protection to sensitive data and take real-time action to correct policy violations 44
45 Making Cloud the Most Secure Environment for Business Cloud increasingly is home to sensitive enterprise data Data sharing in the cloud is increasing Data loss and threat vectors span SaaS and IaaS/PaaS Cloud security is a shared responsibility Deploy cloud-native security platform 45
46 Thank you!
Go mobile. Stay in control.
Go mobile. Stay in control. Enterprise Mobility + Security Jeff Alexander Sr. Technical Evangelist http://about.me/jeffa36 Mobile-first, cloud-first reality 63% 80% 0.6% Data breaches Shadow IT IT Budget
More informationRelated Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)
PRESENTED BY: Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced) One of the main problems that customers face with the adoption of SaaS and cloud-based apps is how to deliver the
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationAccess Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions
Access Governance in a Cloudy Environment Nabeel Nizar VP Worldwide Solutions Engineering @nabeelnizar Nabeel.Nizar@saviynt.com How do I manage multiple cloud instances from a single place? Is my sensitive
More informationSecure Access for Microsoft Office 365 & SaaS Applications
Best Practices Guide Secure Access for Microsoft Office 365 & SaaS Applications Implement Robust Compliance for All Users, All Devices, and All Data This guide illustrates best practices for secure Office
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationPrecisionAccess Trusted Access Control
Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised
More informationPasswords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist
Passwords Are Dead Long Live Multi-Factor Authentication Chris Webber, Security Strategist Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Threat Landscape Breach accomplished Initial attack
More informationSECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS
WHITE PAPER SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS The Challenges Of Securing AWS Access and How To Address Them In The Modern Enterprise Executive Summary When operating in Amazon Web Services
More informationSecurity Camp 2016 Cloud Security. August 18, 2016
Security Camp 2016 Cloud Security What I ll be discussing Cloud Security Topics Cloud overview The VPC and structures Cloud Access Methods Who owns your data? Cover your Cloud trail? Protection approaches
More informationMcAfee Skyhigh Security Cloud for Amazon Web Services
McAfee Skyhigh Security Cloud for Amazon Web Services McAfee Skyhigh Security Cloud for Amazon Web Services (AWS) is a comprehensive monitoring, auditing, and remediation solution for your AWS environment
More informationAdopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security
Adopting Modern Practices for Improved Cloud Security Cox Automotive - Enterprise Risk & Security 1 About Cox Automotive Cox Automotive is a leading provider of products and services that span the automotive
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationZero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers
Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere How Okta enables a Zero Trust solution for our customers Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationHackproof Your Cloud Responding to 2016 Threats
Hackproof Your Cloud Responding to 2016 Threats Aaron Klein, CloudCheckr Tuesday, June 30 th 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Changing Your Perspective Moving
More informationIDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO (US) @BEN_SMITH IDENTITY = THE MOST CONSEQUENTIAL ATTACK VECTOR Confirmed data breaches involving weak, default
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationSecuring Your Cloud Introduction Presentation
Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today
More informationBest Practices for Augmenting IDaaS in a Cloud IAM Architecture PAM DINGLE, PING IDENTITY OFFICE OF THE CTO
Best Practices for Augmenting IDaaS in a Cloud IAM Architecture PAM DINGLE, PING IDENTITY OFFICE OF THE CTO W HI T E P A P ER TABLE OF CONTENTS 03 EXECUTIVE OVERVIEW 04 BEST PRACTICE #1: IMPLEMENT ADMINISTRATIVE
More informationSecure access to your enterprise. Enforce risk-based conditional access in real time
Secure access to your enterprise Enforce risk-based conditional access in real time FOREWORD The intelligent cloud has created an opportunity to do security better Traditional security perimeters no longer
More informationSecuring Office 365 & Other SaaS
Securing Office 365 & Other SaaS PrecisionAccess Vidder, Inc. Securing Office 365 & Other SaaS 1 Executive Summary Securing Office 365 means securing Email, SharePoint, OneDrive, and a number of other
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationManaging SaaS risks for cloud customers
Managing SaaS risks for cloud customers Information Security Summit 2016 September 13, 2016 Ronald Tse Founder & CEO, Ribose For every IaaS/PaaS, there are 100s of SaaS PROBLEM SaaS spending is almost
More informationAre You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus 1 60 Second AWS Security Review 2 AWS Terminology Identity and Access Management (IAM) - AWS Security Service to manage
More informationZero Trust in Healthcare Centrify Corporations. All Rights Reserved.
Zero Trust in Healthcare 1 CYBER OFFENSE REDEFINED: TRANSFORM YOUR SECURITY POSTURE WITH ZERO TRUST 2 What Keeps CIOs Up at Night? How exposed are we, anyway? Who can access what? Can we trust our partners?
More informationCLOUD WORKLOAD SECURITY
SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationSecuring Office 365 with SecureCloud
Securing Office 365 with SecureCloud 1 Introduction Microsoft Office 365 has become incredibly popular because of the mobility and collaboration it enables. With Office 365, companies always have the latest
More informationOFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting
OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices Internal Audit, Risk, Business & Technology Consulting CLOUD ADOPTION Business demands faster, more agile and less costly solutions to achieve digital
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationHackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm
whitepaper Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm When your company s infrastructure was built on the model of a traditional on-premise data center, security was pretty
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationEmbracing a Secure Cloud. Cloud & Network Virtualisation India 2017
Embracing a Secure Cloud Cloud & Network Virtualisation India 2017 Cloud Computing Group of computing resources providing services such as servers, storage, databases, software, applications, networks
More informationFive Essential Capabilities for Airtight Cloud Security
Five Essential Capabilities for Airtight Cloud Security SECURITY IN THE CLOUD REQUIRES NEW CAPABILITIES It is no secret; security and compliance are at the top of the list of concerns tied to cloud adoption.
More informationWHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD
WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD Imagine that you re a CISO in charge of identity and access management for a major global technology and manufacturing company. You
More informationHybrid Identity de paraplu in de cloud
EXPERTS LIVE SUMMER NIGHT Hybrid Identity de paraplu in de cloud Robbert van der Zwan TSP EM+S Netherlands EXPERTS LIVE SUMMER NIGHT Robbert van der Zwan Robbert works as an Enterprise Mobility and Security
More informationA CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management
A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management CONTENTS INTRODUCTION 1 SECTION 1: MULTI-CLOUD COVERAGE 2 SECTION 2: MULTI-CLOUD VISIBILITY
More informationSecuring Office 365 with MobileIron
Securing Office 365 with MobileIron Introduction Office 365 is Microsoft s cloud-based productivity suite. It includes online versions of Microsoft s most popular solutions, like Exchange and SharePoint,
More informationCHECK POINT CLOUDGUARD SAAS SUPERIOR THREAT PREVENTION FOR SAAS APPLICATIONS
CHECK POINT CLOUDGUARD SAAS SUPERIOR THREAT PREVENTION FOR SAAS APPLICATIONS OVER 70% OF ENTERPRISES ADOPTED CLOUD APPLICATIONS* ARE WE SECURE? *Gartner, 2016 SaaS Applications are being Hacked NOT EVERY
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCloud Transformation Program Cloud Change Champions June 20, 2018
Cloud Transformation Program Cloud Change Champions June 20, 2018 W June C Today s Agenda C C M! 1 Welcome and Agenda Overview Program Updates 2 Security Issues in the Cloud Presenter: Michael Timineri
More informationWHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365
WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365 Airwatch Support for Office 365 One of the most common questions being asked by many customers recently is How does AirWatch support Office 365? Customers often
More informationToday s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps
Today s workforce is Mobile Most applications are Web-based apps Cloud and SaaSbased applications are being deployed and used faster than ever Hybrid Cloud is the new normal. % plan to migrate >50% of
More informationEnterprise & Cloud Security
Enterprise & Cloud Security Greg Brown VP and CTO: Cloud and Internet of Things McAfee An Intel Company August 20, 2013 You Do NOT Want to Own the Data Intel: 15B 2015 Cisco: 50B 2020 2 August 21, 2013
More informationCreating an AWS Account: Beyond the Basics
Creating an AWS Account: Beyond the Basics Best practices to build a strong foundation for enterprise cloud adoption Updated August 2016 Aaron Wilson Table of Contents Introduction... 3 Before You Begin...
More informationCyber Defense Operations Center
Cyber Defense Operations Center Providing world-class security protection, detection, and response Marek Jedrzejewicz Principal Security Engineering Manager Microsoft Corporation 1 Cybersecurity. In the
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationDefinitive Guide to Azure Security
Definitive Guide to Azure Security 1 Definitive Guide to Azure Security Table of Contents 3 Introduction 6 Azure Adoption Trends 8 Azure Security Challenges Threats to Data and Applications on Azure Shared
More informationCHARLES DARWIN, CYBERSECURITY VISIONARY
SESSION ID: SPO1-W12 CHARLES DARWIN, CYBERSECURITY VISIONARY Dan Schiappa SVP and GM, Products Sophos @dan_schiappa It is not the strongest of the species that survives, nor the most intelligent that survives.
More informationTAKING THE MODULAR VIEW
TAKING THE MODULAR VIEW Extracting security from the application Chenxi Wang, Ph.D. Forrester Research SANS Application Security Summit, May, 2012 Application security remains an elusive goal 2012 Breach
More informationMinfy MS Workloads Use Case
Contents Scope... 3 About CUSTOMER... Error! Bookmark not defined. Use Case Description... 3 Technical Stack... 3 AWS Architecture... Error! Bookmark not defined. AWS Solution Overview... 4 Risk Identified
More information85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges
Do You Have A Firewall Around Your Cloud? California Cybersecurity Education Summit 2018 Tyson Moler Oracle Security, North America Public Sector Conquering The Big Threats & Challenges Real Life Threats
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationCloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation
Cloud Security, Mobility and Current Threats Tristan Watkins, Head of Research and Innovation Threat Landscape Verizon Data Breach Investigations Report Verizon DBIR: Threat actors and actions Verizon
More informationCrash course in Azure Active Directory
Crash course in Azure Active Directory Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely.
More informationMinfy MS Workloads Use Case
Contents Scope... 3 About Customer... 3 Use Case Description... 3 Technical Stack... 3 AWS Solution... 4 Security... 4 Benefits... 5 Scope This document provides a detailed use case study on Hosting GSP
More informationIdentiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks
Identiteettien hallinta ja sovellusturvallisuus Timo Lohenoja, CISPP Systems Engineer, F5 Networks timo@f5.com Cybersecurity Is Business Continuity Maintain and grow revenue Identify industry threats Protect
More informationMobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015
Mobile Field Worker Security Advocate Series: Customer Conversation Guide Research by IDC, 2015 Agenda 1. Security Requirements for Mobile Field Workers 2. Key Mobile Security Challenges Companies Face
More informationPart 1: Anatomy of an Insider Threat Attack
Part 1: Anatomy of an Insider Threat Attack Shiri Margel Data Security Research Team Lead Imperva Carrie McDaniel Emerging Products Team Lead Imperva Shiri Margel Data Security Research Team Lead Masters
More information6 Key Use Cases for Securing Your Organization s Cloud Workloads. 6 Key Use Cases for Securing Your Organization s Cloud Workloads
6 Key Use Cases for Securing Your Organization s Cloud Workloads 1 6 Key Use Cases for Securing Your Organization s Cloud Workloads Table of Contents Introduction: The Continuing Rise of Cloud Adoption
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationSignalFx Platform: Security and Compliance MARZENA FULLER. Chief Security Officer
SignalFx Platform: Security and Compliance MARZENA FULLER Chief Security Officer SignalFx Platform: Security and Compliance INTRODUCTION COMPLIANCE PROGRAM GENERAL DATA PROTECTION DATA SECURITY Data types
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationPEOPLE CENTRIC SECURITY THE NEW
PEOPLE CENTRIC SECURITY THE NEW PARADIGM IN CYBERSECURITY David Karlsson SE Nordics March 2018 1 2018 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY PARTNERS
More informationCloud Infrastructure Security Report. Prepared for Acme Corp
Cloud Infrastructure Security Report Prepared for Acme Corp From: Jul 24, 2016 at 09:08 PDT To: Jul 24, 2017 at 09:08 PDT Cloud Account(s): Dev Account, Staging Account, Production Account Table of Contents
More informationThe Challenge of Cloud Security
The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you
More informationA Practical Step-by-Step Guide to Managing Cloud Access in your Organization
GUIDE BOOK 4 Steps to Cloud Access Management A Practical Step-by-Step Guide to Managing Cloud Access in your Organization Cloud Access Challenges in the Enterprise Cloud apps in the enterprise have become
More informationBest Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS E-BOOK
EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS 03 EXECUTIVE OVERVIEW 05 INTRODUCTION 07 MORE CLOUD DEPLOYMENTS MEANS MORE ACCESS 09 IDENTITY FEDERATION IN
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationWho am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB
@markmorow Who am I? Identity Product Group, CXP Team Premier Field Engineer SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB Active Directory Domain Services On-premises App Server Validate credentials
More informationVMware Hybrid Cloud Solution
VMware Hybrid Cloud Solution Simplifying and Accelerating Your Multi-Cloud Strategy Bunyamin Ozyasar System Engineer Manager 2017 VMware Inc. All rights reserved. Today s Agenda 1 2 3 VMware SDDC Approach
More informationMcAfee MVISION Cloud. Data Security for the Cloud Era
McAfee MVISION Cloud Data Security for the Cloud Era McAfee MVISION Cloud protects data where it lives today, with a solution that was built natively in the cloud, for the cloud. It s cloud-native data
More informationThe Oracle Trust Fabric Securing the Cloud Journey
The Oracle Trust Fabric Securing the Cloud Journey Eric Olden Senior Vice President and General Manager Cloud Security and Identity 05.07.2018 Safe Harbor Statement The following is intended to outline
More informationBuilding a More Secure Cloud Architecture
Building a More Secure Cloud Architecture Jerry Archer SVP and CSO Let s Make College Happen Security Guiding Principles in the Cloud Secure Perimeter Micro-segmentation -- isolating applications and data
More informationAUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs
AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs WITH PALO ALTO NETWORKS AND REAN CLOUD 1 INTRODUCTION EXECUTIVE SUMMARY Organizations looking to provide developers with a free-range development environment
More informationHow Microsoft s Enterprise Mobility Suite Provides helps with those challenges
2 Agenda Enterprise challenges for mobility How Microsoft s Enterprise Mobility Suite Provides helps with those challenges Hybrid identity With Azure Active Directory and Azure Active Directory Premium
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationKeep the Door Open for Users and Closed to Hackers
Keep the Door Open for Users and Closed to Hackers A Shift in Criminal Your Web site serves as the front door to your enterprise for many customers, but it has also become a back door for fraudsters. According
More informationHow Identity as a Service Makes UCaaS/SaaS Integrations More Scalable, Productive, and Secure
White Paper How Identity as a Service Makes UCaaS/SaaS Integrations More Scalable, Productive, and Secure 1 Executive summary The huge shift to cloud communications and collaboration is happening in parallel
More informationAvanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.
Avanan for G Suite Technical Overview Contents Intro 1 How Avanan Works 2 Email Security for Gmail 3 Data Security for Google Drive 4 Policy Automation 5 Workflows and Notifications 6 Authentication 7
More informationNIST Cybersecurity Framework Protect / Maintenance and Protective Technology
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology Presenter Charles Ritchie CISSP, CISA, CISM, GSEC, GCED, GSNA, +6 Information Security Officer IT experience spanning two centuries
More informationCloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
More informationTop Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk
Top Reasons To Audit An IAM Program Bryan Cook Focal Point Data Risk Focal Point Data Risk A New Type of Risk Management Firm THE FACTS Born from the merger of three leading security & risk management
More informationCloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.
Cloud Computing An introduction using MS Office 365, Google, Amazon, & Dropbox. THIS COURSE Will introduce the benefits and limitations of adopting cloud computing for your business. Will introduce and
More informationWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control SESSION ID: CDS-T11 Sheung-Chi NG Senior Security Consulting Manager, APAC SafeNet, Inc. Cloud and Virtualization Are Change the
More informationCLOUD SECURITY CRASH COURSE
CLOUD SECURITY CRASH COURSE ADDRESSING REAL WORLD CONCERNS Joel Friedman, CTSO ABOUT ME Name: Joel Friedman Title: Chief Technology & Security Officer of Datapipe Certifications: CISSP, CISA, CISM, CRISC,
More informationProteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro
Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro 2 Customer Challenges 3 Most Attacks Include Phishing Emails 5 Advanced Malware Difficult to
More informationEvolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa
Evolution of Cyber Security Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa Nasser.Kettani@microsoft.com @nkettani MODERN SECURITY THREATS THERE ARE TWO KINDS OF BIG COMPANIES:
More informationHow-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018
How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018 Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationNETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.
NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING. The old mantra of trust but verify just is not working. Never trust and verify is how we must apply security in this era of sophisticated breaches.
More informationMigrationWiz Security Overview
MigrationWiz Security Overview Table of Contents Introduction... 2 Overview... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Data Security and Handling... 4 Database
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationCompleting your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT
Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,
More informationClouds in the Forecast. Factors to Consider for In-House vs. Cloud-Based Systems and Services
Clouds in the Forecast Factors to Consider for In-House vs. Cloud-Based Systems and Services Speakers Sam Gabal Sam Gabal is a Sales Executive with Origami Risk, based in Orange County and experienced
More information