Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security

Similar documents
AKAMAI CLOUD SECURITY SOLUTIONS

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Hardening the Cloud: Assuring Agile Security in High-Growth Environments (Moving from span ports to virtual appliances)

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Getting Started with AWS Security

Azure DevOps. Randy Pagels Intelligent Cloud Technical Specialist Great Lakes Region

Delivering Complex Enterprise Applications via Hybrid Clouds

Best Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ

AWS Well Architected Framework

Best Practices in Securing a Multicloud World

CLOUD AND AWS TECHNICAL ESSENTIALS PLUS

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

DevOps Agility in the Evolving Cloud Services Landscape

AWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager

SIEM: Five Requirements that Solve the Bigger Business Issues

ALIENVAULT USM FOR AWS SOLUTION GUIDE

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Accelerate Your Enterprise Private Cloud Initiative

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

Government IT Modernization and the Adoption of Hybrid Cloud

Look Who s Hiring! AWS Solution Architect AWS Cloud TAM

SIEM Solutions from McAfee

One Hospital s Cybersecurity Journey

Building a Resilient Security Posture for Effective Breach Prevention

ArcGIS in the Cloud. Andrew Sakowicz & Alec Walker

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

CLOUD WORKLOAD SECURITY

AWS Reference Design Document

BUILDING APPLICATION SECURITY INTO PRODUCTION CONTAINER ENVIRONMENTS Informed by the National Institute of Standards and Technology

SIEMLESS THREAT DETECTION FOR AWS

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

Modern Database Architectures Demand Modern Data Security Measures

Deploying and Operating Cloud Native.NET apps

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

Securing Your Digital Transformation

FROM VSTS TO AZURE DEVOPS

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

How to master hybrid IT. Get the speed and agility you want, with the visibility and control you need

Introduction to Cloud Computing

Security by Default: Enabling Transformation Through Cyber Resilience

The Windstream Enterprise Advantage for Banking

CYBER SECURITY WHITEPAPER

10 FOCUS AREAS FOR BREACH PREVENTION

Healthcare IT Modernization and the Adoption of Hybrid Cloud

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

align security instill confidence

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Enroll Now to Take online Course Contact: Demo video By Chandra sir

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Digital Audience Analysis: Understanding Online Car Shopping Behavior & Sources of Traffic to Dealer Websites

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

INTRO TO AWS: SECURITY

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Information Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure

Monitoring Serverless Architectures in AWS

Splunk & AWS. Gain real-time insights from your data at scale. Ray Zhu Product Manager, AWS Elias Haddad Product Manager, Splunk

Navigating the Clouds Fortifying ITIL for Cloud Governance

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

CyberPosture Intelligence for Your Hybrid Infrastructure

Cisco ONE Enterprise Cloud Suite

Who done it: Gaining visibility and accountability in the cloud

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Splunk & Amazon Web Services

Transforming Security from Defense in Depth to Comprehensive Security Assurance

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Choosing the Right Cloud. ebook

Minfy-Vara Migration Use Case

RSA NetWitness Suite Respond in Minutes, Not Months

WHITE PAPER. Five AWS Practices. Enhancing Cloud Security through Better Visibility

May the (IBM) X-Force Be With You

Securing Microservices Containerized Security in AWS

locuz.com SOC Services

RED HAT INSIGHTS. Security & Proactive Response with Insights

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

ICS Security Monitoring

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

Roadmap to the Efficient Cloud: 3 Checkpoints for the Modern Enterprise

Automating Security Practices for the DevOps Revolution

Supporting the Cloud Transformation of Agencies across the Public Sector

AWS Security. Stephen E. Schmidt, Directeur de la Sécurité

McAfee Skyhigh Security Cloud for Amazon Web Services

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Minfy MS Workloads Use Case

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

The Evolution of Data Center Security, Risk and Compliance

NEXT GENERATION CLOUD SECURITY

Architecting for Greater Security in AWS

Title: Planning AWS Platform Security Assessment?

PCI DSS Compliance. White Paper Parallels Remote Application Server

Transcription:

Adopting Modern Practices for Improved Cloud Security Cox Automotive - Enterprise Risk & Security 1

About Cox Automotive Cox Automotive is a leading provider of products and services that span the automotive ecosystem worldwide. Our goal is to simplify the trusted exchange of vehicles and maximize value for dealers, manufacturers and car shoppers. We ve built the industry s strongest family of more than 25 brands to provide industry-leading digital marketing, software, financial, wholesale and e-commerce solutions to help our clients thrive in a rapidly changing automotive marketplace. Our Vision Transform the way the world buys, sells and owns cars. WHO WE ARE 33,000 + team members 40,000 + clients MOST RECOGNIZED BRANDS Autotrader & Kelley Blue Book 73% OF ALL CAR BUYERS use Autotrader or KBB.com 2

OUR BRANDS 3

Setting the Cloud Stage What was driving the move to the Cloud for Cox Automotive? Speed and agility a faster paced development environment, getting products to market more quickly with frequent updates and new feature releases Focusing on core competencies of developing software for customers Cost savings from future data center consolidations What is the scope of Cox Automotive Cloud deployments? More than half of our business units have undertaken the move of applications from on-premises to the Cloud Centrally managed billing and provisioning, but various levels of maturity on the Development teams Over 500 accounts in AWS - with over 800 Virtual Private Clouds (VPC s) in total 4

Observations When We Began This Program Traditions were changing across the entire IT landscape The business was moving faster than Security could keep up Vulnerability Management practices were no longer meeting SLA s Roles and processes were being moved and changed throughout the organization The introduction of an entirely new lexicon AMI EC2 S3 Virtual Private Cloud Security Groups We re not alone on this journey Many companies have begun the move to the Cloud (or are planning to shortly) Hundreds of new vendors and solutions in the Security space focusing on Cloud 5

Why is a Cloud Security Program So Important? Though AWS owns the responsibility OF the cloud, Cox Automotive owns the responsibility IN the cloud OS Updates and security patches Application software, patches Configuration of the AWS provided security group firewalls With the lift and shift of customer facing business-critical applications Reliability Uptime Prevention of possible leaks, breaches, or compromises Driving compliance with legal and regulatory requirements 6

Guiding Principles of the Cloud Security Program Speed, Agility, Automation Continuous Improvement & Delivery Shift Left Shared Responsibility Model (Internally) 7

Cloud Security Program Foundations A Formal Development of a Cloud Computing Security Policy & Standards Based off sources and standards including: The Center for Internet Security (CIS) AWS Well-Architected Framework AWS Security Best Practices Provides a common security approach and baseline for all cloud deployments Contributors from many cross functional teams across the company Made through a series of virtual working sessions, some reaching 5-6 hours in length over a 2 month period 8

Cloud Computing Security Policy & Standards Cloud Computing Security Policy & Standards Covers two categories of controls Level 1 and Level 2, determined by sensitivity of data in the application Viewed as a Living Document Will incorporate lessons learned as we deploy more and more infrastructure into the cloud Areas of Focus: Identity & Access Management Logging & Monitoring Networking Vulnerability Management Data Protection Business Resiliency An Engineering Handbook of the Cloud Computing Standards A guidebook on how Engineering teams can execute on these standards 9

Building The Baseline... Centrally managed account provisioning process Standard configuration automatically applied to all accounts Using Terraform modules to create a standard set of IAM groups, users, and roles on each AWS account Security AWS Billing, CloudTrail, CloudWatch and Config logs are turned on by default for all accounts and stores the audit data in an S3 bucket on the account Splunk Cloud is configured to process this data to enable dashboards and querying of the data centrally Secured Root Accounts: Root account access key removed and MFA enabled on account Jive site and Slack channels for team collaboration 10

Cloud Security Technical Implementations As Cloud specific security standards were developed, new technologies, such as CloudSploit, were leveraged to maintain visibility and compliance We also leveraged Cloud versions of on-premises technologies for Vulnerability Management, and integrated many other traditional applications (including our SIEM) for monitoring and alerting In-house cloud security analytics, dashboards, and alerting capabilities were built to proactively identify misuse and malicious activity 11

What Were the Results of This Program? Stronger security Met or exceeded the existing on-premises security requirements Visibility into critical application and infrastructure vulnerabilities and misconfigurations Immediately upon the deployment of each of these technologies, we discovered hundreds of sub-optimal configurations, privileged access usage, and vulnerabilities across our Cloud deployments Worked on a plan to quickly and efficiently prioritize and remediate the findings Enabled the self-identification of security issues by Dev teams (Shift Left) Earlier detection and remediation Customized specific alerting to what is important for our business, identifying emerging threats, and showed value to IT operations company-wide in bringing Cloud security awareness We ve already successfully launched a few of our customer-facing applications 100% in the Cloud 12

Lessons Learned Don t resist change Just because you ve always done something a certain way, doesn t mean you need or should continue to do so Terminology is new and different BUT don t be intimated, the risks are the same Centralization is essential Having dedicated teams with oversight of helps with visibility, standardization, and ultimately the security of Cloud deployments 13

Key Takeaways Relationship / Partnership building is very important! For the development of security controls and standards For the remediation of outstanding security issues Instead of saying no, provide more secure ways and say yes Shift Left Embedding security into the pipeline should be the goal Cloud security has a rapidly changing solution landscape Automate, Validate, Delegate 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback