Cloud Security Myths Paul Mazzucco, Chief Security Officer

Similar documents
Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Securing Your Secured Data

Cyber Security Technologies

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

Top Five Ways to Protect Your Organization from Data Loss & Cyber Hackers

locuz.com SOC Services

Rapid Recovery from Logical Corruption

Next Generation Authentication

Microsoft Operations Management Suite (OMS) Fernando Andreazi RED CLOUD

Green Governance Growth

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

Cyber Security Updates and Trends Affecting the Real Estate Industry

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Practical Guide to Hybrid Cloud Computing. Cloud-Computing.

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Cloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

SoftLayer Security and Compliance:

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Choosing the Right Cloud. ebook

A Guide to Ensuring Security and Resiliency

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Automating the Top 20 CIS Critical Security Controls

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Countering ransomware with HPE data protection solutions

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Accelerate Your Enterprise Private Cloud Initiative

ABB Ability Cyber Security Services Protection against cyber threats takes ability

Copyright 2016 EMC Corporation. All rights reserved.

Cisco Firepower NGFW. Anticipate, block, and respond to threats

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

Cloud Services. Infrastructure-as-a-Service

Verizon Software Defined Perimeter (SDP).

Fujitsu World Tour 2018

Information Technology

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

DDoS MITIGATION BEST PRACTICES

CISO View: Top 4 Major Imperatives for Enterprise Defense

Secure & Unified Identity

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

Security Readiness Assessment

Backup and Recovery. Backup and Recovery from Redstor. Making downtime a thing of the past Making downtime a thing of the past

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

HWDSB s Journey to the Cloud

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

MEETING ISO STANDARDS

NS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments. Hunter Downey, Cloud Solution Director

2018 Cyber Security Predictions

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

IBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud VMworld 2017 Content: Not for publicati

Data Protection Everywhere

QUALITY IT SUPPORT TAILORED FOR NOT FOR PROFITS

Bomgar Discovery Report

Why a Disaster Recovery Plan Isn t Just a Good Idea (It s Essential) ContinuityCenters.com

Delivering Cyber Security Confidence for the Modern Enterprise

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Who s Protecting Your Keys? August 2018

Evidence-based protection of web resources a must under the GDPR. How the Akamai Intelligent Platform helps customers to mitigate risks

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Projectplace: A Secure Project Collaboration Solution

Spotlight Report. Information Security. Presented by. Group Partner

Private Clouds: Opportunity to Improve Data Security and Lower Costs. InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy

PRODUCT OVERVIEW. ecommerce. Your Brand s Digital Experience. Delivered. Product Overview. ecommerce

Twilio cloud communications SECURITY

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security

EMC GLOBAL DATA PROTECTION INDEX STUDY KEY RESULTS & FINDINGS FOR THE USA

Next Generation Privilege Identity Management

How NOT To Get Hacked

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Kako napraviti Cloud?

Data Protection. Rethinking. Michael Andrews, Director, Enterprise Data Protection, APJ HP Autonomy IM

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

Mitigating Risks with Cloud Computing Dan Reis

Redefine Data Protection: Next Generation Backup And Business Continuity

Disaster Recovery Is A Business Strategy

Business continuity management and cyber resiliency

Symantec Business Continuity Solutions for Operational Risk Management

End-to-End Trust, Segmentation and Segregation in the IIoT

Security Principles for Stratos. Part no. 667/UE/31701/004

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

How Managed Service Providers Can Meet Market Growth with Maximum Uptime

Data Protection in Practice

GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

SECURITY & COMPLIANCE IN THE CLOUD AGE

Teradata and Protegrity High-Value Protection for High-Value Data

MODERNIZE YOUR DATA CENTER. With Cisco Nexus Switches

Transcription:

Cloud Security Myths Paul Mazzucco, Chief Security Officer

Discussion Points >Yesterday s standards: today s security myths >Cloud security: an ongoing mandate >Actions to take now

90% of Businesses Breached in Last 10 Years Channels used > Bring Your Own Device (BYOD) 60% allow / 40% formal policy > Bring Your Own Cloud (BYOC) 45% apps / 22% visible to IT > Malicious Hackers 60% financial gain / 25% IP US hits record high of 783 data breaches in 2014

(Almost) Daily Headlines > Data Belonging to 1.1 Million CareFirst Customers Stolen in Cyber Attack (May 2015) > US Regulators Warn of Cyber Threat to Financial System (May 2015) > FBI Warns US Companies of Cyber Terror (April 2015) 4

Multiple Cyber Security Threats Cyber security threats according to risk mitigation priority 10 = Highest Priority to 1 = Lowest Priority Denial of service (DoS) Server side injection Distributed denial of service (DDoS) Viruses, worms and trojans Malware 9.0 8.6 8.2 7.9 7.7 Botnets 6.4 Malicious insiders 5.4 Cross site scripting Web scrapping Phishing and social engineering 3.0 2.8 3.2 0.0 1.0 2.0 3.0 4.0 5.0 6.0 7.0 8.0 9.0 10.0

Cloud Security Myths > Data in the cloud is less secure than data in traditional brick & mortar datacenter > Security can be dealt with after the fact > Using any cloud provider with the right certs guarantees protection > Once it s set up, you can leave it alone 6

Myth 1: Data Less Secure in Cloud F A C T S Cloud providers core expertise Built into the business model, ground up Offer many more layers of security 28% fewer genuine attacks, threats

Myth 2: Deal With it After the Fact Security is infrastructural, planning through execution F A C T S Cloud Environment Network architecture Provisioning Deployment Scaling Needs Impact Security Your industry Your data needs Your business practices Your customers needs

Myth 3: Certs Guarantee Protection F A C T S > Compliance doesn t ensure security Overlap: Yes Same: No > Compliance: state of security at specific moment in time Error between audits Humans vs. automation > Actions Independent audits, SLAs Public vs. private cloud

Myth 4: Certs Guarantee Protection > Certs & audit are a beginning F A C T S Not culmination > Yesterday s technology Perimeter-focused > Today s threats require Multi-layered approach Advanced detection Real-time admin alerts

Actions to Take > Cloud Security Alliance (CSA) Consensus Assessment Initiative Questionnaire CSA Cloud Controls Matrix > Independent audits 3rd party testing of providers infrastructure > Services secured to common standard Transparent and auditable

TierPoint Cloud Built to meet critical security, performance and reliability requirements Full suite of custom-configured virtualization services powered by industry-leading VMware technology Secure Flexible Scalable Cost Efficient PRIVATE MULTI-TENANT RECOVERY HYBRID Dedicated Environment Customized Storage, Computing, Security & other Components Utilize & Colocate Your Own Equipment or Outsource as Fully Managed Secure, Enterprise Architected Service Cost Efficient, Flexible Dedicated Resources Built to Spec for Customer RPOs & RTOs Virtual Resources Upon Demand During a Disaster IP Vaulting, Tape, or Disk Backup Seamless Integration with Colocation Environments Secure, Enterprise Services Cost-efficient Scalable 12

TierPoint History > Built on strong foundation Headquarters: St. Louis, MO Strategic combination of respected, innovative data centers and IT solution providers date back to the 1990 s Servicing 2900+ clients across multiple industries 13

Q&A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback