Securing Your Cloud Introduction Presentation

Similar documents
IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

IBM Future of Work Forum

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

IBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Best Practices in Securing a Multicloud World

Qualys Cloud Platform

Why the cloud matters?

IBM services and technology solutions for supporting GDPR program

locuz.com SOC Services

Cloud Customer Architecture for Securing Workloads on Cloud Services

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Securing the Cloud Today: How do we get there?

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Converged Cloud and Digital Transformation: A Strategy for Business Success

Enterprise & Cloud Security

Security Readiness Assessment

SYMANTEC DATA CENTER SECURITY

Detect Fraud & Financial Crime

Transforming Security Part 2: From the Device to the Data Center

Modern Database Architectures Demand Modern Data Security Measures

Next-Gen CASB. Patrick Koh Bitglass

Building Trust in the Era of Cloud Computing

Closing the Hybrid Cloud Security Gap with Cavirin

OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

IBM Exam 00M-662 Security Systems Sales Mastery Test v2 Version: 7.1 [ Total Questions: 72 ]

VMware Hybrid Cloud Solution

Microsoft Security Management

10 Cloud Myths Demystified

10 Cloud Myths Demystified

CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance

THE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES

HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

2017 THALES DATA THREAT REPORT

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Optimizing Infrastructure Management with Predictive Analytics: The Red Hat Insights Approach

Government IT Modernization and the Adoption of Hybrid Cloud

Securing Data in the Cloud: Point of View

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

Managing SaaS risks for cloud customers

Hardened Security in the Cloud Bob Doud, Sr. Director Marketing March, 2018

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Qualys Cloud Platform

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

Development. Architecture QA. Operations

De kracht van IBM cloud: hoe je bestaande workloads verhuist naar de cloud

THALES DATA THREAT REPORT

Exam C Foundations of IBM Cloud Reference Architecture V5

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

CLOUD SECURITY CRASH COURSE

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

the SWIFT Customer Security

The Challenge of Cloud Security

The Oracle Trust Fabric Securing the Cloud Journey

CISCO CLOUD. Multi Cloud Management Multi Cloud Reference Architecture Multi Cloud Capability Map CiscoCloud CiscoCloud v Competition

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

Protecting Your Cloud

Automating Security Practices for the DevOps Revolution

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

The Etihad Journey to a Secure Cloud

How to Secure Your Cloud with...a Cloud?

Cloud Transformation Program Cloud Change Champions June 20, 2018

Cognizant Cloud Security Solution

Everything visible. Everything secure.

Next-Generation HCI: Fine- Tuned for New Ways of Working

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Who s Protecting Your Keys? August 2018

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

DevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY

Device Discovery for Vulnerability Assessment: Automating the Handoff

Welcome to IBM Security Guardium Analyzer!

Security and Compliance at Mavenlink

Stopping Advanced Persistent Threats In Cloud and DataCenters

Migrating Enterprise Applications to the Cloud Session 672. Leighton L. Nelson

What It Takes to be a CISO in 2017

Cloud Services. Infrastructure-as-a-Service

ebook ADVANCED LOAD BALANCING IN THE CLOUD 5 WAYS TO SIMPLIFY THE CHAOS

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

Security as Code: The Time is Now. Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

The threat landscape is constantly

Healthcare IT Modernization and the Adoption of Hybrid Cloud

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

Be effective in protecting against the cybercrime

Internet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin

VMware Cloud on AWS Technical Deck VMware, Inc.

Cloud Essentials for Architects using OpenStack

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Transcription:

Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security

Today s Inhibitors for Cloud Adoption COMPLIANCE SECURITY SKILLS GAP VISIBILITY INSIDER THREATS DATA PROTECTION 2 IBM Security

Are your customers ready to secure the cloud? 1/3 Fewer security failures for those that implement cloud security visibility and control tools 60 % fewer security incidents in IaaS vs traditional datacenters in 2020 50% of IaaS customers will add 3 rd party security products in 2017 Source: Gartner Predicts 2017: Cloud Security, Nov 2016 BUT: My team is not equipped to handle cloud security complexity 3 IBM Security

What s holding organizations back from switching to cloud? Question: Which of the following best describe your organization's main concerns about Cloud and are IMPORTANT INHIBITORS for your organization in considering Public Cloud services or Private Cloud technologies? Security concerns Regulatory / Compliance issues IT Governance Reliability / Downtime Vendor lock-in Hard to integrate Loss of operational control Will cost too much OP / Performance concerns Worries around network infrastructure Not convinced of ROI Reduced customization opportunities Insufficient internal buy-in Don t have the IT skills Cloud user Non-user of Cloud 15% 20% 25% 30% 35% 40% 45% 50% 4 IBM Security IDC# US41636817 (August 2016) Source: IDC CloudView, January, 2016, n=11,350 worldwide respondents; weighted by GDP and company size

Common security perceptions cause organizations to re-think how they can manage cloud risks more effectively Perception Perception Perception Cloud computing is Cloud security is Cloud security is less secure complex and costly difficult to maintain Reality Reality Reality 62% of respondents said their levels of privacy protection increased as a result of moving to the cloud 1 69% Since moving to the cloud, of respondents said they have saved money 1 Understanding the risks with a cloud vendor s capabilities will allow organizations to overcome these perceptions 55% of cloud users have reduced the amount of time they spend managing security since moving to the cloud 1 1 Microsoft Cloud Trust Study 5 IBM Security IBM Security

Cloud capabilities to securely deliver and consume cloud services Intelligence Mobile Network Data Analytics Access ISAM CIS Guardium App Security QRadar XGS Multi Cloud Encryption BigFix Secure DevOps Deliver security FOR the cloud Access Apps Consume security FROM the cloud Fraud QRadar on Cloud Maas360 Trusteer Application Security on Cloud Enforcer ACCESS NETWORK DATA APPLICATION VISIBILITY & WORKLOAD MANAGEMENT SECURITY PROTECTION SECURITY INTELLIGENCE MANAGEMENT 6 IBM Security

Six Cloud Security Must Have s for any Cloud 1 2 3 4 5 6 Cloud Imperative ACCESS MANAGEMENT Users, privileges, clients NETWORK SECURITY Anomalies, threats, activities DATA PROTECTION Databases, workloads, content APPLICATION SECURITY Threat prevention VISIBILITY and INTELLIGENCE Anomalies, threats, activities WORKLOAD CENTRIC Security and DevOps management Capability Identity and access management Identity Governance Privileged identity Management Federation and SSO Monitoring events Threat detection and prevention Inter-workload protection File and Folder Encryption Key Lifecycle Management Data Loss Prevention Vulnerability scanning PII discover and monitoring Secure application development Application vulnerability assessment and management Event Correlation Monitoring and alerting Multi-cloud and on premise integration Cloud security policy management Patch management Auditing of controls

Security For the Cloud is a shared responsibility between the customer and Cloud Infrastructure Provider Customer Security Operations: Bring Your Own 3 rd party cloud security products, policies, practices and 1. Workload isolation 2. Secure DevOps 3. Harden VMs & Containers 4. Pen testing 5. Compliance/Certification processes Security Must Have Capabilities 1. Identity 2. Network 3. Data Protection 4. Application Security 5. Security Visibility 6. Security management Platform Security Services: Built in 1. Identity and Access 2. Network security 3. Data protection 4. Vulnerability & patch mgmt 5. Monitoring & Intelligence 6. Workload Management

Brief Cloud Security Checklist Get Access Under Control Who is using un-sanctioned Saas Apps? What is the risk? Are you protecting the IaaS cloud platform management console appropriately? Disparate registries and authentication methods Protecting Data Is sensitive data shared inappropriately Are you encrypting storage in IaaS and PaaS workloads? Is PII masked? Are you monitoring the integrity of cloud workload (configuration) files? Visibility Are you seeing new resources being deployed? Are you monitoring system calls and processes? Protecting networks Do you have cloud workload IDS/IPS and host-based firewalls? Do you have VPN connecting workloads on diverse IaaS platforms? BYO- Tools, Policies and Processes What do you already own that can be extended to the cloud? 9 IBM Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback