Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
© Copyright 2019. Private and confidential.
SECURING YOUR JOURNEY
TO THE CLOUD
Craig StorkCyberSecurity Solutions [email protected]
CONVERGEONECYBERSECURITY
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
AGENDA> Cloud Security Landscape
> Why Cloud?
> Cloud Security Strategy
> How can we help?
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
SECURITY LANDSCAPE
© Copyright 2019. Private and confidential.
6
#2 CONCERN OF FORTUNE 500 CEOS?A: Cyber Security
Source: 2017 Fortune.com CEO Survey
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
CYBERSECURITY IN THE NEWSRecent Publications around CyberSecurity
8
© Copyright 2019. Private and confidential.
WHERE ARE MOST OF US?
1990 2000 2010 2015 2017
THREATS
PROTECTIONSNetworks
Gen II
Applications
Gen III
Payload
Gen IV
GRADE I
GRADE II
GRADE III
GRADE V
GRADE IV
Virus
Gen I
Most Enterprises are between Gen
2-3
2.8
Mega
Gen V
© Copyright 2019. Private and confidential.
MARKET TRENDS
10
MARKET TREND MARKET STATISTICS
Executives are deeply concerned over information security
• Cybersecurity reported as #2 biggest challenge by Fortune 500 CEOs (Fortune)• 75% of Chief Information Security Officers (CISOs) and CSOs will report directly to
the CEO, not the CIO in 2018 (IDC)
Organizations are lacking basic, fundamental strategies to address cyber risk
• 30% of enterprises worth over $25B (44% amongst all organizations) lack an overall information security strategy (PwC)
Global workforce shortage is limiting ability to effectively operate
• 3.5 million information security jobs will go unfilled by 2021 creating a severe workforce shortage (Cybersecurity Ventures)
• Consulting and IT outsourcing are currently the largest categories of spending on information security (Gartner)
Fragmented vendor landscape, pace of change and journey to cloud are generating mass complexity and confusion
• 77% of enterprises consider securing cloud environments a challenge (RightScale)• There are over 1,200 cybersecurity vendors in the market (McAfee)• Venture Capital firms invested $7.6B in 2017 in cybersecurity startups (CB Insights)
© Copyright 2019. Private and confidential. 11
IT’S A BIG, BIG WORLD
Source: Momentum Partners
© Copyright 2019. Private and confidential.
WHY MOVE TO THE CLOUD?
© Copyright 2019. Private and confidential.
INFRASTRUCTURE HAS CHANGED
EARLY 2000’s MID 2000’s NOW
OpEx & IaaSCapEx/Depreciate
1414
TRADITIONAL NETWORK
HOW IT USED TO BE
PERIMETER ASSETS
15
TRADITIONAL NETWORK
PERIMETER
BUT NOW IT’S THIS.
ASSETS
TRADITIONAL ENTERPRISE
16
AND THIS.
ASSETS
17
ATTENTION: YOU’RE FREE TO MOVE ABOUT THE NETWORK.
TRADITIONAL ENTERPRISE
TRUSTED VS UNTRUSTED
THE PERIMETER IS THE WRONG PARAMETER
© Copyright 2019. Private and confidential.
> Centralized Security
> Reduced Costs
> Reduced Administration
> Reliability and Flexibility
CLOUD SECURITY BENEFITS
© Copyright 2019. Private and confidential.
A
B
C
D
© Copyright 2019. Private and confidential.
STRATEGY
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
CLOUD SECURITY – NEW APPROACH
The Principles of security do not change but your Approach to security needs to change:
> Security best practices are no different in the cloud
> You need to apply the same security standards to cloud workloads as applied to on-premises
> FedRAMP
> Understand the Cloud Providers Shared Responsibility Model
© Copyright 2019. Private and confidential.
BEST PRACTICES FOR SECURITY
> Microsoft will secure most of the underlying infrastructure such as access to datacenters, servers & hypervisors & part of the networking infrastructure
> Customer is responsible for rest. Know your Data!
© Copyright 2019. Private and confidential.
> Inventory your critical applications
> Data Security and Access Management
> Secure Your code
> Data Classification
> Patch Management
> Review Logs Regularly
> Use Cool Tools!
BEST PRACTICES FOR SECURITY
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
TAKING A DEEPER LOOK – URLS IN ATTACHMENTS
26
> Enable lookups in attachments via a Content or Message Filter to perform URL reputation of
links in documents
> Office / OLE objects can be analyzed (i.e doc, docx, xls, ppt, pdf)
> If a malicious URL is found, action is taken on the message, not just the attachment
http://website.comhttps://newssite.com
http://malwaresite.comhttp://sportsnews.com
© Copyright 2019. Private and confidential.
27
> This feature will allow for URLs that are using a shortening service will be pre-expanded to get
base the URLs
> The ESA will query the service directly to get the base URL
> Up to 10 redirections / queries will be supported before the URL is marked as malicious
http://www.badsite.com
Services supported (23):• bit.ly
• tinyurl.com
• ow.ly
• tumblr.com
• formspring.me
• ff.im
• youtu.be
• chatter.com
• tl.gd
• plurk.com
• url4.eu
• j.mp
• goo.gl
• yfrog.com
• su.pr
• wp.me
• post.ly
• tiny.cc
• ustre.am
• tr.im
• ur.ly
• fb.me
• alturl.com
http://bit.ly/xyz123s34
TAKING A DEEPER LOOK – MANAGED URLS
© Copyright 2019. Private and confidential.
Cisco CloudlockCloud Access Security Broker (CASB)
Users Data Apps
SaaS
© Copyright 2019. Private and confidential.
CISCO CLOUDLOCK ADDRESSES ORGANIZATIONS’ MOST CRITICAL CLOUD SECURITY USE CASES
Discover and Control
User and Entity
Behavior Analytics
Cloud Data Loss
Prevention (DLP)Apps Firewall
OAuth Discovery and
Control
Shadow IT
Data Exposures
and Leakages
Privacy and
Compliance Violations
Compromised
Accounts
Insider Threats
© Copyright 2019. Private and confidential.
Public APIs
Cisco NGFW / Umbrella
ManagedUsers
ManagedDevices
ManagedNetwork
UnmanagedUsers
UnmanagedDevices
UnmanagedNetwork
CASB – API ACCESS (CLOUD TO CLOUD)
© Copyright 2019. Private and confidential.
First line of defense against internet threats
Umbrella
SeeVisibility to protect access everywhere
LearnIntelligence to see attacks
before they launch
BlockStop threats before
connections are made
CLOUD ACCESS HAS SECURITY RISKS IN THREE AREAS
© Copyright 2019. Private and confidential.
MAKE OUR TOOLS WORK TOGETHER
© Copyright 2019. Private and confidential.
CISCO THREAT RESPONSE AND CISCO UMBRELLA UNLEASHING THE POWER OF OUR INTEGRATED SECURITY ARCHITECTURE
INTEGRATION
• Cisco Threat Response automates integrations across Cisco security products
• Reduces the time and effort spent on key security operations functions:
▪ Detection▪ Investigation▪ Remediation
• Integrates with Umbrella to offer rich visibility into internet activity
• Aggregates intelligence across Cisco security products, Cisco Talos & 3rd party sources
• Available at no additional charge for Umbrella customers
© Copyright 2019. Private and confidential.
HOW CAN WE HELP?
© Copyright 2019. Private and confidential.
Next Generation Firewall
PORTFOLIO AT A GLANCE
CLOUD SERVICES
PROFESSIONAL SERVICES
MANAGED SERVICES
Email Security
Endpoint Security
Network Access Control
Web Content Security/DNS
Cloud Access Security Broker
Web Application Firewall
Penetration Testing
Security Awareness
Multi-Factor Authentication
Mobile Device Manager
SIEM
CONVERGEONECYBERSECURITY
MAINTENANCE SERVICES
© Copyright 2019. Private and confidential. 36
WAVES METHODOLOGYWorkshop
• Qualitative information gathering process reviewing the overall security environment
• Transforms a firewall upgrade discussion to a security architecture conversation
Assessment
• Quantitative real-time discovery of active threats and risks
• Maps perceived efficacy identified in the workshop to reality
Validation
• Pairs Workshop and Assessment data to determine required security controls
• Recommended solution environment is displayed live to validate solution meets requirements
Enterprise Architecture
• Validated solution are reviewed against a best practice Enterprise Architecture
Security as a Service
• Enterprise Agreement is slotted into a structured security program with recurring monthly payments
WWAWAV
WAVE
WAVES
© Copyright 2019. Private and confidential.
SECURITY VALIDATION CENTER> Dedicated demo center features the latest
solutions> Solutions are fully integrated to each other> Great opportunity for customers to see their
future environment prior to purchase> Cisco’s ability to demo currently is highly limited> Solutions include:
> Cisco FirePOWER> Cisco Identity Services Engine (ISE)> Cisco Stealthwatch> Cisco Meraki> LiveAction (Cisco GPL)> InfoBlox> And more…
> Schedule a Validation Center Workshop through a Security Architect
37
[Question: You mentioned Cisco is recommending ISE and Stealthwatch. Have you had a chance to see the interface and demo the solution yet?]
© Copyright 2019. Private and confidential.
CYBER SECURITY OPERATIONS
38
> 30+ dedicated FTE across the ConvergeOne Cyber Security Business Unit
> 30+ FTE across Cyber Security Extended Team
> Hiring 15-20 additional FTE over next 18 months
> 28 CCIE, CISSP and CCNP Certifications within dedicated group
> Additional certifications and achievements including PhD, CISM, GCIA, CRISC, GSEC and more
[1] Locations placements are representative
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
© Copyright 2019. Private and confidential.
SECURING YOUR JOURNEY
TO THE CLOUD
Craig StorkCyberSecurity Solutions [email protected]
CONVERGEONECYBERSECURITY