Securing the Cloud

  • View
    20.083

  • Download
    0

Embed Size (px)

Text of Securing the Cloud

Securing the Cloud

Securing the CloudGlenn SolomonFeb 2016

1 team in the US and China$2.6 billion under management6 funds | 150+ investments15 years | 27 IPOsGLENN SOLOMONManaging Partner 10 years at GGV CapitalEnterprise, SaaS, Cloud, Security, Mobilegoinglongblog.com | @glennsolomon

Cybercrime is a Growth Industry Source: 2015 Verizon DBIR Report; ITRC ; HP 2015 Cost of Cyber Crime Study; The Global State of Information Security Survey 2015; McAfee Net Losses Estimating the Cost of Cybercrime42.8MSecurity Incidents5,810Confirmed Data Breaches61Countries

$445BAnnual Cost to the Global Economy

3

Data Breaches by the Numbers1,023,108,267Data Records Lost or Stolen in 2014

2,803,306 records lost or stolen every day116,793 records every hour1,947 records every minute32 records every second

Source: SafeNet The Art of Data Protection, Feb 2015Only 4% of breaches were Secure Breaches where encryption was used and the stolen data was rendered useless

4

Data Breaches are across all Industries

Source: WSJ

5

Hackers & Their Weapons

ParticipantsHackersHacktivistsCriminal OrganizationsCommercial VendorsState Sponsored Terror Groups

Available to PurchaseHacking ToolsZero-day ExploitsCredit Card DataeCommerce/Social-Media Credentials

Key ParticipantsEastern EuropeRussiaChinaUSLatin AmericaSource: RAND National Security Research Division

6

The Cybersecurity Landscape is Vast

Source: Momentum Partners

7

Common Threats & Victims

Identity TheftPhishingSocial EngineeringCyber AttackCyber Extortion

When you protect your company, you need to focus on all possible weaknesses. Hackers only need to find one way in

8

The Corporate ChallengeSource: 2015 Verizon DBIR Report; BTIG Security Report Attack of the Clones

Cloud-based ApplicationsSocial NetworkingVirtualizationBYOD

83 million software applications today;141 million by 2017

Stolen or weak credentials involved in 76% of cyber attacks

14% of attacks or exploits are on cloud services, applications, or storage systems

Mobile security breaches have affected 65% of global organizations inthe last 12 months

9

The Next Generation of Cyber Security Source: BTIG Security Report Attack of the ClonesLegacy Security CompaniesNext Generation Equivalent

Firewall/Intrusion Prevention SystemNext Generation Network Security AntivirusNext Generation Endpoint/Malicious DetectionWeb Gateway/URL FilteringCloud Security & Data ProtectionAuthentication, Authorization & AccountingIdentity & Access Management The New PerimeterSecure Event ManagementSecurity Intelligence & AnalyticsData SecurityData Security, Discovery, Clarification, Control & IntelData Loss Prevention Inside Threat ProtectionGovernance, Risk Management & ComplianceCompliance Automation and Data Governance

10

New Threat VectorsSource: Immuniweb, Symantec Internet Security Threat Report 2015; Crowd Research Partners Insider Threat ReportSocial Media ProtectionWhile email remains a significant attack vector, 70% of social media scams were manually shared.

Advanced Persistent ThreatsZero-day exploits are almost impossible to detect and will work 9 out of 10 cases because they have legal, financial and banking industry experts, psychologists, and even ex-law enforcement officers behind them.Insider ThreatsPrivileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations. This is followed by contractors, consultants, and regular employees. Compromised account credentials, or when someones account is hijacked, are also a big part of this risk.

11

New Threat Vectors

Internet of ThingsThese hubs, switches, and router are increasingly used to target the network. They have processing, storage, and internet connectivity.Mobile Security & ProtectionAs more users rely on their mobile devices, more spam, scams, and threats are tailored to these devices. Mobile malware such as bootkits will become harder to remove.Critical InfrastructureThe most significant trend is the use of malware to compromise supervisory control and data acquisition (SCADA) systems,including Homeless Management Information System (HMIS), historians, andother connected devices.

Source: Symantec Internet Security Threat Report 2015; Crowd Research Partners Insider Threat Report

12

Approaches Over Time1987-20092009-20142014 onward2015 onwardSignaturesSandboxesAnomaly DetectionZero-TrustAPTAttack Sophistication Level

Hammertoss, Black Energy, etcEndpoint

ContentNetwork

Source: Based on Agari presentation material

13

Modern Security Challenges in the CloudChallenge: Corporate services are migrating to the cloudSecure Application AccessPrivileged Access Management

Multi-FactorAuthentication

Firewalls

Network Access Control

SSO

Challenge: Dynamic workloads due to multi-tiered apps & virtualization, containers, micro-services, etc.Protect Server to Server InteractionsCloud Workload Management

Machine Firewalls

Modern Security Challenges in the Cloud (cont)Challenge: Employees on websites via HTTP and mail some maliciousSecuring Employee to InternetCloud Policy Management

Cloud Access Security Brokers

SaaS Data Encryption

Challenge: Rapid development cycles leave little room for security checksWeb App Security RASPs

WAFs

CDNs

Emerging Protection for Emerging ThreatsInsider Threat DetectionMachine Learning to Spot AttacksIndustrial & Connected Device Security

16

Security Startups Raised $10.9B across 1074 Deals since 2010

Source: Momentum Partners, CB Insights

17

Additional ResourcesBooks

Blogs

http://goinglongblog.com/ https://krebsonsecurity.com/

18

Q&A