SlideShare a Scribd company logo

Keith prabhu cloud security-public

administrator_confidis
administrator_confidis
TechnologyBusiness
1 of 12
Download to read offline
www.confidis.coTechnology Consulting Cloud Security Emerging Trends June 12, 2013 Keith Prabhu Master of Business (Australia), CCSK, MBCI, CISSP, CISA Executive Director, Confidis Advisory Services Founder & Director, Cloud Security Alliance, Mumbai Chapter
www.confidis.co Storyline Need for Cloud Security Threats Inhibiting Cloud Adoption Cloud Vulnerabilities Research CSA Resources Need for CCSK New Trends
www.confidis.co Need for Cloud Security • Previously users, applications and data were secured within the organization’s perimeter • Mobility was restricted • Firewalls were used to keep the bad guys out and employees in • Standardized access devices were owned by the organizations • Employees had to conform to IT policies The Good (?) Old days…
www.confidis.co Need for Cloud Security • Confidential data resides in the Cloud • Data is everywhere • IT users need to access data located outside the organization’s perimeter • IT users can BYOD while organizations need to allow access to partner apps • IT users can buy business apps “off the Cloud” without IT knowing let alone approving it Today’s Scenario
www.confidis.co Threats inhibiting Cloud Adoption Source: The Notorious Nine. Cloud Computing Top Threats in 2013, Cloud Security Alliance https://cloudsecurityalliance.org/research/top-threats/ Cloud Computing Top Threats 2013 #1 Data Breaches #2 Data Loss #3 Account Hijacking #4 Insecure APIs #5 Denial of Service #6 Malicious Insiders #7 Abuse of Cloud Services #8 Insufficient Due Diligence #9 Shared Technology Issues
www.confidis.co Cloud Vulnerabilities Research Source: CSA Research, Dr. Ryan Ko, Sr. Lecturer, University of Waikato
www.confidis.co Assessing Security Maturity Incident Management and Forensics Consensus Assessments Initiative Cloud Controls Matrix Trusted Cloud Initiative Top Threats to Cloud Computing
www.confidis.co Need for Cloud Security Knowledge Professionals • While large areas of IT Security remain the same, new combinations of technology have resulted in new security challenges • These new challenges require a study of security from a Cloud perspective • Certificate of Cloud Security Knowledge (CCSK) is available from CSA • Key guidance available in form of: • CSA Guidance • ENISA
www.confidis.co New Trends/Challenges in Cloud Security Cloud Application Protection: Application protection repeatedly tests an application to see if changes in code were made, preventing hackers intent on putting their own malicious code into applications. This is now available as a service from the Cloud Open Certification Framework The CSA Open Certification Framework is an industry initiative to allow global, accredited, trusted certification of cloud providers. Big Data Security in the Cloud: The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. (https://cloudsecurityalliance.org/research/big-data/) Encryption: Mitigating risks of extraction of keys from memory Forensics in the Cloud: Ways to conduct forensic investigation in a shared environment
www.confidis.co Cloud Security Alliance • Global, not-for-profit organization • Over 45,000+ individual members, 100+ corporate members • Building best practices and a trusted cloud ecosystem • Agile philosophy, rapid development of applied research − GRC: Balance compliance with risk management − Reference models: build using existing standards − Identity: a key foundation of a functioning cloud economy − Champion interoperability − Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” Join: Cloud Security Alliance, Mumbai Chapter on LinkedIn (http://www.linkedin.com/groups?gid=2963138)
www.confidis.co Thank You!
www.confidis.co Contact Us For any further information, please contact: Keith Prabhu Executive Director Confidis Advisory Services Private Limited Email: info @ confidis DOT co

Recommended

Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 
(SACON) Srinivas posarala - Challenges & Approach
(SACON) Srinivas posarala - Challenges & Approach(SACON) Srinivas posarala - Challenges & Approach
(SACON) Srinivas posarala - Challenges & ApproachPriyanka Aash
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
JoTechies - Azure Cloud Security
JoTechies - Azure Cloud SecurityJoTechies - Azure Cloud Security
JoTechies - Azure Cloud SecurityJoTechies
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Ariel Litvin - CCSK
Ariel Litvin - CCSKAriel Litvin - CCSK
Ariel Litvin - CCSKCSAIsrael
 
JoTechies - Infrastructure as a Service IaaS
JoTechies - Infrastructure as a Service IaaSJoTechies - Infrastructure as a Service IaaS
JoTechies - Infrastructure as a Service IaaSJoTechies
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 

Recommended

Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 
(SACON) Srinivas posarala - Challenges & Approach
(SACON) Srinivas posarala - Challenges & Approach(SACON) Srinivas posarala - Challenges & Approach
(SACON) Srinivas posarala - Challenges & ApproachPriyanka Aash
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
JoTechies - Azure Cloud Security
JoTechies - Azure Cloud SecurityJoTechies - Azure Cloud Security
JoTechies - Azure Cloud SecurityJoTechies
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Ariel Litvin - CCSK
Ariel Litvin - CCSKAriel Litvin - CCSK
Ariel Litvin - CCSKCSAIsrael
 
JoTechies - Infrastructure as a Service IaaS
JoTechies - Infrastructure as a Service IaaSJoTechies - Infrastructure as a Service IaaS
JoTechies - Infrastructure as a Service IaaSJoTechies
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 
Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...Mark Skilton
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudPaaSword EU Project
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?Citrix
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Jisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtInfosecurity2010
 
Mondi Group
Mondi GroupMondi Group
Mondi GroupCisco Case Studies
 
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's ProblemsDevil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problemsscoopnewsgroup
 
Hakfest2015-Tunisia
Hakfest2015-TunisiaHakfest2015-Tunisia
Hakfest2015-Tunisiasoufiene chraigui
 
Security and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing EnvironmentsSecurity and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing EnvironmentsEyob Sisay
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2Redazione InnovaPuglia
 
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...Veritas Technologies LLC
 
SYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobileSYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobileCitrix
 
Optimize operations
Optimize operationsOptimize operations
Optimize operationsYounes Boukamher
 
Cloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloudCloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloudPeter HJ van Eijk
 
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...ekyklos Κύκλος Ιδεών για τη Εθνική Ανασυγκρότηση
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Andris Soroka
 
Encryption Algorithms for Cloud
Encryption Algorithms for CloudEncryption Algorithms for Cloud
Encryption Algorithms for CloudMphasis
 
Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...Citrix
 
第四組-潮限量
第四組-潮限量第四組-潮限量
第四組-潮限量Visual Cognition and Modeling Lab
 
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...Digital Megaphone
 

More Related Content

What's hot

Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...Mark Skilton
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudPaaSword EU Project
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?Citrix
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Jisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtInfosecurity2010
 
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's ProblemsDevil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problemsscoopnewsgroup
 
Security and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing EnvironmentsSecurity and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing EnvironmentsEyob Sisay
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2Redazione InnovaPuglia
 
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...Veritas Technologies LLC
 
SYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobileSYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobileCitrix
 
Cloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloudCloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloudPeter HJ van Eijk
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Andris Soroka
 
Encryption Algorithms for Cloud
Encryption Algorithms for CloudEncryption Algorithms for Cloud
Encryption Algorithms for CloudMphasis
 
Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...Citrix
 

What's hot (20)

Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...Identity privacy and data protection in the cloud – what is being done is it ...
Identity privacy and data protection in the cloud – what is being done is it ...
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
 
Jisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategies
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
 
Mondi Group
Mondi GroupMondi Group
Mondi Group
 
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's ProblemsDevil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems
 
Hakfest2015-Tunisia
Hakfest2015-TunisiaHakfest2015-Tunisia
Hakfest2015-Tunisia
 
Security and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing EnvironmentsSecurity and Privacy Challenges in Cloud Computing Environments
Security and Privacy Challenges in Cloud Computing Environments
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
 
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
Mike Palmer of Veritas: Debunking the myths of multi-cloud to achieve 360 Dat...
 
SYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobileSYN111: What's New and Exciting with XenMobile
SYN111: What's New and Exciting with XenMobile
 
Optimize operations
Optimize operationsOptimize operations
Optimize operations
 
Cloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloudCloud Encounters: Measuring the computing cloud
Cloud Encounters: Measuring the computing cloud
 
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
 
Encryption Algorithms for Cloud
Encryption Algorithms for CloudEncryption Algorithms for Cloud
Encryption Algorithms for Cloud
 
Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...Delivering Business Agility through Datacenter Automation with Citrix NetScal...
Delivering Business Agility through Datacenter Automation with Citrix NetScal...
 

Viewers also liked

Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...Digital Megaphone
 
Schmitt ama 2.5 presentation
Schmitt ama 2.5 presentationSchmitt ama 2.5 presentation
Schmitt ama 2.5 presentationjamiejacks
 
UX on Agile - Pradeep Joseph
UX on Agile - Pradeep Joseph UX on Agile - Pradeep Joseph
UX on Agile - Pradeep JosephSTC India UX SIG
 
Tcca Playbill 2008 Full
Tcca Playbill 2008 FullTcca Playbill 2008 Full
Tcca Playbill 2008 Fullguest085108d
 
SMI Social Media and Direct Response
SMI Social Media and Direct ResponseSMI Social Media and Direct Response
SMI Social Media and Direct Responsesdberg04
 
Mobile Advertising news update
Mobile Advertising news updateMobile Advertising news update
Mobile Advertising news updateMobiClicks
 
Executive on boarding (appendix), dr. gordon curphy
Executive on boarding (appendix), dr. gordon curphyExecutive on boarding (appendix), dr. gordon curphy
Executive on boarding (appendix), dr. gordon curphyGordon (Gordy) Curphy, PhD
 
Catálogo+para+centros+educativos
Catálogo+para+centros+educativosCatálogo+para+centros+educativos
Catálogo+para+centros+educativosesthertorres
 
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2MSL
 
Facebook Marketing
Facebook MarketingFacebook Marketing
Facebook MarketingJens Wiese
 
LinkedInAgent Strategy & Pricing
LinkedInAgent Strategy & PricingLinkedInAgent Strategy & Pricing
LinkedInAgent Strategy & Pricingdgemp01
 
Open Source business models
Open Source business modelsOpen Source business models
Open Source business modelsZak Borg
 
Seed Capital
Seed CapitalSeed Capital
Seed Capitaljpeiro
 
MYX OC Recap
MYX OC RecapMYX OC Recap
MYX OC RecapMai Tran
 
RaVioli: A Parallel Vide Processing Library with Auto Resolution Adjustability
RaVioli: A Parallel Vide Processing Library with Auto Resolution AdjustabilityRaVioli: A Parallel Vide Processing Library with Auto Resolution Adjustability
RaVioli: A Parallel Vide Processing Library with Auto Resolution AdjustabilityMatsuo and Tsumura lab.
 
P-selectin may reduce myocardial damage during PCI in non-STEMI patients
P-selectin may reduce myocardial damage during PCI in non-STEMI patientsP-selectin may reduce myocardial damage during PCI in non-STEMI patients
P-selectin may reduce myocardial damage during PCI in non-STEMI patientsTrimed Media Group
 
School Opening Institute 2011
School Opening Institute 2011School Opening Institute 2011
School Opening Institute 2011Lisa Colton
 

Viewers also liked (20)

第四組-潮限量
第四組-潮限量第四組-潮限量
第四組-潮限量
 
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
Summit Session: Monitoring & Measurement: How to Improve Your Brand’s Voice i...
 
Schmitt ama 2.5 presentation
Schmitt ama 2.5 presentationSchmitt ama 2.5 presentation
Schmitt ama 2.5 presentation
 
UX on Agile - Pradeep Joseph
UX on Agile - Pradeep Joseph UX on Agile - Pradeep Joseph
UX on Agile - Pradeep Joseph
 
Tcca Playbill 2008 Full
Tcca Playbill 2008 FullTcca Playbill 2008 Full
Tcca Playbill 2008 Full
 
SMI Social Media and Direct Response
SMI Social Media and Direct ResponseSMI Social Media and Direct Response
SMI Social Media and Direct Response
 
Mobile Advertising news update
Mobile Advertising news updateMobile Advertising news update
Mobile Advertising news update
 
Executive on boarding (appendix), dr. gordon curphy
Executive on boarding (appendix), dr. gordon curphyExecutive on boarding (appendix), dr. gordon curphy
Executive on boarding (appendix), dr. gordon curphy
 
Catálogo+para+centros+educativos
Catálogo+para+centros+educativosCatálogo+para+centros+educativos
Catálogo+para+centros+educativos
 
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2
Let's Move! Cities, Towns and Counties: People's Insights Vol. 2 Issue 2
 
2012-04-05 Small Business Cloud Computing
2012-04-05 Small Business Cloud Computing2012-04-05 Small Business Cloud Computing
2012-04-05 Small Business Cloud Computing
 
Facebook Marketing
Facebook MarketingFacebook Marketing
Facebook Marketing
 
LinkedInAgent Strategy & Pricing
LinkedInAgent Strategy & PricingLinkedInAgent Strategy & Pricing
LinkedInAgent Strategy & Pricing
 
Open Source business models
Open Source business modelsOpen Source business models
Open Source business models
 
Seed Capital
Seed CapitalSeed Capital
Seed Capital
 
MYX OC Recap
MYX OC RecapMYX OC Recap
MYX OC Recap
 
RaVioli: A Parallel Vide Processing Library with Auto Resolution Adjustability
RaVioli: A Parallel Vide Processing Library with Auto Resolution AdjustabilityRaVioli: A Parallel Vide Processing Library with Auto Resolution Adjustability
RaVioli: A Parallel Vide Processing Library with Auto Resolution Adjustability
 
P-selectin may reduce myocardial damage during PCI in non-STEMI patients
P-selectin may reduce myocardial damage during PCI in non-STEMI patientsP-selectin may reduce myocardial damage during PCI in non-STEMI patients
P-selectin may reduce myocardial damage during PCI in non-STEMI patients
 
Cloudsallaroundcloudpics
CloudsallaroundcloudpicsCloudsallaroundcloudpics
Cloudsallaroundcloudpics
 
School Opening Institute 2011
School Opening Institute 2011School Opening Institute 2011
School Opening Institute 2011
 

Similar to Keith prabhu cloud security-public

Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?Jody Keyser
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Cloud Security Alliance Lviv Chapter
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Charting a path to the cloud final
Charting a path to the cloud finalCharting a path to the cloud final
Charting a path to the cloud finalScott Clinton
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingPhil Agcaoili
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14L S Subramanian
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxGhofraneFerchichi2
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfCiente
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxlior mazor
 
Keith prabhu global high on cloud summit
Keith prabhu global high on cloud summitKeith prabhu global high on cloud summit
Keith prabhu global high on cloud summitadministrator_confidis
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxinfosec train
 
Keeping Security In-Step with Your Application Demand Curve
Keeping Security In-Step with Your Application Demand CurveKeeping Security In-Step with Your Application Demand Curve
Keeping Security In-Step with Your Application Demand CurveAmazon Web Services
 
Keeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveKeeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveAmazon Web Services
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
 

Similar to Keith prabhu cloud security-public (20)

Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
 
Charting a path to the cloud final
Charting a path to the cloud finalCharting a path to the cloud final
Charting a path to the cloud final
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
 
Keith prabhu global high on cloud summit
Keith prabhu global high on cloud summitKeith prabhu global high on cloud summit
Keith prabhu global high on cloud summit
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
What is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptxWhat is the significance of cybersecurity in cloud.pptx
What is the significance of cybersecurity in cloud.pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Keeping Security In-Step with Your Application Demand Curve
Keeping Security In-Step with Your Application Demand CurveKeeping Security In-Step with Your Application Demand Curve
Keeping Security In-Step with Your Application Demand Curve
 
Keeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveKeeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand Curve
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 

Recently uploaded

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 

Recently uploaded (20)

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 

Keith prabhu cloud security-public

  • 1. www.confidis.coTechnology Consulting Cloud Security Emerging Trends June 12, 2013 Keith Prabhu Master of Business (Australia), CCSK, MBCI, CISSP, CISA Executive Director, Confidis Advisory Services Founder & Director, Cloud Security Alliance, Mumbai Chapter
  • 2. www.confidis.co Storyline Need for Cloud Security Threats Inhibiting Cloud Adoption Cloud Vulnerabilities Research CSA Resources Need for CCSK New Trends
  • 3. www.confidis.co Need for Cloud Security • Previously users, applications and data were secured within the organization’s perimeter • Mobility was restricted • Firewalls were used to keep the bad guys out and employees in • Standardized access devices were owned by the organizations • Employees had to conform to IT policies The Good (?) Old days…
  • 4. www.confidis.co Need for Cloud Security • Confidential data resides in the Cloud • Data is everywhere • IT users need to access data located outside the organization’s perimeter • IT users can BYOD while organizations need to allow access to partner apps • IT users can buy business apps “off the Cloud” without IT knowing let alone approving it Today’s Scenario
  • 5. www.confidis.co Threats inhibiting Cloud Adoption Source: The Notorious Nine. Cloud Computing Top Threats in 2013, Cloud Security Alliance https://cloudsecurityalliance.org/research/top-threats/ Cloud Computing Top Threats 2013 #1 Data Breaches #2 Data Loss #3 Account Hijacking #4 Insecure APIs #5 Denial of Service #6 Malicious Insiders #7 Abuse of Cloud Services #8 Insufficient Due Diligence #9 Shared Technology Issues
  • 6. www.confidis.co Cloud Vulnerabilities Research Source: CSA Research, Dr. Ryan Ko, Sr. Lecturer, University of Waikato
  • 7. www.confidis.co Assessing Security Maturity Incident Management and Forensics Consensus Assessments Initiative Cloud Controls Matrix Trusted Cloud Initiative Top Threats to Cloud Computing
  • 8. www.confidis.co Need for Cloud Security Knowledge Professionals • While large areas of IT Security remain the same, new combinations of technology have resulted in new security challenges • These new challenges require a study of security from a Cloud perspective • Certificate of Cloud Security Knowledge (CCSK) is available from CSA • Key guidance available in form of: • CSA Guidance • ENISA
  • 9. www.confidis.co New Trends/Challenges in Cloud Security Cloud Application Protection: Application protection repeatedly tests an application to see if changes in code were made, preventing hackers intent on putting their own malicious code into applications. This is now available as a service from the Cloud Open Certification Framework The CSA Open Certification Framework is an industry initiative to allow global, accredited, trusted certification of cloud providers. Big Data Security in the Cloud: The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. (https://cloudsecurityalliance.org/research/big-data/) Encryption: Mitigating risks of extraction of keys from memory Forensics in the Cloud: Ways to conduct forensic investigation in a shared environment
  • 10. www.confidis.co Cloud Security Alliance • Global, not-for-profit organization • Over 45,000+ individual members, 100+ corporate members • Building best practices and a trusted cloud ecosystem • Agile philosophy, rapid development of applied research − GRC: Balance compliance with risk management − Reference models: build using existing standards − Identity: a key foundation of a functioning cloud economy − Champion interoperability − Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.” Join: Cloud Security Alliance, Mumbai Chapter on LinkedIn (http://www.linkedin.com/groups?gid=2963138)
  • 12. www.confidis.co Contact Us For any further information, please contact: Keith Prabhu Executive Director Confidis Advisory Services Private Limited Email: info @ confidis DOT co