Your SlideShare is downloading. ×
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

IDC Cloud Security and Managed Services Conference Riyadh KSA

452

Published on

IDC Cloud Security and Managed Services Conference in Riyadh Kingdom of Saudi Arabia

IDC Cloud Security and Managed Services Conference in Riyadh Kingdom of Saudi Arabia

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
452
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Cloud Security&Managed SecurityServices: Challenges & OpportunitiesJorge SebastiaoCOO
  • 2. Outline• Opportunities & challenges• Approach and opportunities in cloud security• Managed Security Services• Enterprise• Cloud Computing• Conclusions & discussion2
  • 3. Cloud, Processes & Transformation
  • 4. User remains biggest challenge
  • 5. Growth of cloud end pointsMainframeMinicomputerPCDesktop/InternetMobileInternet1101001000100001000001000000100000001950 1960 1970 1980 1990 2000 2010 2020 2030Devices/Users(millions)YearRef: ITU, Morgan Stanley Research, 2009- Smartphone- Tablets- Car Electronics-- Mobile Medicine-- Payment Systems-- Mobile Banking- GPS/Navigation- Mobile Video- Home Entertainment- Games- Home Appliances
  • 6. Cloud and BalanceSecurity &ComplianceConvenience& Cost saving
  • 7. Cloud and complexity
  • 8. Cloud is a shared environment
  • 9. Cloud high profile failures
  • 10. Cloud and Control
  • 11. Top 10 Security Issues1. Governance2. Compliance3. Trust4. Architecture5. Identity & Access control6. Isolation in multi-tenancy7. Data protection8. Availability9. Timely Incidence Response10. Malware propagation
  • 12. Identified top threats1. Abuse & Evil Use of Cloud ({I,P}aaS)2. Insecure Interfaces and APIs ({I,P,S}aaS)3. Malicious Insiders ({I,P,S}aaS)4. Shared Technology Issues (IaaS)5. Data Loss or leakage ({I,P,S}aaS)6. Account or Service Hijacking ({I,P,S}aaS)7. Unknown Risk Profile ({I,P,S}aaS)https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
  • 13. Hybrid Cloud & Security
  • 14. Cloud Security
  • 15. Key MSS Adoption Drivers
  • 16. Deploying MSSSecurity &ComplianceMonitor & IR• Monitoring and threatmanagement• Aggregation of logs• Anomaly detection• alertsPerimeterProtection• ManagedFirewall, UTM, IPS, Anti-Malware, etc.In cloud MSS• Clean pipes• Anti-malware, etc• AntifraudDOS/DDOSmitigationEnd-user/devicemanagement
  • 17. Typical Enterprise MSS setup
  • 18. Importance Security MetricsSecurity MetricsKey Performance IndicatorsCoBiT, Compliance, SOCITILISO20000ISMSISO27001BCMSISO22301Time Based Security
  • 19. Typical Cloud MSS setup
  • 20. Security - think outside the box20
  • 21. Importance of Big Data
  • 22. TransformAssess ArchitectSecurity requires transformation
  • 23. Final ThoughtsCloud represents important opportunities & challengesHybrid models most practicalSecurity is a challengeConsider:– Governance– Proactive Security– Collaborate & consolidate expertise– Security is a continuous skilled process– TBS – Protection > Detection + Reaction– Infinite time between failures vs 0 time to recovery“Don’t bring a knife to a gun fight”
  • 24. http://linkedin.com/in/sebastiao

×