SlideShare a Scribd company logo
1 of 42
Download to read offline
John Yeoh
Global VP of
Research at CSA
Yitzy Tannenbaum
Product Marketing
Manager at AlgoSec
WELCOME
Have a question? Submit it via the chat tab or email us:
This webinar is being recorded!
The recording will be emailed to you after the webinar
And the slides will be available in the Attachments tab
Follow us online !
2
marketing@algosec.com
AGENDA
Complexity of the modern-day network
01
Visibility
02
Who’s responsible for cloud security
03
3
04
05
Compliance
Misconfigurations and Outages
Source: Cloud Security Alliance (CSA) survey, March 2019
WHAT PERCENTAGE OF YOUR WORKLOADS DOES YOUR
ORGANIZATION CURRENTLY RUN IN THE PUBLIC CLOUD IN
PRODUCTION?
9.30%
37.75%
20.57%
11.09%
5.90%
8.05%
We do not deploy any
workloads in the cloud
1-20% 21-40% 41%-60% 61%-80% 81%-100%
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
4
Source: Cloud Security Alliance (CSA) survey, March 2019
BY THE END OF THE YEAR 2020, WHAT PERCENTAGE OF YOUR
WORKLOADS DO YOU ANTICIPATE YOUR ORGANIZATION WILL BE
RUNNING IN THE PUBLIC CLOUD IN PRODUCTION?
3.75%
14.64%
23.75%
18.93%
17.50%
13.57%
We will not deploy any
workloads in the cloud
1-20% 21-40% 41%-60% 61%-80% 81%-100%
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
5
Source: Cloud Security Alliance (CSA) survey, March 2019
WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER
WHEN ADOPTING A PUBLIC CLOUD PLATFORM
80.85%
62.48%
57.06%
49.13%
44.29% 43.71%
38.68%
35.01%
32.69%
23.02%
Security concerns Data loss and
leakage risks
Regulatory
compliance
Integration with the
rest of our IT
environment
Legal concerns Cost Visibility into
resources in the
cloud environment
Migration of
applications to the
cloud
Lack of expertise to
manage the cloud
environment
Lack of staff to
manage the cloud
environment
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
90.00%
6
Source: Cloud Security Alliance (CSA) survey, March 2019
WHICH PUBLIC CLOUD PLATFORMS DOES YOUR
ORGANIZATION USE?
7
60.70%
56.45%
25.22%
4.40%
8.50%
7.04%
3.08%
9.24% 8.36%
Amazon Web Services
(AWS)
Microsoft Azure Google Cloud Platform Alibaba Cloud IBM cloud Oracle cloud Unsure None Other (please specify)
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
Source: Cloud Security Alliance (CSA) survey, March 2019
WHICH PRIVATE CLOUD PLATFORMS DOES YOUR
ORGANIZATION USE
49.34%
18.46%
14.33% 14.33%
22.45%
5.61%
VMware NSX OpenStack Cisco ACI Unsure None Other (please specify)
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
8
Source: Cloud Security Alliance (CSA) survey, March 2019
66% use multiple clouds. In
fact, more than a third
(35%) of respondents using
cloud leverage 3+ cloud
platform vendors
Organizations may use both
public and private clouds.
More than half (55%) operate
in a hybrid-cloud
environment
36% have a combination of
multi-cloud and hybrid-cloud
environment
SECURITY NETWORK COMPLEXITY
9
MANAGING SECURITY IN THE CLOUD IS COMPLEX
MULTIPLE CLOUDS
Private
Clouds
Multi
Public Clouds
On-Prem Intranet Dedicated Server
10
MANAGING SECURITY IN THE CLOUD IS COMPLEX
MULTIPLE LAYERS OF SECURITY CONTROLS
3rd party Security Vendors
Products
Cloud Infra Security
Controls
Security Products by
Cloud Providers
11
Source: Cloud Security Alliance (CSA) survey, March 2019
WHAT NETWORK SECURITY CONTROLS DO YOU CURRENTLY
USE TO SECURE YOUR PUBLIC CLOUD DEPLOYMENTS?
70.37%
58.48%
45.03%
31.58%
4.29%
Cloud provider’s native security controls
(e.g. Security Groups, Network ACLs)
Cloud provider’s additional security
controls (e.g. Azure Firewall, AWS WAF)
Virtual editions of traditional firewalls (e.g.
Palo Alto Networks, Check Point,
Barracuda) deployed in the cloud
environment
Host based enforcement Other (please specify)
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
12
Source: Cloud Security Alliance (CSA) survey, March 2019
PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM
POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD?
3.35
3.21 3.16 3.1 3.09 3.07
2.89
2.73
Proactively detecting
misconfigurations and
security risks
Lack of visibility into the
entire cloud estate
Compliance and preparing
for audits
Managing both cloud and
on-prem environments
Managing a multi-cloud
environment
Lack of expertise in cloud-
native security constructs
Troubleshooting
connectivity issues
Understanding which
team is responsible for
cloud security
0
0.5
1
1.5
2
2.5
3
3.5
4
13
Source: Cloud Security Alliance (CSA) survey, March 2019
WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER
WHEN ADOPTING A PUBLIC CLOUD PLATFORM?
80.85%
62.48%
57.06%
49.13%
44.29% 43.71%
38.68%
35.01%
32.69%
23.02%
Security concerns Data loss and
leakage risks
Regulatory
compliance
Integration with
the rest of our IT
environment
Legal concerns Cost Visibility into
resources in the
cloud environment
Migration of
applications to the
cloud
Lack of expertise
to manage the
cloud environment
Lack of staff to
manage the cloud
environment
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
90.00%
14
Source: Cloud Security Alliance (CSA) survey, March 2019
PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM POSES
IN MANAGING SECURITY IN THE PUBLIC CLOUD?
3.35
3.21 3.16 3.1 3.09 3.07
2.89
2.73
Proactively detecting
misconfigurations and
security risks
Lack of visibility into the
entire cloud estate
Compliance and preparing
for audits
Managing both cloud and
on-prem environments
Managing a multi-cloud
environment
Lack of expertise in cloud-
native security constructs
Troubleshooting
connectivity issues
Understanding which
team is responsible for
cloud security
0
0.5
1
1.5
2
2.5
3
3.5
4
15
16
VISIBILITY – REQUIREMENTS
Full visibility into all
elements that make
up your network:
cloud, SDN and on-
premise
Single pane of glass
to manage security
controls
Unified management
of security policy
across hybrid
environments and
mixed environments
Discovery and mapping of
business application
connectivity
requirements to the
network infrastructure
Platform Security Control Application ConnectivityPolicy
A SINGLE PANE OF GLASS INTO YOUR ENTIRE NETWORK
Native Cloud Security Models
Virtual appliance in the cloud
Traditional FW
17
Source: Cloud Security Alliance (CSA) survey, March 201918 | Confidential
18
2019 05-22 CSA Study: Security Challenges in Cloud Environments
Source: Cloud Security Alliance (CSA) survey, March 2019
WHICH TEAM IS RESPONSIBLE FOR MANAGING
SECURITY IN THE PUBLIC CLOUD?
35.59%
28.24%
15.28%
6.00%
3.87% 3.87% 3.48% 3.68%
Information Security IT Operations Cloud team within the IT
department
Application Owners /
Developers / DevOps
Managed Service
Provider
CISO Not sure Other (please specify)
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
20
WHO IS RESPONSIBLE FOR YOUR CLOUD SECURITY?
Customer Data
Platform, Application, Identity & Access Management
Operating System, Network & Firewall Configuration
Client-side Data Encryption &
Data Integrity Authentication
Server-side Encryption
(File System and/or Data)
Network Traffic Protection
(Encryption/ Integrity/ Identity)
Compute Storage Database Networking
AWS Global
Infrastructure
Region
Availability zones
Edge location
Source: Amazon Web Services
Customer
Responsible for
security ‘in’ the
cloud
AWS
Responsible for
security ‘of’ the
cloud
MANAGING SECURITY IN THE CLOUD IS COMPLEX
Multiple Stakeholders
Application Developers/
DevOps
CISO IT / Network Security Cloud Teams
Security Operations
22
02.
03
Actionable risk
management
MANAGE SECURITY RISKS OF CLOUD ASSETS
23
01
Risk notifications
02.
02
At-a-glance security
posture view
2019 05-22 CSA Study: Security Challenges in Cloud Environments
Source: Cloud Security Alliance (CSA) survey, March 2019
WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER
WHEN ADOPTING A PUBLIC CLOUD PLATFORM?
80.85%
62.48%
57.06%
49.13%
44.29% 43.71%
38.68%
35.01%
32.69%
23.02%
2.32%
Security concerns Data loss and
leakage risks
Regulatory
compliance
Integration with
the rest of our IT
environment
Legal concerns Cost Visibility into
resources in the
cloud
environment
Migration of
applications to
the cloud
Lack of expertise
to manage the
cloud
environment
Lack of staff to
manage the
cloud
environment
Other (please
specify)
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
90.00%
25
Source: Cloud Security Alliance (CSA) survey, March 2019
PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM
POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD?
3.35
3.21 3.16 3.1 3.09 3.07
2.89
2.73
Proactively detecting
misconfigurations and
security risks
Lack of visibility into the
entire cloud estate
Compliance and preparing
for audits
Managing both cloud and
on-prem environments
Managing a multi-cloud
environment
Lack of expertise in cloud-
native security constructs
Troubleshooting
connectivity issues
Understanding which
team is responsible for
cloud security
0
0.5
1
1.5
2
2.5
3
3.5
4
26
POLL
How much of your time is invested in preparing for audits?
 Less than a week
 1 – 2 weeks
 2 – 4 weeks
 1 – 2 Months
 2+ Months
Please vote using
the “Votes” tab
27
Source: Cloud Security Alliance (CSA) survey, March 2019
COMPLIANCE –
REQUIREMENTS
Instant generation of audit-ready reports
for major regulations, including PCI,
GDPR, HIPAA, SOX, NERC etc.
Generate custom reports for internal
compliance mandates
Proactive checks of every change for
internal and regulatory compliance
and/or network segmentation violations
28
?
?
PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM
POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD?
3.35
3.21 3.16 3.1 3.09 3.07
2.89
2.73
Proactively detecting
misconfigurations and
security risks
Lack of visibility into the
entire cloud estate
Compliance and
preparing for audits
Managing both cloud
and on-prem
environments
Managing a multi-cloud
environment
Lack of expertise in
cloud-native security
constructs
Troubleshooting
connectivity issues
Understanding which
team is responsible for
cloud security
0
0.5
1
1.5
2
2.5
3
3.5
4
31
HAS YOUR ORGANIZATION EXPERIENCED A NETWORK
OR APPLICATION OUTAGE IN THE LAST YEAR?
42.57% 42.77%
14.65%
Yes No Not sure
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
45.00%
32
WHAT WAS THE MAIN CONTRIBUTOR TO YOUR
NETWORK OR APPLICATION OUTAGE IN THE LAST YEAR?
20.36%
19.76%
15.32%
12.10%
8.47%
5.24% 5.24%
3.23%
2.22%
1.01%
7.06%
Not sure Operational
human errors and
mismanagement
of devices
Device
configuration
changes
Faults, errors, or
discards in
network devices
Link failure caused
due to fibre cable
cuts or network
congestion
Server hardware
failure
Power outages Failed software
and firmware
upgrade or
patches
Security attacks
such as denial of
service (DoS)
Incompatibility
between firmware
and hardware
device
Other (please
specify)
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
33
IF YOU EXPERIENCED A NETWORK OR APPLICATION OUTAGE,
HOW LONG DID IT LAST BEFORE IT WAS RESTORED TO NORMAL
OPERATION?
35.03% 34.39%
19.32%
7.86%
2.55%
0.85%
Less than 1 hour 1 to 3 hours 3 to 5 hours A working day Longer than one working day Longer than a week
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
34
THE COST OF NETWORK DOWNTIME
According to Gartner
The average cost of network downtime is about
$5,600 per minute,
just about $300,000 per hour
Source: https://blogs.gartner.com/andrew-lerner/2014/07/16/the-cost-of-downtime/
Validate the
change
Map
devices in
path
Check for
risk
involved
Plan the
Rules
Implement
the change
on the
devices
CHANGE AUTOMATION
Request a
network
change
36
SUMMARY
37
• Networks are complex
• Multiple cloud vendors
• On-prem, private and public cloud
• Multiple stake-holders
• Challenges in the hybrid estate
• Visibility
• Who’s responsible for cloud security
• Compliance
• Human errors and misconfigurations
• Outages can be costly
• They can be eliminate with automation
• You can apply your security guidelines in the cloud
if you choose the right tools
Q & A
Submit your questions via the chat
Request a Demo: marketing@algosec.com
https://www.algosec.com/resources
PPTREPORT
39
Yitzy Tannenbaum https://www.linkedin.com/in/yitzy-tannenbaum-673552b1/
John Yeoh https://www.linkedin.com/in/johnyeoh/
AlgoSec https://www.linkedin.com/company/algosec/
40
JOIN OUR COMMUNITY
Follow us for the latest on security policy management trends, tips & tricks,
best practices, thought leadership, fun stuff, prizes and much more!
Subscribe to our YouTube channel for
a wide range of educational videos
presented by Professor Wool
youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog
ALGOSUMMIT
THE PREMIER EVENT FOR
ALGOSEC CUSTOMERS & CHANNEL PARTNERS
41
Dallas | Oct 21-24
2019
www.algosec.com/algosummit
UPCOMING WEBINARS
May 29th
Cisco Firepower Migration –
Joint Webinar
June 12th
Application Connectivity
June 26th
Fortinet – Joint Webinar
THANK YOU!
Questions
marketing@algosec.com

More Related Content

More from AlgoSec

Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to executionAlgoSec
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarAlgoSec
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationAlgoSec
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...AlgoSec
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...AlgoSec
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time AlgoSec
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementAlgoSec
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solutionAlgoSec
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar finalAlgoSec
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)AlgoSec
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteAlgoSec
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentAlgoSec
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...AlgoSec
 
Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationAlgoSec
 
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...AlgoSec
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinarAlgoSec
 

More from AlgoSec (20)

Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinar
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertification
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
 
2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management Suite
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...
 
Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organization
 
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar
 

Recently uploaded

Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 

Recently uploaded (20)

Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 

2019 05-22 CSA Study: Security Challenges in Cloud Environments

  • 1. John Yeoh Global VP of Research at CSA Yitzy Tannenbaum Product Marketing Manager at AlgoSec
  • 2. WELCOME Have a question? Submit it via the chat tab or email us: This webinar is being recorded! The recording will be emailed to you after the webinar And the slides will be available in the Attachments tab Follow us online ! 2 marketing@algosec.com
  • 3. AGENDA Complexity of the modern-day network 01 Visibility 02 Who’s responsible for cloud security 03 3 04 05 Compliance Misconfigurations and Outages
  • 4. Source: Cloud Security Alliance (CSA) survey, March 2019 WHAT PERCENTAGE OF YOUR WORKLOADS DOES YOUR ORGANIZATION CURRENTLY RUN IN THE PUBLIC CLOUD IN PRODUCTION? 9.30% 37.75% 20.57% 11.09% 5.90% 8.05% We do not deploy any workloads in the cloud 1-20% 21-40% 41%-60% 61%-80% 81%-100% 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% 35.00% 40.00% 4
  • 5. Source: Cloud Security Alliance (CSA) survey, March 2019 BY THE END OF THE YEAR 2020, WHAT PERCENTAGE OF YOUR WORKLOADS DO YOU ANTICIPATE YOUR ORGANIZATION WILL BE RUNNING IN THE PUBLIC CLOUD IN PRODUCTION? 3.75% 14.64% 23.75% 18.93% 17.50% 13.57% We will not deploy any workloads in the cloud 1-20% 21-40% 41%-60% 61%-80% 81%-100% 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 5
  • 6. Source: Cloud Security Alliance (CSA) survey, March 2019 WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER WHEN ADOPTING A PUBLIC CLOUD PLATFORM 80.85% 62.48% 57.06% 49.13% 44.29% 43.71% 38.68% 35.01% 32.69% 23.02% Security concerns Data loss and leakage risks Regulatory compliance Integration with the rest of our IT environment Legal concerns Cost Visibility into resources in the cloud environment Migration of applications to the cloud Lack of expertise to manage the cloud environment Lack of staff to manage the cloud environment 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00% 6
  • 7. Source: Cloud Security Alliance (CSA) survey, March 2019 WHICH PUBLIC CLOUD PLATFORMS DOES YOUR ORGANIZATION USE? 7 60.70% 56.45% 25.22% 4.40% 8.50% 7.04% 3.08% 9.24% 8.36% Amazon Web Services (AWS) Microsoft Azure Google Cloud Platform Alibaba Cloud IBM cloud Oracle cloud Unsure None Other (please specify) 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00%
  • 8. Source: Cloud Security Alliance (CSA) survey, March 2019 WHICH PRIVATE CLOUD PLATFORMS DOES YOUR ORGANIZATION USE 49.34% 18.46% 14.33% 14.33% 22.45% 5.61% VMware NSX OpenStack Cisco ACI Unsure None Other (please specify) 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 8
  • 9. Source: Cloud Security Alliance (CSA) survey, March 2019 66% use multiple clouds. In fact, more than a third (35%) of respondents using cloud leverage 3+ cloud platform vendors Organizations may use both public and private clouds. More than half (55%) operate in a hybrid-cloud environment 36% have a combination of multi-cloud and hybrid-cloud environment SECURITY NETWORK COMPLEXITY 9
  • 10. MANAGING SECURITY IN THE CLOUD IS COMPLEX MULTIPLE CLOUDS Private Clouds Multi Public Clouds On-Prem Intranet Dedicated Server 10
  • 11. MANAGING SECURITY IN THE CLOUD IS COMPLEX MULTIPLE LAYERS OF SECURITY CONTROLS 3rd party Security Vendors Products Cloud Infra Security Controls Security Products by Cloud Providers 11
  • 12. Source: Cloud Security Alliance (CSA) survey, March 2019 WHAT NETWORK SECURITY CONTROLS DO YOU CURRENTLY USE TO SECURE YOUR PUBLIC CLOUD DEPLOYMENTS? 70.37% 58.48% 45.03% 31.58% 4.29% Cloud provider’s native security controls (e.g. Security Groups, Network ACLs) Cloud provider’s additional security controls (e.g. Azure Firewall, AWS WAF) Virtual editions of traditional firewalls (e.g. Palo Alto Networks, Check Point, Barracuda) deployed in the cloud environment Host based enforcement Other (please specify) 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 12
  • 13. Source: Cloud Security Alliance (CSA) survey, March 2019 PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD? 3.35 3.21 3.16 3.1 3.09 3.07 2.89 2.73 Proactively detecting misconfigurations and security risks Lack of visibility into the entire cloud estate Compliance and preparing for audits Managing both cloud and on-prem environments Managing a multi-cloud environment Lack of expertise in cloud- native security constructs Troubleshooting connectivity issues Understanding which team is responsible for cloud security 0 0.5 1 1.5 2 2.5 3 3.5 4 13
  • 14. Source: Cloud Security Alliance (CSA) survey, March 2019 WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER WHEN ADOPTING A PUBLIC CLOUD PLATFORM? 80.85% 62.48% 57.06% 49.13% 44.29% 43.71% 38.68% 35.01% 32.69% 23.02% Security concerns Data loss and leakage risks Regulatory compliance Integration with the rest of our IT environment Legal concerns Cost Visibility into resources in the cloud environment Migration of applications to the cloud Lack of expertise to manage the cloud environment Lack of staff to manage the cloud environment 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00% 14
  • 15. Source: Cloud Security Alliance (CSA) survey, March 2019 PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD? 3.35 3.21 3.16 3.1 3.09 3.07 2.89 2.73 Proactively detecting misconfigurations and security risks Lack of visibility into the entire cloud estate Compliance and preparing for audits Managing both cloud and on-prem environments Managing a multi-cloud environment Lack of expertise in cloud- native security constructs Troubleshooting connectivity issues Understanding which team is responsible for cloud security 0 0.5 1 1.5 2 2.5 3 3.5 4 15
  • 16. 16 VISIBILITY – REQUIREMENTS Full visibility into all elements that make up your network: cloud, SDN and on- premise Single pane of glass to manage security controls Unified management of security policy across hybrid environments and mixed environments Discovery and mapping of business application connectivity requirements to the network infrastructure Platform Security Control Application ConnectivityPolicy
  • 17. A SINGLE PANE OF GLASS INTO YOUR ENTIRE NETWORK Native Cloud Security Models Virtual appliance in the cloud Traditional FW 17
  • 18. Source: Cloud Security Alliance (CSA) survey, March 201918 | Confidential 18
  • 20. Source: Cloud Security Alliance (CSA) survey, March 2019 WHICH TEAM IS RESPONSIBLE FOR MANAGING SECURITY IN THE PUBLIC CLOUD? 35.59% 28.24% 15.28% 6.00% 3.87% 3.87% 3.48% 3.68% Information Security IT Operations Cloud team within the IT department Application Owners / Developers / DevOps Managed Service Provider CISO Not sure Other (please specify) 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% 35.00% 40.00% 20
  • 21. WHO IS RESPONSIBLE FOR YOUR CLOUD SECURITY? Customer Data Platform, Application, Identity & Access Management Operating System, Network & Firewall Configuration Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/ Integrity/ Identity) Compute Storage Database Networking AWS Global Infrastructure Region Availability zones Edge location Source: Amazon Web Services Customer Responsible for security ‘in’ the cloud AWS Responsible for security ‘of’ the cloud
  • 22. MANAGING SECURITY IN THE CLOUD IS COMPLEX Multiple Stakeholders Application Developers/ DevOps CISO IT / Network Security Cloud Teams Security Operations 22
  • 23. 02. 03 Actionable risk management MANAGE SECURITY RISKS OF CLOUD ASSETS 23 01 Risk notifications 02. 02 At-a-glance security posture view
  • 25. Source: Cloud Security Alliance (CSA) survey, March 2019 WHAT CONCERNS DOES YOUR ORGANIZATION ENCOUNTER WHEN ADOPTING A PUBLIC CLOUD PLATFORM? 80.85% 62.48% 57.06% 49.13% 44.29% 43.71% 38.68% 35.01% 32.69% 23.02% 2.32% Security concerns Data loss and leakage risks Regulatory compliance Integration with the rest of our IT environment Legal concerns Cost Visibility into resources in the cloud environment Migration of applications to the cloud Lack of expertise to manage the cloud environment Lack of staff to manage the cloud environment Other (please specify) 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00% 25
  • 26. Source: Cloud Security Alliance (CSA) survey, March 2019 PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD? 3.35 3.21 3.16 3.1 3.09 3.07 2.89 2.73 Proactively detecting misconfigurations and security risks Lack of visibility into the entire cloud estate Compliance and preparing for audits Managing both cloud and on-prem environments Managing a multi-cloud environment Lack of expertise in cloud- native security constructs Troubleshooting connectivity issues Understanding which team is responsible for cloud security 0 0.5 1 1.5 2 2.5 3 3.5 4 26
  • 27. POLL How much of your time is invested in preparing for audits?  Less than a week  1 – 2 weeks  2 – 4 weeks  1 – 2 Months  2+ Months Please vote using the “Votes” tab 27
  • 28. Source: Cloud Security Alliance (CSA) survey, March 2019 COMPLIANCE – REQUIREMENTS Instant generation of audit-ready reports for major regulations, including PCI, GDPR, HIPAA, SOX, NERC etc. Generate custom reports for internal compliance mandates Proactive checks of every change for internal and regulatory compliance and/or network segmentation violations 28
  • 29. ?
  • 30. ?
  • 31. PLEASE RATE THE LEVEL OF CHALLENGE EACH ITEM POSES IN MANAGING SECURITY IN THE PUBLIC CLOUD? 3.35 3.21 3.16 3.1 3.09 3.07 2.89 2.73 Proactively detecting misconfigurations and security risks Lack of visibility into the entire cloud estate Compliance and preparing for audits Managing both cloud and on-prem environments Managing a multi-cloud environment Lack of expertise in cloud-native security constructs Troubleshooting connectivity issues Understanding which team is responsible for cloud security 0 0.5 1 1.5 2 2.5 3 3.5 4 31
  • 32. HAS YOUR ORGANIZATION EXPERIENCED A NETWORK OR APPLICATION OUTAGE IN THE LAST YEAR? 42.57% 42.77% 14.65% Yes No Not sure 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% 35.00% 40.00% 45.00% 32
  • 33. WHAT WAS THE MAIN CONTRIBUTOR TO YOUR NETWORK OR APPLICATION OUTAGE IN THE LAST YEAR? 20.36% 19.76% 15.32% 12.10% 8.47% 5.24% 5.24% 3.23% 2.22% 1.01% 7.06% Not sure Operational human errors and mismanagement of devices Device configuration changes Faults, errors, or discards in network devices Link failure caused due to fibre cable cuts or network congestion Server hardware failure Power outages Failed software and firmware upgrade or patches Security attacks such as denial of service (DoS) Incompatibility between firmware and hardware device Other (please specify) 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 33
  • 34. IF YOU EXPERIENCED A NETWORK OR APPLICATION OUTAGE, HOW LONG DID IT LAST BEFORE IT WAS RESTORED TO NORMAL OPERATION? 35.03% 34.39% 19.32% 7.86% 2.55% 0.85% Less than 1 hour 1 to 3 hours 3 to 5 hours A working day Longer than one working day Longer than a week 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% 35.00% 40.00% 34
  • 35. THE COST OF NETWORK DOWNTIME According to Gartner The average cost of network downtime is about $5,600 per minute, just about $300,000 per hour Source: https://blogs.gartner.com/andrew-lerner/2014/07/16/the-cost-of-downtime/
  • 36. Validate the change Map devices in path Check for risk involved Plan the Rules Implement the change on the devices CHANGE AUTOMATION Request a network change 36
  • 37. SUMMARY 37 • Networks are complex • Multiple cloud vendors • On-prem, private and public cloud • Multiple stake-holders • Challenges in the hybrid estate • Visibility • Who’s responsible for cloud security • Compliance • Human errors and misconfigurations • Outages can be costly • They can be eliminate with automation • You can apply your security guidelines in the cloud if you choose the right tools
  • 38. Q & A Submit your questions via the chat Request a Demo: marketing@algosec.com
  • 39. https://www.algosec.com/resources PPTREPORT 39 Yitzy Tannenbaum https://www.linkedin.com/in/yitzy-tannenbaum-673552b1/ John Yeoh https://www.linkedin.com/in/johnyeoh/ AlgoSec https://www.linkedin.com/company/algosec/
  • 40. 40 JOIN OUR COMMUNITY Follow us for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec facebook.com/AlgoSec twitter.com/AlgoSec www.AlgoSec.com/blog
  • 41. ALGOSUMMIT THE PREMIER EVENT FOR ALGOSEC CUSTOMERS & CHANNEL PARTNERS 41 Dallas | Oct 21-24 2019 www.algosec.com/algosummit UPCOMING WEBINARS May 29th Cisco Firepower Migration – Joint Webinar June 12th Application Connectivity June 26th Fortinet – Joint Webinar