Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Driven by security: Legendary Entertainment’s high-velocity cloud transformation - SDD352-S - AWS re:Inforce 2019

622 views

Published on

As a leader in its industry, Legendary Entertainment is transforming into a digital business with an aggressive strategy for cloud adoption. In this session, hear from Legendary CISO Dan Meacham and McAfee VP of Cloud Engineering Slawomir Ligier as they discuss how security accelerated that transformation. Topics include Legendary’s primary focus areas for security on AWS, creating a hybrid cloud security platform, gaining visibility into workloads, preventing lateral threat movement and attacks, and building a successful DevOps workflow that integrates security.

  • See how I make over $7,293 a month from home doing REAL online jobs!  http://t.cn/AisJWCv6
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Best survey site online! $1,500 a month thanks to you guys! Without a doubt the best paid surveys site online!I have made money from other survey sites but made double or triple with GoldOpinions.com for the same time and effort. The variety and number of daily paid surveys I get from them is unmatched. A must for anyone looking for extra cash or a full time income. ♥♥♥ http://t.cn/AieX2Loq
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Driven by security: Legendary Entertainment’s high-velocity cloud transformation - SDD352-S - AWS re:Inforce 2019

  1. 1. © 2019, Amazon Web Services, Inc. or its affiliates. Allrights reserved. Driven by security: Legendary Entertainment’s high-velocity cloud transformation Dan Meacham VP, Global Security, CSO/CISO Legendary Entertainment S D D 3 2 5 - S Slawomir Ligier VP, Engineering, MVISION Cloud McAfee
  2. 2. 2 Today’s Agenda and Key Takeaways Agenda ▪ Enterprise Customer Cloud Journey Challenges ▪ Legendary Entertainment’s Cloud Transformation ▪ How MVISION Cloud helped Legendary Entertainment Key Takeaways ▪ IaaS cloud workloads on AWS must be carefully designed and continuously audited to help reduce risk and potential data loss ▪ Monitoring cloud activity and users for anomalous behavior can help to identify insider threats and compromised accounts ▪ Storing business data in Amazon S3 introduces different considerations that didn’t exist in the traditional datacenter model
  3. 3. 3 IaaS Fastest Growing Segment of Cloud Source: Gartner Forecasts Worldwide Public Cloud Revenue press release, April 12, 2018 IaaS 35.9% CAGR SaaS 22.2% CAGR
  4. 4. 4 31% 13% 11% 16% 8% 5% 5% 7% 2% 2% IaaS, 24% Misc, 10% Enterprise SaaS, 66% Where is Your Sensitive Data in the Cloud? Enterprise SaaS and IaaS Top Concerns: ▪ Data Visibility ▪ User Behavior / Threat Detection ▪ Security Compliance / Configuration Zero-to-60 for IaaS ▪ More than 3x growth ▪ Continued enterprise push for cloud transformation
  5. 5. 5 Shared Responsibility Model Customer’s responsibility in securing IaaS is much greater than in SaaS
  6. 6. 6 Where is Your Sensitive Data in the Cloud? Average organization has 14 misconfigured IaaS services running at a given time
  7. 7. 7 Where is Your Sensitive Data in the Cloud? Average organization experiences 1,527 DLP incidents in IaaS/PaaS per month
  8. 8. 8 Where is Your Sensitive Data in the Cloud? How do I detect malicious or insider activity in clouds I do not control?
  9. 9. 9 3.8 PB On-Prem Data (2 Shows) 15 TB One Character Model 2 PB Data in AWS 58 Films Box Office $16 Billion 325 Employees Single Show 2,000
  10. 10. 10 2013—Cloud First Architecture 2014—95% IaaS / SaaS 2015 —User Centric Security Architecture 2016—SSO and Device Management 2017—CASB 2018—CASB Insider Threat Business Requirements ▪ Cloud First ▪ Secure Collaboration ▪ User Trust Model that supports Cloud, SSO, and BYOD Security Requirements ▪ Secure sensitive data ▪ Secure the device ▪ Enable employees and partners to work from anywhere
  11. 11. 11 IaaS Key CASB Use Cases 2. Managing Rogue IaaS Accounts Discover shadow IT usage and reclaim control of risky IaaS usage. 1. Security Configuration Monitoring of IaaS Resources Identify IaaS resources with security settings that are non-compliant to CIS Level 1, 2 policies. 3. Visibility of Confidential Data Gain visibility of regulated/high-value data stored in Amazon S3 Storage. 4. Activity Monitoring, Advanced Threat Protection Capture an audit trail of activity for forensic investigations. Detect compromised accounts.
  12. 12. 12 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
  13. 13. 13 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
  14. 14. 14 Security Configuration Audit Manage regulated/high-value data being stored in the cloud. ▪ 102 Unique Configuration Checks and Policies ▪ Continuously monitor IaaS security settings for misconfiguration
  15. 15. 15 Security Configuration Audit Manage regulated/high-value data being stored in the cloud. ▪ As IaaS admins correct misconfigured settings, McAfee automatically resolves the incident
  16. 16. 16 Introducing MVISION Cloud “Shift Left” What is CloudFormation? ▪ Agile Organizations use AWS CloudFormation Templates ▪ Allows for rapid rollout, preconfigured systems MVISION Cloud “Shift Left” provides audit of AWS CloudFormation ▪ Head off security and compliance issues BEFORE rollout ▪ Reduce risk for systems pushed into production ▪ Streamline DevSecOps AWS CloudFormation
  17. 17. 17 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
  18. 18. 18 Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Enforce governance policies and coach users to approved IaaS platform
  19. 19. 19 Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Identify risky or unsanctioned IaaS platforms in use ▪ Identify AWS Accounts not under management
  20. 20. 20 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
  21. 21. 21 Visibility of Confidential Data Gain visibility of regulated/high-value data stored in Amazon S3 Storage ▪ Perform on-demand scans to identify sensitive or protected data stored in IaaS storage services ▪ Remediate with Amazon S3 Encryption, Stronger Policies, or Network Boundaries
  22. 22. 22 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS Activity Monitoring & Forensics
  23. 23. 23 Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Categorizes 100s of activities into 13 categories for easy filtering/navigation
  24. 24. 24 Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Expand the scope of an investigation and browse a geo-location map
  25. 25. 25 Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations ▪ Investigate activities for a specific user centered around an incident
  26. 26. 26 Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations ▪ IP reputation to identify access by a malicious IP such as a TOR network
  27. 27. 27 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS Advanced Threat Detection
  28. 28. 28 Advanced Threat Protection Detect compromised accounts, insider threats, and malware ▪ Threat funnel correlates multiple anomalies, minimizing false positives
  29. 29. 29 Advanced Threat Protection Detect compromised accounts, insider threats, and malware ▪ No pre-defined policies or thresholds, automatic models based on activity
  30. 30. APN Partnership with AWS
  31. 31. 31 McAfee MVISION Cloud Integration—AWS Security Hub MVISION Cloud AWS Security Hub
  32. 32. 32 ▪ Achieved in 2019 ▪ Long standing APN Partner ▪ Referenceable Customers ▪ Vetted solution by AWS Only CASB with AWS Security Competency MVISION Cloud
  33. 33. Enterprise Security Platform Strategy
  34. 34. 34 Security Platform for Cloud Adoption Device Network Network-centric controls (Web protection, DLP, threat protection, etc.) Cloud-native controls (DLP, configuration management, threat protection, etc.) Device-centric controls (DLP, device control, encryption, threat protection, etc.) Cloud End-to-end Policy Unified Incident Management
  35. 35. 35 As You Progress on Your Cloud Journey… Storing and identifying regulated business data in Amazon S3 storage introduces different considerations that didn’t exist in a traditional datacenter model Rapid Cloud Adoption planning must be carefully designed and continuously audited to help reduce risk and potential data loss Monitor cloud activity and users for anomalous behavior can help to identify insider threats and compromised accounts
  36. 36. 36 AWS Vulnerability Assessment Definitive Guide to AWS Security eBook Gartner CASB MQ Free AWS Security Resources
  37. 37. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others. Copyright © 2019 McAfee, LLC.
  38. 38. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. Allrights reserved. Dan Meacham VP, Global Security, CSO/CISO Legendary Entertainment Slawomir Ligier VP, Engineering, MVISION Cloud McAfee @sligier

×