Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World


Published on

Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World

  1. 1. UNLEASH YOUR DIGITAL ENTERPRISE Keeping pace and staying safe in the digital world
  2. 2. How can we keep pace with multitudes of new platforms and cloud services? keep pace with the expectations of our own staff? keep pace with customer demands and market expectations? keep our data and IP safe whilst keeping pace? keep pace with new entrants to market?
  3. 3. Today’s challenges • Customer is first • Customers expect more • Customers want it now • If you don’t disrupt someone else will
  4. 4. Disruption is coming If it hasn’t already occurred, someone is going to disrupt your industry. … and it’s not just high tech things or new services • Mundane products in saturated markets are prime targets
  5. 5. What is being disrupted? Sometimes it’s not even about the product Disruption can focus upon the • Customer experience and the benefits • How the brand engages with the customer • How the product is purchased Regardless of how, the customer is at the front of the conversation
  6. 6. Let’s talk mattresses Blocks of foam and springs $45,000,000,000 industry Disrupter profile: Casper • 3 years old • $750 million valuation • $200 million in 2016 sales • Disrupting the purchasing process
  7. 7. Mattresses of disruption So what are Casper doing? • Focussing on the customer experience, not the product • Selling the experience, creating a set of values and brand alliance ‘Great sleep is the key to living a great life’ • Focussing on the benefit not the feature. • Building empathy. • Providing a better shopping experience. No wandering through retailers. • Targeting consumers wanting an online experience
  8. 8. Technology enables pace • Frequently technology is the tool that enables you to keep pace, or maybe even get ahead. • Regardless of where & how it’s hosted, an IT system has three components. People Process Technology
  9. 9. Your next employees Mobility is expected Internet and cloud native Data anywhere is the norm Personal IT just works
  11. 11. Visualisation of data breaches
  12. 12. You’re probably further into the cloud than you realise No more boundaries. Many things in many places With so many services in so many locations, can you ‘draw a line’ around your network? If you can’t draw a line around it, how do you protect it? Approved on-premises app services Approved cloud services Cloud services you don’t know about Corporate data stored on unsecured devices
  13. 13. Who you are, rather than where you are has become more important Identity is the new control plane Your data is stored: • On-premises • In permitted cloud services • In unknown cloud services • On corporate devices • On un-managed devices Your data has moved beyond the network. We need a new security perimeter
  14. 14. So, how do we stay safe? 01 Cyber program Understand the enemy Identify risks & exposure Build a defensive strategy Execute it 02 Perimeter Review and refresh the capabilities of your network perimeter 03 Identity Your firewall is no longer the boundary Identity is the new control plane
  15. 15. DEVELOP A CYBER PROGRAM 01 Cyber program Understand the enemy Identify risks & exposure Build a defensive strategy Execute it
  16. 16. The hacker may be more dedicated Time is a key construct of vulnerability to malicious activity. • The demands of business compete for our time. • The IT teams’ available time is split between new initiatives, business demands, legacy infrastructure challenges and ongoing support For the hacker time is their most valuable asset. • A persistent threat hacker is spending more time trying to break in than you are trying to prevent it.
  17. 17. What should business do? Understand the enemy • Persistent, advanced and human-based. Actively probing for weakness. Identify your risks and exposure • Where are your information assets and how protected are they? • Where are your weaknesses? Build a defensive strategy and execute upon it • Plan to protect what matters the most. Continuously validate its effectiveness • Optimise your defences by probing for weakness.
  18. 18. Cyber program Components of the program • Identify your business objectives and organisational priorities • Determine the scope of systems that support these objectives and priorities • Identify related systems and assets, regulatory requirements and overall risk approach • Identify the Threat Groups most likely to target the organisation and understand why. Prioritise, Scope & Orient • Identify a framework of reference for cyber control definitions (NIST, ISO 27001, CIS-CSC) • Develop a current profile by indicating what cyber controls currently exist in the business • Determine the maturity of controls in place Create Current State Profile Guided by your overall risk management process or previous risk assessment activities. • Analyse the operational environment to understand the likelihood of a cybersecurity event and the impact it could have. • Identify the most likely and most dangerous threat scenarios which could occur. Conduct Risk Assessment
  19. 19. • Create a target profile that focuses on the assessment of the identified Controls describing the organisation’s desired cybersecurity outcomes • Consider influences and requirements of external stakeholders such as regulatory bodies, customers and business partners when creating a target profile Create Target State Profile • Compare the Current Profile and the Target Profile to determine the gaps • Create a prioritised action plan to address those gaps that draws upon organisational priorities, a cost/benefit analysis, and understanding of risk to achieve the outcomes in the Target Profile • Determine the resources, technology or roles necessary to address the gaps Determine & Prioritise Gaps • Determine the order and priority of activities to achieve the target state • Monitor the cybersecurity practices against the Target Profile Implement Action Plan Cyber program Components of the program
  20. 20. REVIEW YOUR PERIMETER 02 Perimeter Review and refresh the capabilities of your network perimeter
  21. 21. big wall
  22. 22. outside
  23. 23. Cyber program Is it possible to stay safe? Employees Business partners Customers Apps Devices Data Users Data leaks Lost device Compromised identity Stolen credentials
  26. 26. Your security posture ! DETECT using targeted signals, behavioral monitoring, and machine learning RESPOND closing the gap between discovery and action PROTECT across all endpoints, from sensors to the datacenter
  27. 27. The perimeter has changed IDENTITY AS THE CONTROL PLANE ONE COMMON IDENTITY IMPROVED SECURITY SIMPLIFIED MANAGEMENT SSO On-premises: Existing applications, Windows Server Active Directory, and other directories Cloud: Azure, PaaS, SaaS and Office 365 Closing the gap between discovery and action
  28. 28. Review your perimeter Whilst the corporate firewall is no longer the sole boundary, it still has its place • The traditional firewall, web and email protection are no longer a complete solution. • Protection is needed for your users in cloud applications (PaaS or SaaS) • The only thing you can control is you users’ identity, it’s the new control plane • Know your exposure to SaaS and PaaS • Know your new perimeter and how you want to deal with it
  29. 29. DEVELOP YOUR IDENTITY 03 Identity Your firewall is no longer the boundary Identity is the new control plane
  30. 30. Identity-driven security The security landscape has changed Shadow IT Data breach Employees Partners Customers Cloud apps Identity Devices Apps & Data Transition to cloud & mobility New attack landscape Current defenses not sufficient Identity breach On-premises apps SaaS Azure
  31. 31. Identity-driven security Three steps to identity-driven security 1. Protect the front door Safeguard your resources at the front door with innovative and advanced risk-based conditional accesses 2. Provide layered protection. User, app, device and data Gain deep visibility into user, device, and data activity on- premises and in the cloud. 3. Detect attacks before they cause damage Uncover suspicious activity and pinpoint threats with deep visibility and ongoing behavioral analytics
  32. 32. Identity-driven security Protect the front door Conditions Allow access Or Block access Actions Enforce MFA per user/per app Location Device state User/Application MFA Risk User Azure AD Privileged Identity Management Azure AD Identity Protection
  33. 33. Identity-driven security Provide layered protection. User, app, device and data How do I control data on-premises and in the cloud? Azure Information Protection Classify & Label Protect Monitor and Respond How do I prevent data leakage from my mobile apps? Microsoft Intune LOB app protection DLP for Office 365 mobile apps Optional device management How do I gain visibility and control of my cloud apps? Cloud App Security Risk scoring Shadow IT Discovery Policies for data control
  34. 34. Identity-driven security Detect attacks before they cause damage Microsoft Advanced Threat Analytics (ATA) Behavioral Analytics Detection of known malicious attacks Detection of known security issues On-premises detection Detection in the cloud Cloud App Security + Azure Active Directory Premium Behavioral analytics Anomaly detection Security reporting and monitoring
  35. 35. Cloud-powered protection Azure Active Directory Identity Protection SIEM Power BI Monitoring tools Security, monitoring and reporting Solutions Notifications Data Extracts/Downloads Reporting APIs Apply Microsoft learnings to your existing security tools Machine-learning engine Leaked credentialsInfected devices Configuration vulnerabilities Brute force attacks Suspicious sign-in activities