Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Moving Sucks. Making Secure Cloud Migration Painless
1. CONFIDENTIAL DO NOT DISTRIBUTE
Moving Sucks
Making Secure Cloud Migration Painless
Dan Mannion VP of Partners and Alliances
daniel.mannion@armor.com
@dmannion
2. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion 2
Agenda
01 Planning a cloud migration
02 Shared responsibility
03 Security considerations
04 Key takeaways
3. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
MOVE FAST STAY SECUREOR
4. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
MOVE FAST STAY SECUREAND
6. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
• Ability and scalability
• Increased flexibility
• Rapid infrastructure deployment
• Free capex – pay only for what you consume
Benefits of the Cloud
7. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Things to Consider
7
• Determine what you want to put in the cloud
• Identify the right cloud environment (IaaS, PaaS,
SaaS)
• Identify deployment model
• Re-architecting for cloud
• Estimate value and costs up front
• Find a security solution
• Stay compliant
9. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Cloud can be more secure than your current environment.
IDC released a report which found that most customers can be more secure
than their on-premises environment. How?
Source: Assessing the Risk: Yes, the Cloud Can Be More Secure Than Your On-Premises Environment, IDC
Automate logging
and monitoring
Simplifying
resource access
Make it easy to
encrypt properly
Enforcing strong
authentication
10. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion 10
It seems like you’re not responsible for much, right?
APPLICATIONS
DATA
RUNTIME
MIDDLEWARE
OS
VIRTUALIZATION
SERVERS
STORAGE
NETWORKING
APPLICATIONS
DATA
RUNTIME
MIDDLEWARE
OS
VIRTUALIZATION
SERVERS
STORAGE
NETWORKING
Infrastructure
(as a Service)
Platform
(as a Service)
You Manage Provider Manages
11. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion 11
It’s not simple.
3rd Party Cloud
Azure
AWS
On Premises
How do you account for:
planning & strategy, staff, tools, training, execution, scaling, remediation, & threat hunting?
12. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion 12
That means the biggest threat to your cloud is
“you don’t know what you don’t know.”
Top Strategic Predictions for 2016 and Beyond – Gartner 2016
95%OF CLOUD SECURITY FAILURES THROUGH
2020 WILL BE THE CUSTOMERS FAULT.
13. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Things to Consider
13
Impact on
Business
Cost of Shared
Responsibility
Talent
Considerations
15. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
40%
15
The Challenges We All Face in 2017
910BN Record breaches in the last 10 years.
www.privacyrights.org/data-breaches
3.2M RECORD BREACHES YTD
That trend is going to continue.
www.bloomberg.com/news/articles/2017-01-19/data-breaches-hit-
record-in-2016-as-dnc-wendy-s-co-hacked
INCREASE IN HACKS 2015-2016
$4M
Per Ponemon Institute.
www-03.ibm.com/security/data-breach/
$4M AVERAGE COST OF DATA BREACH
www.privacyrights.org/data-breaches
INCREASE IN COST SINCE 2013.
Healthcare companies lose an average of
$355 per each stolen record
AVERAGE HEALTHCARE LOSS
29%
$355
Transportation companies may only lose $129
per record
AVERAGE TRANSPORTATION LOSS
$129
3.2M
910BN
16. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
What Happens If You Do Get Breached?
16
Most solutions are glorified alarm systems that simply notify of you a
breach...leaving it up to you to remediate.
1616
Sources: https://www.csid.com/resources/stats/data-breaches/
VS
2 DAYS 146 DAYS
17. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Spot the Hacker
17
LIVEFULLTHROTTLE TANK, FATHER HUYDERMAN PETR0VICH, NOWHERE ALIRRP14 THEHEAD
The images below are either from popular online dating websites, or are currently on the
FBI Cyber’s Most Wanted list. Can you spot which are the proven malicious actors?
Do their aliases help?
18. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Macro Cyber Security Trends = We are losing!!!
TALENT
SHORTAGE
HOW THE
SECURITY
INDUSTRY IS
FAILING US ALL
Cybersecurity workforce shortage: Projected to reach 1.5 million by 2019
Cyber talent is expensive: ~20% more costly than general IT talent
Cloud Security is new muscle: Even the top cybersecurity talent on the market is
having to re-learn cybersecurity tools and techniques in the cloud
5000 security tools vendors: Deliver point solutions and no commitment to security
outcomes
MSSP market that treats every customer as a snowflake: “However you’re securing
yourself today, we’ll turn that into a service” – aka “your mess for less”
Compliance frameworks that deliver check boxes but not security: All major health,
financial services, retail and government breaches were compliant organizations
19. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
Founded on Trust. Fueled by Passion.
19
TRUSTED BY
1,200+ CUSTOMERS IN
45 COUNTRIES
4 OF THE TOP 10
HEALTHCARE IT COMPANIES
MORE THAN $200 BILLION IN
SECURE PAYMENT TRANSACTIONS
C E R T I F I E D
FOR
Armor’s ability to deliver on data
security enables us to dedicate
resources to our core business of
designing and delivering world-
class experiences.”
Sean McElroy
Vice President of IT & Security
“
20. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion
• Why are you moving to the cloud? Cost? Agility? Scalability?
• How will you address the Shared Responsibility Model?
• How will you upskill your team? Do you need outside help?
• Design a multi-year plan and insure you understand
implications of hybrid approach
• Use this opportunity to design a solid disaster recovery plan –
the cloud is great at DR
• Complete a detailed analysis of cost/benefit and ensure you
design new programs and policies to prevent cloud sprawl
• Security and compliance in the cloud is different – now might
be the time to outsource that burden
Key Takeaways
20
22. CONFIDENTIAL DO NOT DISTRIBUTE | THE FIRST TOTALLY SECURE CLOUD COMPANYTM
@dmannion 22
Enter Your Business Card for a
Chance to Win…
ONE $100 Microsoft Store Gift Card
23. CONFIDENTIAL DO NOT DISTRIBUTE
Thank You
Dan Mannion VP of Partners and Alliances
daniel.mannion@armor.com
@dmannion