Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Challenges in Cloud

581 views

Published on

Prezentace Oracle z konference Virtualization Forum 2018
Clarion Congress Hotel Prague, 25.10.2018

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security Challenges in Cloud

  1. 1. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Security Challenges in Cloud Virtualization Forum 2018 Gusztáv Szuhai Oracle Security solutions manager CEE
  2. 2. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  3. 3. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  4. 4. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  5. 5. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | The Oracle and KPMG Cloud Threat Report 2018 • Security, compliance issues that impact orgs on their cloud journey • Survey research of 450 global security leaders/practitioners Topics impacting organizations: • Cloud adoption and keeping pace at scale • Global threat landscape • Role of identity management • Cybersecurity best practices • Emerging security technologies www.Oracle.com/CTR
  6. 6. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | New Challenges and Oracle Answers Increase IT Efficiency, Prevent Cyberattacks, Increase Autoremediation Capabilities Transformation to Cloud • Oracle becoming a provider • Customers applying cloud-first or hybrid strategies Digitalization • exploding # of end-points to secure • new compliance requirements Threat landscape changing • automated, frequent, high-resourced attacks • 70% social engineering – identity theft emerges as major threat New Challenges Autonomous Operation • Self-managed DB and other products • In wider context: less human interaction more auto-remediation based on ML Manageability • predictive log analysis (BigData, ML) • applicable patterns learnt elsewhere Identity SOC • highly automated security governance • on-prem, cloud, hybrid – single UI • Identity context, auto-remediation New Answers
  7. 7. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  8. 8. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | • Your CSP needs to be independently certified ISO27001 (27017/18), SOC1/2 etc. • Large organisations have complex regulatory requirements e.g. GDPR • For you to be trusted your whole security management system (ISMS) should also be certified to the same standard Compliance
  9. 9. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | on-premises, hybrid, multi-cloud Shared Responsibility Model Service configuration Data Apps OS Virtualization Network Infrastructure Physical Service configuration Data Apps OS Virtualization Network Infrastructure Physical Service configuration Data Apps OS Virtualization Network Infrastructure Physical SaaSPaaSIaaS Customer Cloud Service Provider
  10. 10. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  11. 11. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Users are the new perimeter
  12. 12. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Security Intelligence Delivered with Identity Prevent Detect Predict Respond NetworkUsers Asset (entity, data, or content) Identity SOC
  13. 13. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  14. 14. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Security Challenges THREAT EXPOSURE 85% of breaches exploited system vulnerability where patch was available LIMITED EXPERTISE 3.5 million open cybersecurity jobs by 2021 INADEQUATE TOOLS 86% feel traditional tools are not sufficient to manage security across the cloud ALERT OVERLOAD 16,937 average alerts per week per enterprise; only 19% reliable and 4% investigated
  15. 15. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 01100100 01100001 01110100 01100001 0110010001100001 01110100 0100 01100001 01100100 01100001 01110100 01100001 0110010001100001 01011 01110100 110000101100100 01100001 01110100 110000101100100 01100001 01110100 01100001 0110010001100001 01110100 110000101100100 0100111 01100001 01110100 110000101100100 01100001 01110100 01100001 011010 0110010001100001 01110100 01100001 0110010001100001 01110100 01001 01100001 0110010001100001 01110100 01100001 0110010001100001 01001 01110100 01100001 0110010001100001 01110100 01100001 0100101001 001 0110010001100001 01110100 01100001 0110010001100001 01110100 010011 01100001 0110010001100001 01110100 01100001 01100100 01100001 01001 01110100 01100001 0110010001100001 01110100 01100001 01100100 0100 01100001 01110100 01100001 0110010001100001 01110100 01000100 0100 110000101100100 01100001 01110100 110000101100100 01100001 01110100 01100001 0110010001100001 01110100 110000101100100 01100001 010001 01110100 110000101100100 01100001 01110100 01100001 01000100 010011 0110010001100001 01110100 01100001 0110010001100001 01110100 01000 01110100 110000101100100 01100001 01110100 01100001 01000100 010011 0110010001100001 01110100 01100001 0110010001100001 01110100 010011 Next-Generation Unified Data END USER EXPERIENCE/ACTIVITY APPLICATION MIDDLE TIER DATA TIER VIRTUALIZATION TIER VM CONTAINER INFRASTRUCTURE TIER VM CONTAINER Real Users Synthetic Users Unified Platform App metrics Transactions Server metrics Diagnostics Logs Host metrics VM metrics Container metrics CMDB/Compliance Tickets Alerts INTELLIGENT, UNIFIED PLATFORM POWERED BY MACHINE LEARNING INFORMED BY A COMPLETE DATA SET HETEROGENEOUS AND OPEN ✔ ✔ ✔ ✔ Security Events Global Threat Feeds CASB Identity
  16. 16. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 01100100 01100001 01110100 01100001 0110010001100001 01110100 0100 01100001 01100100 01100001 01110100 01100001 0110010001100001 01011 01110100 110000101100100 01100001 01110100 110000101100100 01100001 01110100 01100001 0110010001100001 01110100 110000101100100 0100111 01100001 01110100 110000101100100 01100001 01110100 01100001 011010 0110010001100001 01110100 01100001 0110010001100001 01110100 01001 01100001 0110010001100001 01110100 01100001 0110010001100001 01001 01110100 01100001 0110010001100001 01110100 01100001 0100101001 001 0110010001100001 01110100 01100001 0110010001100001 01110100 010011 01100001 0110010001100001 01110100 01100001 01100100 01100001 01001 01110100 01100001 0110010001100001 01110100 01100001 01100100 0100 01100001 01110100 01100001 0110010001100001 01110100 01000100 0100 110000101100100 01100001 01110100 110000101100100 01100001 01110100 01100001 0110010001100001 01110100 110000101100100 01100001 010001 01110100 110000101100100 01100001 01110100 01100001 01000100 010011 0110010001100001 01110100 01100001 0110010001100001 01110100 01000 01110100 110000101100100 01100001 01110100 01100001 01000100 010011 0110010001100001 01110100 01100001 0110010001100001 01110100 010011 Powered By Machine Learning END USER EXPERIENCE APPLICATION MIDDLE TIER DATA TIER VIRTUALIZATION TIER VM CONTAINER INFRASTRUCTURE TIER VM CONTAINER Unified Platform ANOMALY DETECTION CLUSTERING CORRELATION PREDICTION ✔ ✔ ✔ ✔ Real Users Synthetic Users App metrics Transactions Server metrics Diagnostics Logs Host metrics VM metrics Container metrics CMDB/Compliance Tickets Alerts Security Events Global Threat Feeds CASB Identity
  17. 17. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Automated Preventive and Corrective Action Infrastructure Monitoring Incident Response Automated Response & Remediation (Orchestration Cloud Service) Violation Remediation Application Scaling Threat Remediation Configuration & Compliance IT Analytics Log AnalyticsApplication Performance Monitoring Security Monitoring & Analytics Event TypesLegend Workflow Stats Action on Saved Search, Execution Logs
  18. 18. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Security Monitoring and Analytics IT Analytics Log Analytics Services Designed To Work Together Infrastructure Monitoring Configuration & Compliance OrchestrationApplication Performance Monitoring Monitor real and synthetic users and application performance Monitor database and cross-tier infrastructure performance Aggregate, index, and explore the entire enterprise log estate Manage configuration and change against industry and own standards Execute automated remediation and other tasks at cloud scale Analyze business and IT data using pre-built apps and explorers Detect, investigate, and remediate full range of security threats Systems Management Services (for “the NOC”) Security Services (for “the SOC”) CASB Cloud Access Security Broker Security Governance of cloud usage „Shadow IT” discovery IDCS Identity Cloud Service Identity and Access Mgmt in hybrid environment, multicloud SSO, MFA
  19. 19. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Security Monitoring and Analytics IT Analytics Log Analytics Services Designed To Work Together Infrastructure Monitoring Configuration & Compliance OrchestrationApplication Performance Monitoring Monitor real and synthetic users and application performance Monitor database and cross-tier infrastructure performance Aggregate, index, and explore the entire enterprise log estate Manage configuration and change against industry and own standards Execute automated remediation and other tasks at cloud scale Analyze business and IT data using pre-built apps and explorers Detect, investigate, and remediate full range of security threats Systems Management Services (for “the NOC”) Security Services (for “the SOC”) CASB Cloud Access Security Broker IDCS Identity Cloud Service Security Governance of cloud usage „Shadow IT” discovery Identity and Access Mgmt in hybrid environment, multicloud SSO, MFA
  20. 20. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Agenda New challenges and Oracle answers Understand your security responsibilities New center of cyber-defense: identity Maximise intelligence-driven automation Quick peek into the SOC 1 2 3 4 5
  21. 21. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
  22. 22. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
  23. 23. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
  24. 24. Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Learn More About Oracle Oracle.com/Security Cloud.oracle.com/Management Blogs.oracle.com/CloudSecurity Blogs.oracle.com/ManagementCloud @OracleSecurity @OracleMgmtCloud /OracleSecurity /OracleManagementCloud www.oracle.com/CTR (Cyber threat report with KPMG) Cloud.oracle.com/tryit Oracle PublicCopyright © 2017, Oracle and/or its affiliates. All rights reserved. |

×