SlideShare a Scribd company logo

Notorious 9 ciso platform moshe

Priyanka Aash
Priyanka Aash

The notorious 9 in Cloud Security by Moshe Ferber

Technology
1 of 14
The Notorious 9 Cloud computing Threats Moshe Ferber, CCSK  Onlinecloudsec.com CISO Platform Mumbai 2014
About  Moshe Ferber, 39, Based in Israel  Information security professional for over 20 years  Founded Cloud7, Managed Security Services provider (currently owned by Matrix LTD)  Partner at Clarisite – Your customer’s eye view  Partner at FortyCloud – Make your public cloud private  Member of the board at Macshava Tova – Narrowing societal gaps  Certified CCSK instructor for the Cloud Security Alliance.  Co-Chairman of the Board, Cloud Security Alliance, Israeli Chapter
What we are going to talk about Sources:  Cloud Security Alliance Notorious nine cloud computing threats.  Cloud Security Alliance Cloud Computing Vulnerability Incidents: A Statistical Overview Cloud computing threats – what they are? how do they reflect in the real world? What are the attacks vectors?
#1 Data Breaches  Cloud Provider will continue to be a target for data breaches, sometimes just for the accounts and not even for the data.  iCloud, Evernote, Adobe tells the story well.  But not all data lost happens due to hacking, Unintended disclosure is also happening.  Cloud Computing and Shadow IT contribute to this phenomena. Source: Verizon data breach report 2013 Shadow IT
#2 Data Lost  Hacking or simple failures – it does not really matter.  Multi Cloud backup or external backups are not a “nice to have”.
#3 Account Hijacking New account Hijacking Motivation:
#4 Insecure Interfaces and API’s The cloud providers management dashboard, especially in IaaS, is the most intimidating attack vector
DNS Amplification Attacks #5 Denial of Service  Network DDOS are becoming less common when talking about cloud providers.  But application level attacks are increasing.
#6 Malicious Insider
#7 Abuse of Cloud Services
#8 Insufficient due Diligence  Evaluating your provider is hard, very hard.  Government legislation and industry efforts will lead to better understanding of Cloud Accountability.  CSA will help in promoting transparency and provider evaluation methodology.
#9 Shared Technologies vulnerabilities
#9 Shared Technologies vulnerabilities  From the infrastructure point of view SDN might solve some of the problems.  Innovation is required on the application layer, Identity Management and encryption.
Moshe Ferber  moshe@onlinecloudsec.com  www.onlinecloudsec.com http://il.linkedin.com/in/MosheFerber KEEP IN TOUCH Cloud Security Course Schedule can be find at: http://www.onlinecloudsec.com/course-schedule

Recommended

Cyber Threats
Cyber ThreatsCyber Threats
Cyber ThreatsProf John Walker FRSA Purveyor Dark Intelligence
 
The Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsThe Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsSai Huda
 
Cloud computing's notorious nine-
Cloud computing's notorious nine-Cloud computing's notorious nine-
Cloud computing's notorious nine-Nikki Alexander
 
Protecting Against Web Threats
Protecting Against Web ThreatsProtecting Against Web Threats
Protecting Against Web ThreatsKim Jensen
 
3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlook3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlookPeter Hewer
 
The 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationThe 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationCloudLock
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 

Recommended

Cyber Threats
Cyber ThreatsCyber Threats
Cyber ThreatsProf John Walker FRSA Purveyor Dark Intelligence
 
The Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsThe Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsSai Huda
 
Cloud computing's notorious nine-
Cloud computing's notorious nine-Cloud computing's notorious nine-
Cloud computing's notorious nine-Nikki Alexander
 
Protecting Against Web Threats
Protecting Against Web ThreatsProtecting Against Web Threats
Protecting Against Web ThreatsKim Jensen
 
3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlook3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlookPeter Hewer
 
The 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationThe 1% Who Can Take Down your Organization
The 1% Who Can Take Down your OrganizationCloudLock
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
Security is Hard
Security is HardSecurity is Hard
Security is HardMike Murray
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud SecuritySusanne Tedrick
 
Chapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareChapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareAdi Saputra
 
Cloud service providers in pune
Cloud service providers in puneCloud service providers in pune
Cloud service providers in puneAnshita Dixit
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeSysfore Technologies
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsINKPPT
 
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them SrikanthRaju7
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Research On Global Markets
 
Understanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills GapUnderstanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills GapCentextech
 
Assignment4
Assignment4Assignment4
Assignment4a1104137
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashSeclore
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderDatapipe
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedElastica Inc.
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018CheapSSLsecurity
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the CloudCloudLock
 
5 Security Trends to Watch in 2020
5 Security Trends to Watch in 20205 Security Trends to Watch in 2020
5 Security Trends to Watch in 2020Dharmendra Rama
 
A sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir ValtmanA sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir ValtmanPriyanka Aash
 
PSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUDPSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUDstephanie23sjs
 

More Related Content

What's hot

Security is Hard
Security is HardSecurity is Hard
Security is HardMike Murray
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud SecuritySusanne Tedrick
 
Chapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareChapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareAdi Saputra
 
Cloud service providers in pune
Cloud service providers in puneCloud service providers in pune
Cloud service providers in puneAnshita Dixit
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeSysfore Technologies
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsINKPPT
 
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them SrikanthRaju7
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
Understanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills GapUnderstanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills GapCentextech
 
Assignment4
Assignment4Assignment4
Assignment4a1104137
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashSeclore
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderDatapipe
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdfSania Baker
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedElastica Inc.
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018CheapSSLsecurity
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the CloudCloudLock
 
5 Security Trends to Watch in 2020
5 Security Trends to Watch in 20205 Security Trends to Watch in 2020
5 Security Trends to Watch in 2020Dharmendra Rama
 

What's hot (20)

Security is Hard
Security is HardSecurity is Hard
Security is Hard
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
Chapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareChapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs Ransomware
 
Cloud service providers in pune
Cloud service providers in puneCloud service providers in pune
Cloud service providers in pune
 
Major Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | SysforeMajor Cloud Security Challenges concerning the Enterprises | Sysfore
Major Cloud Security Challenges concerning the Enterprises | Sysfore
 
Cyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 minsCyber Security vs IT Security in 2 mins
Cyber Security vs IT Security in 2 mins
 
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
Cybersecurity 2020: Your Biggest Threats and How You Can Prevent Them
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
 
Understanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills GapUnderstanding Cybersecurity Skills Gap
Understanding Cybersecurity Skills Gap
 
Assignment4
Assignment4Assignment4
Assignment4
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and Stash
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
4 Reasons Why Your Business Needs A Cyber Security Consultant.pdf
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018
 
The Riskiest Industries in the Cloud
The Riskiest Industries in the CloudThe Riskiest Industries in the Cloud
The Riskiest Industries in the Cloud
 
5 Security Trends to Watch in 2020
5 Security Trends to Watch in 20205 Security Trends to Watch in 2020
5 Security Trends to Watch in 2020
 

Viewers also liked

A sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir ValtmanA sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir ValtmanPriyanka Aash
 
PSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUDPSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUDstephanie23sjs
 
Ciso bitcoin tx_mallability-pdf
Ciso bitcoin tx_mallability-pdfCiso bitcoin tx_mallability-pdf
Ciso bitcoin tx_mallability-pdfPriyanka Aash
 
Solicitud de alta como socio de acedc
Solicitud de alta como socio de acedcSolicitud de alta como socio de acedc
Solicitud de alta como socio de acedcacedc
 
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)Priyanka Aash
 
ciso-platform-annual-summit-2013-IT risk as business risk
ciso-platform-annual-summit-2013-IT risk as business riskciso-platform-annual-summit-2013-IT risk as business risk
ciso-platform-annual-summit-2013-IT risk as business riskPriyanka Aash
 
447.теория и история литературы проблемы фольклоризма и мифотворчества
447.теория и история литературы проблемы фольклоризма и мифотворчества447.теория и история литературы проблемы фольклоризма и мифотворчества
447.теория и история литературы проблемы фольклоризма и мифотворчестваivanov15548
 
Mohit_Jain_Resume
Mohit_Jain_ResumeMohit_Jain_Resume
Mohit_Jain_ResumeMohit Jain
 
197.«основные положения гражданского права» часть 2 «договоры, направленные н...
197.«основные положения гражданского права» часть 2 «договоры, направленные н...197.«основные положения гражданского права» часть 2 «договоры, направленные н...
197.«основные положения гражданского права» часть 2 «договоры, направленные н...ivanov15666688
 
Nanotechnology in surgery
Nanotechnology in surgeryNanotechnology in surgery
Nanotechnology in surgeryLouizos Louizos
 
Performance Arts Awards Graded Examinations in Musical Theatre | RSL
Performance Arts Awards Graded Examinations in Musical Theatre | RSLPerformance Arts Awards Graded Examinations in Musical Theatre | RSL
Performance Arts Awards Graded Examinations in Musical Theatre | RSLFrancesca Denton
 
Information Visualization Project
Information Visualization ProjectInformation Visualization Project
Information Visualization ProjectAlexander Nwala
 
AHMED HAMDI%27S PORTFOLIO
AHMED HAMDI%27S PORTFOLIOAHMED HAMDI%27S PORTFOLIO
AHMED HAMDI%27S PORTFOLIOAhmed Hamdi
 

Viewers also liked (20)

A sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir ValtmanA sprint to protect POS by Nir Valtman
A sprint to protect POS by Nir Valtman
 
PSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUDPSICOLOGIA DE LA SALUD
PSICOLOGIA DE LA SALUD
 
Oer prezi
Oer preziOer prezi
Oer prezi
 
Ciso bitcoin tx_mallability-pdf
Ciso bitcoin tx_mallability-pdfCiso bitcoin tx_mallability-pdf
Ciso bitcoin tx_mallability-pdf
 
Solicitud de alta como socio de acedc
Solicitud de alta como socio de acedcSolicitud de alta como socio de acedc
Solicitud de alta como socio de acedc
 
Bachelor in History
Bachelor in HistoryBachelor in History
Bachelor in History
 
RAB Lighting
RAB LightingRAB Lighting
RAB Lighting
 
CV
CVCV
CV
 
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)
Ciso-platform-annual-summit-2013_logical vulnerabilities_(nilanjan_iviz)
 
ciso-platform-annual-summit-2013-IT risk as business risk
ciso-platform-annual-summit-2013-IT risk as business riskciso-platform-annual-summit-2013-IT risk as business risk
ciso-platform-annual-summit-2013-IT risk as business risk
 
nostalgia pix
nostalgia pixnostalgia pix
nostalgia pix
 
447.теория и история литературы проблемы фольклоризма и мифотворчества
447.теория и история литературы проблемы фольклоризма и мифотворчества447.теория и история литературы проблемы фольклоризма и мифотворчества
447.теория и история литературы проблемы фольклоризма и мифотворчества
 
Mohit_Jain_Resume
Mohit_Jain_ResumeMohit_Jain_Resume
Mohit_Jain_Resume
 
197.«основные положения гражданского права» часть 2 «договоры, направленные н...
197.«основные положения гражданского права» часть 2 «договоры, направленные н...197.«основные положения гражданского права» часть 2 «договоры, направленные н...
197.«основные положения гражданского права» часть 2 «договоры, направленные н...
 
El coordinator meeting 11.5.15
El coordinator meeting 11.5.15El coordinator meeting 11.5.15
El coordinator meeting 11.5.15
 
Nielson_Samaj in Bhutanese Culture
Nielson_Samaj in Bhutanese CultureNielson_Samaj in Bhutanese Culture
Nielson_Samaj in Bhutanese Culture
 
Nanotechnology in surgery
Nanotechnology in surgeryNanotechnology in surgery
Nanotechnology in surgery
 
Performance Arts Awards Graded Examinations in Musical Theatre | RSL
Performance Arts Awards Graded Examinations in Musical Theatre | RSLPerformance Arts Awards Graded Examinations in Musical Theatre | RSL
Performance Arts Awards Graded Examinations in Musical Theatre | RSL
 
Information Visualization Project
Information Visualization ProjectInformation Visualization Project
Information Visualization Project
 
AHMED HAMDI%27S PORTFOLIO
AHMED HAMDI%27S PORTFOLIOAHMED HAMDI%27S PORTFOLIO
AHMED HAMDI%27S PORTFOLIO
 

Similar to Notorious 9 ciso platform moshe

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 
Should we fear the cloud?
Should we fear the cloud?Should we fear the cloud?
Should we fear the cloud?Gabe Akisanmi
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012DaveEdwards12
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfTechugo
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfTechugo
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Top 9 Data Security Trends for 2012
Top 9 Data Security Trends for 2012Top 9 Data Security Trends for 2012
Top 9 Data Security Trends for 2012Imperva
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationAboutSSL
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudAmazon Web Services
 
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...cVidya Networks
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsMoshe Ferber
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceDavid Jones
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial servicesMoshe Ferber
 
Top 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityTop 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityHeritageCyberworld
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingAshish Patel
 

Similar to Notorious 9 ciso platform moshe (20)

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 
Should we fear the cloud?
Should we fear the cloud?Should we fear the cloud?
Should we fear the cloud?
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
Top 9 Data Security Trends for 2012
Top 9 Data Security Trends for 2012Top 9 Data Security Trends for 2012
Top 9 Data Security Trends for 2012
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Security threat in cloud computing
Security threat in cloud computingSecurity threat in cloud computing
Security threat in cloud computing
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud Generation
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the Cloud
 
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...Becoming the safe choice for the cloud by addressing cloud fraud & security t...
Becoming the safe choice for the cloud by addressing cloud fraud & security t...
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startups
 
Your clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security AllianceYour clouds must be transparent - an intro to Cloud Security Alliance
Your clouds must be transparent - an intro to Cloud Security Alliance
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
 
Top 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityTop 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber security
 
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
 
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdfUNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Notorious 9 ciso platform moshe

  • 1. The Notorious 9 Cloud computing Threats Moshe Ferber, CCSK  Onlinecloudsec.com CISO Platform Mumbai 2014
  • 2. About  Moshe Ferber, 39, Based in Israel  Information security professional for over 20 years  Founded Cloud7, Managed Security Services provider (currently owned by Matrix LTD)  Partner at Clarisite – Your customer’s eye view  Partner at FortyCloud – Make your public cloud private  Member of the board at Macshava Tova – Narrowing societal gaps  Certified CCSK instructor for the Cloud Security Alliance.  Co-Chairman of the Board, Cloud Security Alliance, Israeli Chapter
  • 3. What we are going to talk about Sources:  Cloud Security Alliance Notorious nine cloud computing threats.  Cloud Security Alliance Cloud Computing Vulnerability Incidents: A Statistical Overview Cloud computing threats – what they are? how do they reflect in the real world? What are the attacks vectors?
  • 4. #1 Data Breaches  Cloud Provider will continue to be a target for data breaches, sometimes just for the accounts and not even for the data.  iCloud, Evernote, Adobe tells the story well.  But not all data lost happens due to hacking, Unintended disclosure is also happening.  Cloud Computing and Shadow IT contribute to this phenomena. Source: Verizon data breach report 2013 Shadow IT
  • 5. #2 Data Lost  Hacking or simple failures – it does not really matter.  Multi Cloud backup or external backups are not a “nice to have”.
  • 6. #3 Account Hijacking New account Hijacking Motivation:
  • 7. #4 Insecure Interfaces and API’s The cloud providers management dashboard, especially in IaaS, is the most intimidating attack vector
  • 8. DNS Amplification Attacks #5 Denial of Service  Network DDOS are becoming less common when talking about cloud providers.  But application level attacks are increasing.
  • 10. #7 Abuse of Cloud Services
  • 11. #8 Insufficient due Diligence  Evaluating your provider is hard, very hard.  Government legislation and industry efforts will lead to better understanding of Cloud Accountability.  CSA will help in promoting transparency and provider evaluation methodology.
  • 12. #9 Shared Technologies vulnerabilities
  • 13. #9 Shared Technologies vulnerabilities  From the infrastructure point of view SDN might solve some of the problems.  Innovation is required on the application layer, Identity Management and encryption.
  • 14. Moshe Ferber  moshe@onlinecloudsec.com  www.onlinecloudsec.com http://il.linkedin.com/in/MosheFerber KEEP IN TOUCH Cloud Security Course Schedule can be find at: http://www.onlinecloudsec.com/course-schedule