SlideShare a Scribd company logo

FBI Symposium on Cloud Computing and Security v2

GovCloud Network
GovCloud Network
TechnologyBusiness
1 of 29
Download to read offline
Cloud Computing and Security: Assessing the Risks Kevin L. Jackson Vice President & General Manager NJVC Cloud Services March 21, 2012 NJVC Proprietary - Do Not Release
NJVC Proprietary - Do Not Release
NJVC Proprietary - Do Not Release
NJVC Proprietary - Do Not Release
The New IT Era IDC September 2008 NJVC Proprietary - Do Not Release rev date 3/21/2012
Data Processing Explosion NJVC Proprietary - Do Not Release
Cloud Computing  Not a new technology but a new approach in the provisioning and consumption of information technology  A services oriented architecture (SOA) implemented typically on a virtualized infrastructure (compute, storage, networks) using commodity components coupled with highly automated controls enable the five essential characteristics of cloud computing. Key Benefits Key Concerns  Significant cost reductions  Standards  Reduced time to capability  Portability  Increased flexibility  Control/Availability  Elastic scalability  Security  Increase service quality  IT Policy  Increased security  Management / Monitoring  Ease of technology refresh  Ecosystem  Ease of collaboration  Increased efficiency NJVC Proprietary - Do Not Release
Cloud Computing: Value and Capabilities  Time  Reduce time to deliver/execute mission  Increased responsiveness/flexibility/availability  Cost  Optimizing cost to deliver/execute mission  Optimizing cost of ownership (lifecycle cost)  Increased efficiencies in capital/operational expenditures  Quality  Environmental improvements  Experiential improvements NJVC Proprietary - Do Not Release
Relational Databases and the Cloud German, BMW, Truck Truck The economics of data storage led to the use of German, BMW, BMW Car content addressable storage, Car SUV flat storage architectures and German, BMW, Germany … internet scaling. SUV Volkswagen … German Volkswagen, Truck Audi … Search … Toyota Country Japan Honda … Mazda Database design, Ford … database tuning no US Chrysler longer required with GM … infinite scalability and … consistent responsiveness US, GM, SUV 3t 1t 9 NJVC Proprietary - Do Not Release
Traditional Analytics Traditionally, lexical searches, filtering or ••••••••••• Boolean search attributes are used to reduce data to a “working set”. Analytical tools are then applied to this “working ••••••••••• set”. ••••••••••• ••••••••••• ••••••••••• Tools/Analysis Reports/Conclusions ••••••••••• All Data Sources / Types 1 NJVC Proprietary - Do Not Release
Cloud Enables Searching All the Data, All the Time ••••••••••• ••••••••••• ••••••••••• ••••••••••• ••••••••••• Reports/Conclusions ••••••••••• 1 NJVC Proprietary - Do Not Release
Survey NJVC Proprietary - Do Not Release
Security Concerns NJVC Proprietary - Do Not Release
Computing Malicious Insiders Data Loss or Leakage Unknown Risk Profile Shared Technology Issues Insecure Interfaces and APIs Account or Service Hijacking Abuse and Nefarious Use of Cloud Top Threats to Cloud Computing Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Governance Information Lifecycle Management Portability and Interoperability Traditional Security, Business Continuity, Data Center and Disaster Recovery NJVC Proprietary - Do Not Release Operations Incident Response, Notification and Remediation Application Security Operational Encryption and Key Management Identity and Access Management Virtualization
Sli de NJVC Proprietary - Do Not Release 15
Sli de NJVC Proprietary - Do Not Release 16
Sli de NJVC Proprietary - Do Not Release 17
Sli de NJVC Proprietary - Do Not Release 18
Overview Sli de NJVC Proprietary - Do Not Release 19
C&A vs FedRAMP Standard Certification & Authorization  100% of required agency controls  60-90 days to complete  $80k-$300K  Repeat with each new agency: 5 agency cost $400K-$1.5M  FedRAMP (290 Controls)  80% of required agency controls  60 days to complete  $65-$240K  Agency specific controls for new implementations: 5 agency cost $65K-$365K Slide 20 NJVC Proprietary - Do Not Release
Sli de NJVC Proprietary - Do Not Release 21
Sli de NJVC Proprietary - Do Not Release 22
Sli de NJVC Proprietary - Do Not Release 23
Sli de NJVC Proprietary - Do Not Release 24
Sli de NJVC Proprietary - Do Not Release 25
Continuous Monitoring Deliverables Vulnerability/Patch Management Scanning and Reporting Configuration Scanning and Reporting Incident Response Planning and Response POA&M Mitigation and Remediation Change Management and Control Penetration Testing A&A Documentation Maintenance Contingency Plan Testing NJVC Proprietary - Do Not Release
NIST Cloud Computing http://collaborate.nist.gov/twiki-cloud-computing NJVC Proprietary - Do Not Release
My Advice  Remember – Cloud computing is an emerging discipline Learn about it. Don’t run away This is not a new technology but extensive automation of what you’re already used to Same threat vectors. Same attacks but faster, broader and automated using “resource concentration” Cloud will save you, not hurt you. Be careful out there !! NJVC Proprietary - Do Not Release
Thank You ! Kevin L. Jackson Vice President General Manger NJVC Cloud Services (703) 335-0830 Kevin.jackson@NJVC.com http://www.NJVC.com http://kevinljackson.blogspot.com http://govcloud.ulitzer.com NJVC Proprietary - Do Not Release

Recommended

Military cloud computing 2011 kevin jackson
Military cloud computing 2011 kevin jacksonMilitary cloud computing 2011 kevin jackson
Military cloud computing 2011 kevin jackson
GovCloud Network
 
CNW 2011 Kevin Jackson, NJVC Presentation
CNW 2011 Kevin Jackson, NJVC PresentationCNW 2011 Kevin Jackson, NJVC Presentation
CNW 2011 Kevin Jackson, NJVC Presentation
GovCloud Network
 
Enterprise Architecture
Enterprise ArchitectureEnterprise Architecture
Enterprise Architecture
Raman Kannan
 
Pc Ware Norway Consepts And Solutions 2009
Pc Ware Norway Consepts And Solutions 2009Pc Ware Norway Consepts And Solutions 2009
Pc Ware Norway Consepts And Solutions 2009
siggen64
 
Cloud Computing -- Organizational Shift
Cloud Computing -- Organizational ShiftCloud Computing -- Organizational Shift
Cloud Computing -- Organizational Shift
Raman Kannan
 
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile ServicesHigh Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
guest8411c9
 
Harness the Power of the Cloud
Harness the Power of the CloudHarness the Power of the Cloud
Harness the Power of the Cloud
InnoTech
 
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
Vincent Kwon
 

Recommended

Military cloud computing 2011 kevin jackson
Military cloud computing 2011 kevin jacksonMilitary cloud computing 2011 kevin jackson
Military cloud computing 2011 kevin jackson
GovCloud Network
 
CNW 2011 Kevin Jackson, NJVC Presentation
CNW 2011 Kevin Jackson, NJVC PresentationCNW 2011 Kevin Jackson, NJVC Presentation
CNW 2011 Kevin Jackson, NJVC Presentation
GovCloud Network
 
Enterprise Architecture
Enterprise ArchitectureEnterprise Architecture
Enterprise Architecture
Raman Kannan
 
Pc Ware Norway Consepts And Solutions 2009
Pc Ware Norway Consepts And Solutions 2009Pc Ware Norway Consepts And Solutions 2009
Pc Ware Norway Consepts And Solutions 2009
siggen64
 
Cloud Computing -- Organizational Shift
Cloud Computing -- Organizational ShiftCloud Computing -- Organizational Shift
Cloud Computing -- Organizational Shift
Raman Kannan
 
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile ServicesHigh Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
High Availability MySQL with DRBD and Heartbeat MTV Japan Mobile Services
guest8411c9
 
Harness the Power of the Cloud
Harness the Power of the CloudHarness the Power of the Cloud
Harness the Power of the Cloud
InnoTech
 
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
IBM Smart Business Desktop Cloud - How to optimise the ROI from your desktop ...
Vincent Kwon
 
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
webhostingguy
 
Macleans - NZ Business taking on the world with a world class IT infrastructu...
Macleans - NZ Business taking on the world with a world class IT infrastructu...Macleans - NZ Business taking on the world with a world class IT infrastructu...
Macleans - NZ Business taking on the world with a world class IT infrastructu...
Vincent Kwon
 
Dataplex VMWare Event
Dataplex VMWare EventDataplex VMWare Event
Dataplex VMWare Event
dataplex systems limited
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM India Smarter Computing
 
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Carolyn Crowe
 
Tutorial 4 john r. savageau
Tutorial 4 john r. savageauTutorial 4 john r. savageau
Tutorial 4 john r. savageau
egovernment
 
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback OpportunityNovell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell
 
Track 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk guptaTrack 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk gupta
EMC Forum India
 
Embedded Database Technology | Interbase From Embarcadero Technologies
Embedded Database Technology | Interbase From Embarcadero TechnologiesEmbedded Database Technology | Interbase From Embarcadero Technologies
Embedded Database Technology | Interbase From Embarcadero Technologies
Michael Findling
 
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For PublicationAmsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
SOA Symposium
 
Linked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And ScalabilityLinked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And Scalability
ConSanFrancisco123
 
Army G6 Cloud Roadshow Brief
Army G6 Cloud Roadshow BriefArmy G6 Cloud Roadshow Brief
Army G6 Cloud Roadshow Brief
GovCloud Network
 
USAREUR Cloud Computing Training Class Presentation Heidelberg 1
USAREUR Cloud Computing Training Class Presentation Heidelberg 1USAREUR Cloud Computing Training Class Presentation Heidelberg 1
USAREUR Cloud Computing Training Class Presentation Heidelberg 1
GovCloud Network
 
The East West Connection
The East West ConnectionThe East West Connection
The East West Connection
GovCloud Network
 
Nat'l Defense Univ: Lessons Learned in CLoud Computing
Nat'l Defense Univ: Lessons Learned in CLoud ComputingNat'l Defense Univ: Lessons Learned in CLoud Computing
Nat'l Defense Univ: Lessons Learned in CLoud Computing
GovCloud Network
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
 
Agile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John BrennanAgile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John Brennan
GovCloud Network
 
Cryptographic Data Splitting and Cloud Computing
Cryptographic Data Splitting and Cloud ComputingCryptographic Data Splitting and Cloud Computing
Cryptographic Data Splitting and Cloud Computing
GovCloud Network
 
Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010
GovCloud Network
 
Yongsan presentation 4
Yongsan presentation 4Yongsan presentation 4
Yongsan presentation 4
GovCloud Network
 
DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)
GovCloud Network
 
Staying Safe in Cyberspace
Staying Safe in CyberspaceStaying Safe in Cyberspace
Staying Safe in Cyberspace
GovCloud Network
 

More Related Content

What's hot

High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
webhostingguy
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM India Smarter Computing
 
Tutorial 4 john r. savageau
Tutorial 4 john r. savageauTutorial 4 john r. savageau
Tutorial 4 john r. savageau
egovernment
 
Track 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk guptaTrack 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk gupta
EMC Forum India
 
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For PublicationAmsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
SOA Symposium
 
Linked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And ScalabilityLinked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And Scalability
ConSanFrancisco123
 

What's hot (11)

High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
High Availability MySQL with DRBD and Heartbeat: MTV Japan ...
 
Macleans - NZ Business taking on the world with a world class IT infrastructu...
Macleans - NZ Business taking on the world with a world class IT infrastructu...Macleans - NZ Business taking on the world with a world class IT infrastructu...
Macleans - NZ Business taking on the world with a world class IT infrastructu...
 
Dataplex VMWare Event
Dataplex VMWare EventDataplex VMWare Event
Dataplex VMWare Event
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
 
Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)Cast Iron Overview Webinar 6.13.12 Final(Jb)
Cast Iron Overview Webinar 6.13.12 Final(Jb)
 
Tutorial 4 john r. savageau
Tutorial 4 john r. savageauTutorial 4 john r. savageau
Tutorial 4 john r. savageau
 
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback OpportunityNovell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
 
Track 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk guptaTrack 1, session 5, beat the backup blues pk gupta
Track 1, session 5, beat the backup blues pk gupta
 
Embedded Database Technology | Interbase From Embarcadero Technologies
Embedded Database Technology | Interbase From Embarcadero TechnologiesEmbedded Database Technology | Interbase From Embarcadero Technologies
Embedded Database Technology | Interbase From Embarcadero Technologies
 
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For PublicationAmsterdam 2008 S O A 3 Difficult Pieces For Publication
Amsterdam 2008 S O A 3 Difficult Pieces For Publication
 
Linked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And ScalabilityLinked In Lessons Learned And Growth And Scalability
Linked In Lessons Learned And Growth And Scalability
 

Viewers also liked

Staying Safe in Cyberspace
Staying Safe in CyberspaceStaying Safe in Cyberspace
Staying Safe in Cyberspace
GovCloud Network
 

Viewers also liked (13)

Army G6 Cloud Roadshow Brief
Army G6 Cloud Roadshow BriefArmy G6 Cloud Roadshow Brief
Army G6 Cloud Roadshow Brief
 
USAREUR Cloud Computing Training Class Presentation Heidelberg 1
USAREUR Cloud Computing Training Class Presentation Heidelberg 1USAREUR Cloud Computing Training Class Presentation Heidelberg 1
USAREUR Cloud Computing Training Class Presentation Heidelberg 1
 
The East West Connection
The East West ConnectionThe East West Connection
The East West Connection
 
Nat'l Defense Univ: Lessons Learned in CLoud Computing
Nat'l Defense Univ: Lessons Learned in CLoud ComputingNat'l Defense Univ: Lessons Learned in CLoud Computing
Nat'l Defense Univ: Lessons Learned in CLoud Computing
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Agile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John BrennanAgile Cloud Conference 2 Introduction - John Brennan
Agile Cloud Conference 2 Introduction - John Brennan
 
Cryptographic Data Splitting and Cloud Computing
Cryptographic Data Splitting and Cloud ComputingCryptographic Data Splitting and Cloud Computing
Cryptographic Data Splitting and Cloud Computing
 
Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010Nist Cloud Computing Program Overview Nov 2010
Nist Cloud Computing Program Overview Nov 2010
 
Yongsan presentation 4
Yongsan presentation 4Yongsan presentation 4
Yongsan presentation 4
 
DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)DoD Business Capability Lifecycle (BCL) Guide (Draft)
DoD Business Capability Lifecycle (BCL) Guide (Draft)
 
Staying Safe in Cyberspace
Staying Safe in CyberspaceStaying Safe in Cyberspace
Staying Safe in Cyberspace
 
Kevin Jackson - DoDIIS Worldwide 2010
Kevin Jackson - DoDIIS Worldwide 2010Kevin Jackson - DoDIIS Worldwide 2010
Kevin Jackson - DoDIIS Worldwide 2010
 
Cloud Computing For Intelligence And Defense V6
Cloud Computing For Intelligence And Defense V6Cloud Computing For Intelligence And Defense V6
Cloud Computing For Intelligence And Defense V6
 

Similar to FBI Symposium on Cloud Computing and Security v2

Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Samy Fodil
 
Dell EMC Ready Solutions for Big Data
Dell EMC Ready Solutions for Big DataDell EMC Ready Solutions for Big Data
Dell EMC Ready Solutions for Big Data
BlueData, Inc.
 
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon Web Services
 
X.DAYS Service Provider Pitch Interlaken Swiss
X.DAYS Service Provider Pitch Interlaken SwissX.DAYS Service Provider Pitch Interlaken Swiss
X.DAYS Service Provider Pitch Interlaken Swiss
Ruud van Zutphen ⛅️
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
responsedatacomms
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
responsedatacomms
 
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Jyothi Satyanathan
 

Similar to FBI Symposium on Cloud Computing and Security v2 (20)

Cloud computing for Department of Transportation Federal Motor Carrier Safety...
Cloud computing for Department of Transportation Federal Motor Carrier Safety...Cloud computing for Department of Transportation Federal Motor Carrier Safety...
Cloud computing for Department of Transportation Federal Motor Carrier Safety...
 
Why Should the Financial Community Care About Cloud - Cobis2020
Why Should the Financial Community Care About Cloud - Cobis2020 Why Should the Financial Community Care About Cloud - Cobis2020
Why Should the Financial Community Care About Cloud - Cobis2020
 
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
 
Cloud native defined
Cloud native definedCloud native defined
Cloud native defined
 
CAR DAMAGE DETECTION USING DEEP LEARNING
CAR DAMAGE DETECTION USING DEEP LEARNINGCAR DAMAGE DETECTION USING DEEP LEARNING
CAR DAMAGE DETECTION USING DEEP LEARNING
 
Dell EMC Ready Solutions for Big Data
Dell EMC Ready Solutions for Big DataDell EMC Ready Solutions for Big Data
Dell EMC Ready Solutions for Big Data
 
Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)
 
Good Data: Collaborative Analytics On Demand
Good Data: Collaborative Analytics On DemandGood Data: Collaborative Analytics On Demand
Good Data: Collaborative Analytics On Demand
 
Private cloud at BMW Group – An open approach
Private cloud at BMW Group – An open approach Private cloud at BMW Group – An open approach
Private cloud at BMW Group – An open approach
 
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
 
X.DAYS Service Provider Pitch Interlaken Swiss
X.DAYS Service Provider Pitch Interlaken SwissX.DAYS Service Provider Pitch Interlaken Swiss
X.DAYS Service Provider Pitch Interlaken Swiss
 
How To Deliver High Performing Highly Available Cloud Applications
How To Deliver High Performing Highly Available Cloud ApplicationsHow To Deliver High Performing Highly Available Cloud Applications
How To Deliver High Performing Highly Available Cloud Applications
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
 
SAP on Cloud - An Innovation from Wharfedale Technologies
SAP on Cloud - An Innovation from Wharfedale TechnologiesSAP on Cloud - An Innovation from Wharfedale Technologies
SAP on Cloud - An Innovation from Wharfedale Technologies
 
Measure Data Quality
Measure Data QualityMeasure Data Quality
Measure Data Quality
 
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
 
The Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud ComputingThe Changes In Service Delivery With Cloud Computing
The Changes In Service Delivery With Cloud Computing
 
Introduction to Machine Learning on IBM Power Systems
Introduction to Machine Learning on IBM Power SystemsIntroduction to Machine Learning on IBM Power Systems
Introduction to Machine Learning on IBM Power Systems
 

More from GovCloud Network

Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
GovCloud Network
 
Intrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. JacksonIntrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. Jackson
GovCloud Network
 
A Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African GovernmentA Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African Government
GovCloud Network
 
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
GovCloud Network
 
Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)
GovCloud Network
 
Implementing big data in the cloud v2.5 3 4 2013
Implementing big data in the cloud v2.5 3 4 2013Implementing big data in the cloud v2.5 3 4 2013
Implementing big data in the cloud v2.5 3 4 2013
GovCloud Network
 
Kevin jackson cloud service brokerage for datacenter service providers for we...
Kevin jackson cloud service brokerage for datacenter service providers for we...Kevin jackson cloud service brokerage for datacenter service providers for we...
Kevin jackson cloud service brokerage for datacenter service providers for we...
GovCloud Network
 

More from GovCloud Network (20)

IaaS Price performance-benchmark
IaaS Price performance-benchmarkIaaS Price performance-benchmark
IaaS Price performance-benchmark
 
Cloud computing training what's right for me
Cloud computing training what's right for meCloud computing training what's right for me
Cloud computing training what's right for me
 
ViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT ChangeViON Corporation: Surviving IT Change
ViON Corporation: Surviving IT Change
 
Vets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate SuccessVets 360 Services - Military Dedication - Corporate Success
Vets 360 Services - Military Dedication - Corporate Success
 
GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014GovCloud Network LLC Overview - June 25, 2014
GovCloud Network LLC Overview - June 25, 2014
 
Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture Army PEO EIS Cloud Architecture
Army PEO EIS Cloud Architecture
 
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin JacksonICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
ICH Agile Cloud Session 1-Highlights /Prospective Svc Offerings Kevin Jackson
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
 
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
@AgileCLoud_ICH Presentation - 20140521 US Navy OPNAV - Capt Christopher Page
 
GovCloud Network Overview Presentation
GovCloud Network Overview PresentationGovCloud Network Overview Presentation
GovCloud Network Overview Presentation
 
PM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing briefPM ISE Information Interoperability Presentation -agile sourcing brief
PM ISE Information Interoperability Presentation -agile sourcing brief
 
Intrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. JacksonIntrusion Detection on Public IaaS - Kevin L. Jackson
Intrusion Detection on Public IaaS - Kevin L. Jackson
 
A Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African GovernmentA Framework for Cloud Computing Adoption in South African Government
A Framework for Cloud Computing Adoption in South African Government
 
NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013NCOIC GCC OWS-10 presentation 10 7 2013
NCOIC GCC OWS-10 presentation 10 7 2013
 
Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013Tech gate kevin l jackson - 09-21-2013
Tech gate kevin l jackson - 09-21-2013
 
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
Paving the Way to the Cloud: Cloud Services Brokerage for Highly Secure, Dem...
 
Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)Government cloud deployment lessons learned final (4 4 2013)
Government cloud deployment lessons learned final (4 4 2013)
 
Cloud computing-made-easy
Cloud computing-made-easyCloud computing-made-easy
Cloud computing-made-easy
 
Implementing big data in the cloud v2.5 3 4 2013
Implementing big data in the cloud v2.5 3 4 2013Implementing big data in the cloud v2.5 3 4 2013
Implementing big data in the cloud v2.5 3 4 2013
 
Kevin jackson cloud service brokerage for datacenter service providers for we...
Kevin jackson cloud service brokerage for datacenter service providers for we...Kevin jackson cloud service brokerage for datacenter service providers for we...
Kevin jackson cloud service brokerage for datacenter service providers for we...
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

FBI Symposium on Cloud Computing and Security v2

  • 1. Cloud Computing and Security: Assessing the Risks Kevin L. Jackson Vice President & General Manager NJVC Cloud Services March 21, 2012 NJVC Proprietary - Do Not Release
  • 2. NJVC Proprietary - Do Not Release
  • 3. NJVC Proprietary - Do Not Release
  • 4. NJVC Proprietary - Do Not Release
  • 5. The New IT Era IDC September 2008 NJVC Proprietary - Do Not Release rev date 3/21/2012
  • 6. Data Processing Explosion NJVC Proprietary - Do Not Release
  • 7. Cloud Computing  Not a new technology but a new approach in the provisioning and consumption of information technology  A services oriented architecture (SOA) implemented typically on a virtualized infrastructure (compute, storage, networks) using commodity components coupled with highly automated controls enable the five essential characteristics of cloud computing. Key Benefits Key Concerns  Significant cost reductions  Standards  Reduced time to capability  Portability  Increased flexibility  Control/Availability  Elastic scalability  Security  Increase service quality  IT Policy  Increased security  Management / Monitoring  Ease of technology refresh  Ecosystem  Ease of collaboration  Increased efficiency NJVC Proprietary - Do Not Release
  • 8. Cloud Computing: Value and Capabilities  Time  Reduce time to deliver/execute mission  Increased responsiveness/flexibility/availability  Cost  Optimizing cost to deliver/execute mission  Optimizing cost of ownership (lifecycle cost)  Increased efficiencies in capital/operational expenditures  Quality  Environmental improvements  Experiential improvements NJVC Proprietary - Do Not Release
  • 9. Relational Databases and the Cloud German, BMW, Truck Truck The economics of data storage led to the use of German, BMW, BMW Car content addressable storage, Car SUV flat storage architectures and German, BMW, Germany … internet scaling. SUV Volkswagen … German Volkswagen, Truck Audi … Search … Toyota Country Japan Honda … Mazda Database design, Ford … database tuning no US Chrysler longer required with GM … infinite scalability and … consistent responsiveness US, GM, SUV 3t 1t 9 NJVC Proprietary - Do Not Release
  • 10. Traditional Analytics Traditionally, lexical searches, filtering or ••••••••••• Boolean search attributes are used to reduce data to a “working set”. Analytical tools are then applied to this “working ••••••••••• set”. ••••••••••• ••••••••••• ••••••••••• Tools/Analysis Reports/Conclusions ••••••••••• All Data Sources / Types 1 NJVC Proprietary - Do Not Release
  • 11. Cloud Enables Searching All the Data, All the Time ••••••••••• ••••••••••• ••••••••••• ••••••••••• ••••••••••• Reports/Conclusions ••••••••••• 1 NJVC Proprietary - Do Not Release
  • 12. Survey NJVC Proprietary - Do Not Release
  • 13. Security Concerns NJVC Proprietary - Do Not Release
  • 14. Computing Malicious Insiders Data Loss or Leakage Unknown Risk Profile Shared Technology Issues Insecure Interfaces and APIs Account or Service Hijacking Abuse and Nefarious Use of Cloud Top Threats to Cloud Computing Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Governance Information Lifecycle Management Portability and Interoperability Traditional Security, Business Continuity, Data Center and Disaster Recovery NJVC Proprietary - Do Not Release Operations Incident Response, Notification and Remediation Application Security Operational Encryption and Key Management Identity and Access Management Virtualization
  • 15. Sli de NJVC Proprietary - Do Not Release 15
  • 16. Sli de NJVC Proprietary - Do Not Release 16
  • 17. Sli de NJVC Proprietary - Do Not Release 17
  • 18. Sli de NJVC Proprietary - Do Not Release 18
  • 19. Overview Sli de NJVC Proprietary - Do Not Release 19
  • 20. C&A vs FedRAMP Standard Certification & Authorization  100% of required agency controls  60-90 days to complete  $80k-$300K  Repeat with each new agency: 5 agency cost $400K-$1.5M  FedRAMP (290 Controls)  80% of required agency controls  60 days to complete  $65-$240K  Agency specific controls for new implementations: 5 agency cost $65K-$365K Slide 20 NJVC Proprietary - Do Not Release
  • 21. Sli de NJVC Proprietary - Do Not Release 21
  • 22. Sli de NJVC Proprietary - Do Not Release 22
  • 23. Sli de NJVC Proprietary - Do Not Release 23
  • 24. Sli de NJVC Proprietary - Do Not Release 24
  • 25. Sli de NJVC Proprietary - Do Not Release 25
  • 26. Continuous Monitoring Deliverables Vulnerability/Patch Management Scanning and Reporting Configuration Scanning and Reporting Incident Response Planning and Response POA&M Mitigation and Remediation Change Management and Control Penetration Testing A&A Documentation Maintenance Contingency Plan Testing NJVC Proprietary - Do Not Release
  • 28. My Advice  Remember – Cloud computing is an emerging discipline Learn about it. Don’t run away This is not a new technology but extensive automation of what you’re already used to Same threat vectors. Same attacks but faster, broader and automated using “resource concentration” Cloud will save you, not hurt you. Be careful out there !! NJVC Proprietary - Do Not Release
  • 29. Thank You ! Kevin L. Jackson Vice President General Manger NJVC Cloud Services (703) 335-0830 Kevin.jackson@NJVC.com http://www.NJVC.com http://kevinljackson.blogspot.com http://govcloud.ulitzer.com NJVC Proprietary - Do Not Release