SlideShare a Scribd company logo

C7 defending the cloud with monitoring and auditing

Dr. Wilfred Lin (Ph.D.)
Dr. Wilfred Lin (Ph.D.)

The document discusses defending data in the cloud through monitoring and auditing. It notes that cloud adoption is increasing as data grows, but security concerns are the top priority for customers. The presentation recommends using preventative measures like encryption, and detective controls like activity monitoring and auditing to comply with regulations and detect threats like fraudulent data migration or SQL injection attacks. Case studies show how companies implement Oracle's database security solutions to address their compliance and risk management needs.

Technology
1 of 26
Download to read offline
Defending the Cloud with Monitoring and Auditing Eva Chang Senior Sales Consultant
Agenda  Data growth and cloud adoption  Data governance and risk management  Detect fraudulent data migration  Monitor data moving to and within the cloud  Report to address regulatory compliance 2 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
DVDs Stacked to the moon 4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
80% protected by Enterprises 5 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. And back
Data in the Cloud The Digital Universe in the Cloud Will Increase 20% by 2020 Not touched by cloud Stored or touched 17% 2012 37% 2020 6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Source: IDC Digital Universe Study
Security: Top of Mind for Customers Only thing trending higher than the cloud? Security concerns about the cloud… 82% 54% #1 Risk 7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Concerned about cloud security & privacy Worried about a cloud provider data breach Undetected data breach
Cloud Security Spend Increasing 20% of IT budget by 2016 Source: Gartner 8 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Database Security Strategy Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
10 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 11 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Data Governance Reporting for Compliance Data Migration Cloud Data Movement 12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Data Governance and Risk Management Policies and Procedures for Managing Information Usage Opportunity LOB IT Risk 13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
DoR employee Phishing email malware 8/29 used passwords to access 6 servers 9/1-2 Installed malicious backdoor and accessed 22 servers Malware stole Username password 9/12 Copied database backup files to a staging directory 10/19-20 DoR remediates after being notified of breach by 3rd party Aug/Sep 2012 8/27 Attacker logs into remote access service w/ credentials Executed utilities designed to obtain user account passwords (six servers) 15 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. 9/13 Exfiltrated tax records since ‘98: 3.8m individuals $12 million in associated costs Jeopardized governor’s re-election 1-year credit-monitoring & ID theft protection 800,000
Detect Fraudulent Data Migration Database Auditing  Monitor for large internal data migrations in existing environments  Audit all databases for privilege user data access  Automate continual auditing of sensitive data 16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
T-Mobile Monitors Data Exfiltration in Oracle and non-Oracle Databases Solution Provider of wireless voice, messaging, and data services throughout the U.S. Fourth largest wireless company in the U.S. with more than 35 million subscribers Industry: Telecom 17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses data security with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data
Monitor Data Moving To and Within the Cloud Database Activity Monitoring and SQL Injection Prevention  Monitor database and system activity – Increase traffic visibility  Prevent database threats – SQL injection attacks and privilege escalation  Detect application by-pass and data harvesting 18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
SquareTwo Financial Prevents Database Threats Including SQL Injection Attacks Solution Leader in $100 billion asset recovery and management industry Partner Network used by Fortune 500 companies in banking, credit card, and health care Industry: Financial Services 19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses compliance with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server databases
Address Regulatory Compliance Reporting and Alerting  Comply with regulations – GLBA, HIPAA, SOX, PCI and more  Alert in real-time to prevent further compromise  Collect, consolidate audit trails and system logs 20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
TransUnion Interactive Addresses PCI DSS Compliance Solution Consumer subsidiary of TransUnion, a global leader in credit information Maintains credit histories on over 500 million consumers globally Industry: Financial Services 21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Deployed Database Firewall in one month to monitor database traffic  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Additional: Oracle Advanced Security to encrypt tablespaces
Oracle Audit Vault and Database Firewall Database Firewall APP S Firewall Events Alerts ! Built-in Reports AUDIT DATA Custom Reports Policies AUDIT VAULT 22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Custom
For More Information Oracle Audit Vault and Database Firewall 23 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c 24 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Q&A 25 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
26 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.

Recommended

Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness Test
Druva
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
Druva
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & Analytics
Eryk Budi Pratama
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
Eryk Budi Pratama
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Getting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensicsGetting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensics
Druva
 
Data goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copyData goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copy
Sandra (Sandy) Dunn
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 

Recommended

Data Privacy Readiness Test
Data Privacy Readiness TestData Privacy Readiness Test
Data Privacy Readiness Test
Druva
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
Druva
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & Analytics
Eryk Budi Pratama
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
Eryk Budi Pratama
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Getting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensicsGetting a clue: uncovering the truth about your data with mobile forensics
Getting a clue: uncovering the truth about your data with mobile forensics
Druva
 
Data goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copyData goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copy
Sandra (Sandy) Dunn
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
Happiest Minds Technologies
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
Ulf Mattsson
 
IDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to GroundIDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Software
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
Eryk Budi Pratama
 
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesProtecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Druva
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Ulf Mattsson
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
Ulf Mattsson
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
Russ Holmes
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
 
Jelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with AxcientJelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with Axcient
Erin Olson
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
Big data and social media, BAE Systems Detica
Big data and social media, BAE Systems DeticaBig data and social media, BAE Systems Detica
Big data and social media, BAE Systems DeticaInternet World
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)
Eryk Budi Pratama
 
The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research
Druva
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Eryk Budi Pratama
 
Data Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data InsightData Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data Insight
Symantec
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
Ulf Mattsson
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
Eryk Budi Pratama
 
A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...Dr. Wilfred Lin (Ph.D.)
 
C6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterC6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterDr. Wilfred Lin (Ph.D.)
 

More Related Content

What's hot

California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
Happiest Minds Technologies
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
Ulf Mattsson
 
IDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to GroundIDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Software
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
Eryk Budi Pratama
 
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesProtecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Druva
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Ulf Mattsson
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
Ulf Mattsson
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
Russ Holmes
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
 
Jelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with AxcientJelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with Axcient
Erin Olson
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
Big data and social media, BAE Systems Detica
Big data and social media, BAE Systems DeticaBig data and social media, BAE Systems Detica
Big data and social media, BAE Systems DeticaInternet World
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)
Eryk Budi Pratama
 
The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research
Druva
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Eryk Budi Pratama
 
Data Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data InsightData Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data Insight
Symantec
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
Ulf Mattsson
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
Eryk Budi Pratama
 

What's hot (20)

California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
IDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to GroundIDERA Live | Mitigating Data Risks from Cloud to Ground
IDERA Live | Mitigating Data Risks from Cloud to Ground
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best PracticesProtecting Corporate Data When an Employee Leaves: Survey and Best Practices
Protecting Corporate Data When an Employee Leaves: Survey and Best Practices
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
 
Jelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with AxcientJelecos: Achieving Compliance with Axcient
Jelecos: Achieving Compliance with Axcient
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
Big data and social media, BAE Systems Detica
Big data and social media, BAE Systems DeticaBig data and social media, BAE Systems Detica
Big data and social media, BAE Systems Detica
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)
 
The state of data privacy with dimensional research
The state of data privacy with dimensional research The state of data privacy with dimensional research
The state of data privacy with dimensional research
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Data Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data InsightData Sheet - Manage unstructured data growth with Symantec Data Insight
Data Sheet - Manage unstructured data growth with Symantec Data Insight
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 

Viewers also liked

A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...Dr. Wilfred Lin (Ph.D.)
 
C6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterC6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterDr. Wilfred Lin (Ph.D.)
 
B3 mobile development and deployment platform enabled by oracle fusion midd...
B3 mobile development and deployment platform enabled by oracle fusion midd...B3 mobile development and deployment platform enabled by oracle fusion midd...
B3 mobile development and deployment platform enabled by oracle fusion midd...Dr. Wilfred Lin (Ph.D.)
 
C5 accelerating your journey to self-service it
C5 accelerating your journey to self-service itC5 accelerating your journey to self-service it
C5 accelerating your journey to self-service itDr. Wilfred Lin (Ph.D.)
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingDr. Wilfred Lin (Ph.D.)
 
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
Dr. Wilfred Lin (Ph.D.)
 
K2 keynote 2_oracle_saa_s_strategy
K2 keynote 2_oracle_saa_s_strategyK2 keynote 2_oracle_saa_s_strategy
K2 keynote 2_oracle_saa_s_strategy
Dr. Wilfred Lin (Ph.D.)
 

Viewers also liked (9)

A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...
 
C6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterC6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times faster
 
K2 oracle open world highlights
K2 oracle open world highlightsK2 oracle open world highlights
K2 oracle open world highlights
 
K1 innovation in practice
K1 innovation in practiceK1 innovation in practice
K1 innovation in practice
 
B3 mobile development and deployment platform enabled by oracle fusion midd...
B3 mobile development and deployment platform enabled by oracle fusion midd...B3 mobile development and deployment platform enabled by oracle fusion midd...
B3 mobile development and deployment platform enabled by oracle fusion midd...
 
C5 accelerating your journey to self-service it
C5 accelerating your journey to self-service itC5 accelerating your journey to self-service it
C5 accelerating your journey to self-service it
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computing
 
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
K1 keynote 1_oracle_integrated_cloud_strategy_and_vision_for_journey_to_cloud...
 
K2 keynote 2_oracle_saa_s_strategy
K2 keynote 2_oracle_saa_s_strategyK2 keynote 2_oracle_saa_s_strategy
K2 keynote 2_oracle_saa_s_strategy
 

Similar to C7 defending the cloud with monitoring and auditing

Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
Bee_Ware
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET Journal
 
Tdwi austin simplifying big data delivery to drive new insights final
Tdwi austin simplifying big data delivery to drive new insights finalTdwi austin simplifying big data delivery to drive new insights final
Tdwi austin simplifying big data delivery to drive new insights final
Sal Marcus
 
The Changing Data Quality & Data Governance Landscape
The Changing Data Quality & Data Governance LandscapeThe Changing Data Quality & Data Governance Landscape
The Changing Data Quality & Data Governance LandscapeTrillium Software
 
Cisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout SessionCisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout Session
Basil Hashem
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
Jason Lackey
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for Governments
CloudMask inc.
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
Troy Kitch
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Mousumi Manna
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Mousumi Manna
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Tapan Biswas
 
Michael Josephs
Michael JosephsMichael Josephs
Michael Josephs
daveGBE
 
Innovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big DataInnovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big Data
Cloudera, Inc.
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Storage Switzerland
 
Bezpečná databáze a jak využít volně dostupný nástroj DBSAT
Bezpečná databáze a jak využít volně dostupný nástroj DBSATBezpečná databáze a jak využít volně dostupný nástroj DBSAT
Bezpečná databáze a jak využít volně dostupný nástroj DBSAT
MarketingArrowECS_CZ
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
IBM Sverige
 
IRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future DirectionsIRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET Journal
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingDr. Wilfred Lin (Ph.D.)
 

Similar to C7 defending the cloud with monitoring and auditing (20)

Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
 
Tdwi austin simplifying big data delivery to drive new insights final
Tdwi austin simplifying big data delivery to drive new insights finalTdwi austin simplifying big data delivery to drive new insights final
Tdwi austin simplifying big data delivery to drive new insights final
 
The Changing Data Quality & Data Governance Landscape
The Changing Data Quality & Data Governance LandscapeThe Changing Data Quality & Data Governance Landscape
The Changing Data Quality & Data Governance Landscape
 
Cisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout SessionCisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout Session
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for Governments
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
Michael Josephs
Michael JosephsMichael Josephs
Michael Josephs
 
Innovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big DataInnovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big Data
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
 
Bezpečná databáze a jak využít volně dostupný nástroj DBSAT
Bezpečná databáze a jak využít volně dostupný nástroj DBSATBezpečná databáze a jak využít volně dostupný nástroj DBSAT
Bezpečná databáze a jak využít volně dostupný nástroj DBSAT
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
IRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future DirectionsIRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future Directions
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everything
 

More from Dr. Wilfred Lin (Ph.D.)

C7 engineered data_protection_for_oracle_databases
C7 engineered data_protection_for_oracle_databasesC7 engineered data_protection_for_oracle_databases
C7 engineered data_protection_for_oracle_databases
Dr. Wilfred Lin (Ph.D.)
 
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloudC6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
Dr. Wilfred Lin (Ph.D.)
 
C5 journey to_the_cloud_with_oracle_sparc
C5 journey to_the_cloud_with_oracle_sparcC5 journey to_the_cloud_with_oracle_sparc
C5 journey to_the_cloud_with_oracle_sparc
Dr. Wilfred Lin (Ph.D.)
 
C4 optimizing your_application_infrastructure
C4 optimizing your_application_infrastructureC4 optimizing your_application_infrastructure
C4 optimizing your_application_infrastructure
Dr. Wilfred Lin (Ph.D.)
 
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_centerC3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
Dr. Wilfred Lin (Ph.D.)
 
C2 five journeys_to_the_cloud
C2 five journeys_to_the_cloudC2 five journeys_to_the_cloud
C2 five journeys_to_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
C1 keynote creating_your_enterprise_cloud_strategy
C1 keynote creating_your_enterprise_cloud_strategyC1 keynote creating_your_enterprise_cloud_strategy
C1 keynote creating_your_enterprise_cloud_strategy
Dr. Wilfred Lin (Ph.D.)
 
B7 api management_enabling_digital_transformation
B7 api management_enabling_digital_transformationB7 api management_enabling_digital_transformation
B7 api management_enabling_digital_transformation
Dr. Wilfred Lin (Ph.D.)
 
B6 improve operational_efficiency_through_process_and_document_collaboration
B6 improve operational_efficiency_through_process_and_document_collaborationB6 improve operational_efficiency_through_process_and_document_collaboration
B6 improve operational_efficiency_through_process_and_document_collaboration
Dr. Wilfred Lin (Ph.D.)
 
B5 modernise your_cloud_to_on_premises_integration
B5 modernise your_cloud_to_on_premises_integrationB5 modernise your_cloud_to_on_premises_integration
B5 modernise your_cloud_to_on_premises_integration
Dr. Wilfred Lin (Ph.D.)
 
B4 making dev_ops_really_work
B4 making dev_ops_really_workB4 making dev_ops_really_work
B4 making dev_ops_really_work
Dr. Wilfred Lin (Ph.D.)
 
B3 getting started_with_cloud_native_development
B3 getting started_with_cloud_native_developmentB3 getting started_with_cloud_native_development
B3 getting started_with_cloud_native_development
Dr. Wilfred Lin (Ph.D.)
 
B2 oracle mobile_any_app_to_any_service_lets_go
B2 oracle mobile_any_app_to_any_service_lets_goB2 oracle mobile_any_app_to_any_service_lets_go
B2 oracle mobile_any_app_to_any_service_lets_go
Dr. Wilfred Lin (Ph.D.)
 
B1 keynote reimagine_application_development_and_delivery_with_oracle_platform
B1 keynote reimagine_application_development_and_delivery_with_oracle_platformB1 keynote reimagine_application_development_and_delivery_with_oracle_platform
B1 keynote reimagine_application_development_and_delivery_with_oracle_platform
Dr. Wilfred Lin (Ph.D.)
 
A7 storytelling with_oracle_analytics_cloud
A7 storytelling with_oracle_analytics_cloudA7 storytelling with_oracle_analytics_cloud
A7 storytelling with_oracle_analytics_cloud
Dr. Wilfred Lin (Ph.D.)
 
A6 big data_in_the_cloud
A6 big data_in_the_cloudA6 big data_in_the_cloud
A6 big data_in_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
A5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloudA5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
A4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiencyA4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiency
Dr. Wilfred Lin (Ph.D.)
 
A3 transforming data_management_in_the_cloud
A3 transforming data_management_in_the_cloudA3 transforming data_management_in_the_cloud
A3 transforming data_management_in_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
A2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_changeA2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_change
Dr. Wilfred Lin (Ph.D.)
 

More from Dr. Wilfred Lin (Ph.D.) (20)

C7 engineered data_protection_for_oracle_databases
C7 engineered data_protection_for_oracle_databasesC7 engineered data_protection_for_oracle_databases
C7 engineered data_protection_for_oracle_databases
 
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloudC6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
C6 oracles storage_strategy_from_databases_to_engineered_systems_to_cloud
 
C5 journey to_the_cloud_with_oracle_sparc
C5 journey to_the_cloud_with_oracle_sparcC5 journey to_the_cloud_with_oracle_sparc
C5 journey to_the_cloud_with_oracle_sparc
 
C4 optimizing your_application_infrastructure
C4 optimizing your_application_infrastructureC4 optimizing your_application_infrastructure
C4 optimizing your_application_infrastructure
 
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_centerC3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
C3 bringing the_power_of_the_public_cloud_to_your_secure_data_center
 
C2 five journeys_to_the_cloud
C2 five journeys_to_the_cloudC2 five journeys_to_the_cloud
C2 five journeys_to_the_cloud
 
C1 keynote creating_your_enterprise_cloud_strategy
C1 keynote creating_your_enterprise_cloud_strategyC1 keynote creating_your_enterprise_cloud_strategy
C1 keynote creating_your_enterprise_cloud_strategy
 
B7 api management_enabling_digital_transformation
B7 api management_enabling_digital_transformationB7 api management_enabling_digital_transformation
B7 api management_enabling_digital_transformation
 
B6 improve operational_efficiency_through_process_and_document_collaboration
B6 improve operational_efficiency_through_process_and_document_collaborationB6 improve operational_efficiency_through_process_and_document_collaboration
B6 improve operational_efficiency_through_process_and_document_collaboration
 
B5 modernise your_cloud_to_on_premises_integration
B5 modernise your_cloud_to_on_premises_integrationB5 modernise your_cloud_to_on_premises_integration
B5 modernise your_cloud_to_on_premises_integration
 
B4 making dev_ops_really_work
B4 making dev_ops_really_workB4 making dev_ops_really_work
B4 making dev_ops_really_work
 
B3 getting started_with_cloud_native_development
B3 getting started_with_cloud_native_developmentB3 getting started_with_cloud_native_development
B3 getting started_with_cloud_native_development
 
B2 oracle mobile_any_app_to_any_service_lets_go
B2 oracle mobile_any_app_to_any_service_lets_goB2 oracle mobile_any_app_to_any_service_lets_go
B2 oracle mobile_any_app_to_any_service_lets_go
 
B1 keynote reimagine_application_development_and_delivery_with_oracle_platform
B1 keynote reimagine_application_development_and_delivery_with_oracle_platformB1 keynote reimagine_application_development_and_delivery_with_oracle_platform
B1 keynote reimagine_application_development_and_delivery_with_oracle_platform
 
A7 storytelling with_oracle_analytics_cloud
A7 storytelling with_oracle_analytics_cloudA7 storytelling with_oracle_analytics_cloud
A7 storytelling with_oracle_analytics_cloud
 
A6 big data_in_the_cloud
A6 big data_in_the_cloudA6 big data_in_the_cloud
A6 big data_in_the_cloud
 
A5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloudA5 cloud security_now_a_reason_to_move_to_the_cloud
A5 cloud security_now_a_reason_to_move_to_the_cloud
 
A4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiencyA4 drive dev_ops_agility_and_operational_efficiency
A4 drive dev_ops_agility_and_operational_efficiency
 
A3 transforming data_management_in_the_cloud
A3 transforming data_management_in_the_cloudA3 transforming data_management_in_the_cloud
A3 transforming data_management_in_the_cloud
 
A2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_changeA2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_change
 

Recently uploaded

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 

Recently uploaded (20)

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 

C7 defending the cloud with monitoring and auditing

  • 1. Defending the Cloud with Monitoring and Auditing Eva Chang Senior Sales Consultant
  • 2. Agenda  Data growth and cloud adoption  Data governance and risk management  Detect fraudulent data migration  Monitor data moving to and within the cloud  Report to address regulatory compliance 2 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 3. 3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 4. DVDs Stacked to the moon 4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 5. 80% protected by Enterprises 5 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. And back
  • 6. Data in the Cloud The Digital Universe in the Cloud Will Increase 20% by 2020 Not touched by cloud Stored or touched 17% 2012 37% 2020 6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Source: IDC Digital Universe Study
  • 7. Security: Top of Mind for Customers Only thing trending higher than the cloud? Security concerns about the cloud… 82% 54% #1 Risk 7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Concerned about cloud security & privacy Worried about a cloud provider data breach Undetected data breach
  • 8. Cloud Security Spend Increasing 20% of IT budget by 2016 Source: Gartner 8 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 9. Database Security Strategy Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 10. 10 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 11. Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 11 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 12. Data Governance Reporting for Compliance Data Migration Cloud Data Movement 12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 13. Data Governance and Risk Management Policies and Procedures for Managing Information Usage Opportunity LOB IT Risk 13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 14. 14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 15. DoR employee Phishing email malware 8/29 used passwords to access 6 servers 9/1-2 Installed malicious backdoor and accessed 22 servers Malware stole Username password 9/12 Copied database backup files to a staging directory 10/19-20 DoR remediates after being notified of breach by 3rd party Aug/Sep 2012 8/27 Attacker logs into remote access service w/ credentials Executed utilities designed to obtain user account passwords (six servers) 15 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. 9/13 Exfiltrated tax records since ‘98: 3.8m individuals $12 million in associated costs Jeopardized governor’s re-election 1-year credit-monitoring & ID theft protection 800,000
  • 16. Detect Fraudulent Data Migration Database Auditing  Monitor for large internal data migrations in existing environments  Audit all databases for privilege user data access  Automate continual auditing of sensitive data 16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 17. T-Mobile Monitors Data Exfiltration in Oracle and non-Oracle Databases Solution Provider of wireless voice, messaging, and data services throughout the U.S. Fourth largest wireless company in the U.S. with more than 35 million subscribers Industry: Telecom 17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses data security with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data
  • 18. Monitor Data Moving To and Within the Cloud Database Activity Monitoring and SQL Injection Prevention  Monitor database and system activity – Increase traffic visibility  Prevent database threats – SQL injection attacks and privilege escalation  Detect application by-pass and data harvesting 18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 19. SquareTwo Financial Prevents Database Threats Including SQL Injection Attacks Solution Leader in $100 billion asset recovery and management industry Partner Network used by Fortune 500 companies in banking, credit card, and health care Industry: Financial Services 19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses compliance with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server databases
  • 20. Address Regulatory Compliance Reporting and Alerting  Comply with regulations – GLBA, HIPAA, SOX, PCI and more  Alert in real-time to prevent further compromise  Collect, consolidate audit trails and system logs 20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 21. TransUnion Interactive Addresses PCI DSS Compliance Solution Consumer subsidiary of TransUnion, a global leader in credit information Maintains credit histories on over 500 million consumers globally Industry: Financial Services 21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Deployed Database Firewall in one month to monitor database traffic  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Additional: Oracle Advanced Security to encrypt tablespaces
  • 22. Oracle Audit Vault and Database Firewall Database Firewall APP S Firewall Events Alerts ! Built-in Reports AUDIT DATA Custom Reports Policies AUDIT VAULT 22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Custom
  • 23. For More Information Oracle Audit Vault and Database Firewall 23 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 24. Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c 24 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 25. Q&A 25 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  • 26. 26 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.