The Ponemon Institute issued a first-of-its-kind report sponsored by Netskope that identifies a “cloud multiplier effect” on the probability of a data breach. IT and security professionals believe that increasing the use of cloud services in the enterprise will increase the likelihood of a $20M data breach by as much as 3x. In these slides and the accompanying on-demand video, Dr. Larry Ponemon and Netskope CEO Sanjay Beri for a look at the report findings and for advice on how enterprises can mitigate this multiplier and enable safe cloud usage.
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
Shadow IT. It's not a new term and certainly not a new challenge. But with only blunt-force solutions like saying "no" or blocking cloud services at the firewall, IT has not been able to do much to address the challenge. This is all changing. Business and IT leaders alike see real value in cloud services and want to take a lean-forward approach to enabling them. The reality, though, is that cloud services are not without their risks, and the risk of a data breach increases when the cloud is involved. Hear from Netskope about the risks, economic impact, and multiplier effect of a cloud data breach, and how forward-looking organizations are walking the razor’s edge to mitigate these risks while enabling the cloud.
Cloud Security for Dummies Webinar — The Identity EditionNetskope
Join "Cloud Security for Dummies" authors Ravi Ithal and Krishna Narayanaswamy, along with Patrick Harding, CTO from Ping Identity for this special “Identity Edition” of the Cloud Security for Dummies webinar series.
In this panel-style discussion, the experts will compare notes, debate approaches, and share stories from the cloud security and identity and access management front lines. IT security professionals will walk away with best practices on:
- Finding and assessing risk of all cloud apps running in your enterprise
- Onboarding new apps and bringing them into the secure Single Sign On fold
- Using identity to enable access and enforce usage and content policies
- Dealing with security issues such as poor reputation users and compromised accounts
- Communicating and coaching users
Shadow IT is often used in a derogatory manner, but what if the apps and services a company's employees are bringing into the enterprise were actually the secret to their success? What if the efficiency and productivity gains your company is experiencing are owed, in part, to these apps that IT isn't responsible for sourcing and enabling? In this presentation Netskope discusses the challenges and opportunities that come from the use of rogue apps in the enterprise and how IT can turn the corner and end the catch-22 between enablement and security.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Netskope
Let’s face it: When it comes to data loss prevention, we’re not in Kansas anymore. Any and all types of sensitive business data is now stored in the cloud and accessed from personal devices and most of the time, IT doesn’t even know it. This presentation is from a webinar with our guest speaker Forrester VP and Principal Analyst John Kindervag and Netskope VP of Product Management Rajneesh Chopra. In it, they explore the following:
- Trends surrounding cloud and data loss prevention
- How on-premises DLP users have helped shape the design of new, cloud-based solutions
- Key architectural considerations for enterprises who have invested in on-premises DLP
- Pitfalls that every IT security professional should look out for when developing a cloud DLP strategy
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
The “move to the cloud” has long been considered a key initiative by organizations worldwide. With this move, there’s a level of increased risk that enterprises must address. What’s different is using cloud services requires abdicating some control over how systems and data are being protected. We begin this discussion on this footing.
Join Scott Hogrefe, Sr. Director of Market Data for Netskope, who will lead this discussion about what CISOs need to know about:
- Their cloud risk
- How to quantify it for their corporate leadership and board of directors
- How to convey it in the context of their overall cloud strategy
Data Privacy, Security, and Sovereignty in a Cloudy WorldNetskope
Jon Oltsik, ESG Senior Principal Analyst and widely recognized information security expert, reviews what it means to ensure data privacy, security, and sovereignty, and what you should be looking for from your cloud providers.
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
The explosion of useful cloud applications has enabled new levels of productivity, resulting in strategic advantages for some healthcare providers. But cloud app usage is not without risk.
Craig Guinasso, CSO of Genomic Health, is leveraging the power of the cloud, while solving some of today’s most complex security challenges.
Craig, along with Krishna Narayanaswamy, co-founder and chief scientist of Netskope, discuss the top five strategies that healthcare technology and security leaders are adopting to get the most out of the cloud, while protecting patient health data and maintaining their organization’s compliance.
Attendees will learn how to:
- Think about cloud services in relation to business objectives
- Triage Shadow IT and consolidate on the most enterprise-ready cloud services
- Create checks and policies to identify and prevent PHI leaks
- Turn their business stakeholders into security champions
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesNetskope
90% of cloud apps in the enterprise are being used without IT’s knowledge. Whether brought in by individuals or lines of business, there’s an average of 508 apps per enterprise and more than 5,000 in the world from which people can choose. Where things get even more interesting is when cloud and mobile combine and the opportunity for data loss and breaches multiply.
These slides are from a webinar where leading identity management, cloud security, and fraud management expert Andras Cser from Forrester and Netskope’s Sr. Director of Product Marketing Bob Gilbert talk about the importance of understanding which employees are using which cloud apps and from where they’re accessing them.
View the on-demand webinar here:
http://www.netskope.com/webinars/securing-cloud-users-left-devices/
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
Shadow IT. It's not a new term and certainly not a new challenge. But with only blunt-force solutions like saying "no" or blocking cloud services at the firewall, IT has not been able to do much to address the challenge. This is all changing. Business and IT leaders alike see real value in cloud services and want to take a lean-forward approach to enabling them. The reality, though, is that cloud services are not without their risks, and the risk of a data breach increases when the cloud is involved. Hear from Netskope about the risks, economic impact, and multiplier effect of a cloud data breach, and how forward-looking organizations are walking the razor’s edge to mitigate these risks while enabling the cloud.
Cloud Security for Dummies Webinar — The Identity EditionNetskope
Join "Cloud Security for Dummies" authors Ravi Ithal and Krishna Narayanaswamy, along with Patrick Harding, CTO from Ping Identity for this special “Identity Edition” of the Cloud Security for Dummies webinar series.
In this panel-style discussion, the experts will compare notes, debate approaches, and share stories from the cloud security and identity and access management front lines. IT security professionals will walk away with best practices on:
- Finding and assessing risk of all cloud apps running in your enterprise
- Onboarding new apps and bringing them into the secure Single Sign On fold
- Using identity to enable access and enforce usage and content policies
- Dealing with security issues such as poor reputation users and compromised accounts
- Communicating and coaching users
Shadow IT is often used in a derogatory manner, but what if the apps and services a company's employees are bringing into the enterprise were actually the secret to their success? What if the efficiency and productivity gains your company is experiencing are owed, in part, to these apps that IT isn't responsible for sourcing and enabling? In this presentation Netskope discusses the challenges and opportunities that come from the use of rogue apps in the enterprise and how IT can turn the corner and end the catch-22 between enablement and security.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Netskope
Let’s face it: When it comes to data loss prevention, we’re not in Kansas anymore. Any and all types of sensitive business data is now stored in the cloud and accessed from personal devices and most of the time, IT doesn’t even know it. This presentation is from a webinar with our guest speaker Forrester VP and Principal Analyst John Kindervag and Netskope VP of Product Management Rajneesh Chopra. In it, they explore the following:
- Trends surrounding cloud and data loss prevention
- How on-premises DLP users have helped shape the design of new, cloud-based solutions
- Key architectural considerations for enterprises who have invested in on-premises DLP
- Pitfalls that every IT security professional should look out for when developing a cloud DLP strategy
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
The “move to the cloud” has long been considered a key initiative by organizations worldwide. With this move, there’s a level of increased risk that enterprises must address. What’s different is using cloud services requires abdicating some control over how systems and data are being protected. We begin this discussion on this footing.
Join Scott Hogrefe, Sr. Director of Market Data for Netskope, who will lead this discussion about what CISOs need to know about:
- Their cloud risk
- How to quantify it for their corporate leadership and board of directors
- How to convey it in the context of their overall cloud strategy
Data Privacy, Security, and Sovereignty in a Cloudy WorldNetskope
Jon Oltsik, ESG Senior Principal Analyst and widely recognized information security expert, reviews what it means to ensure data privacy, security, and sovereignty, and what you should be looking for from your cloud providers.
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
The explosion of useful cloud applications has enabled new levels of productivity, resulting in strategic advantages for some healthcare providers. But cloud app usage is not without risk.
Craig Guinasso, CSO of Genomic Health, is leveraging the power of the cloud, while solving some of today’s most complex security challenges.
Craig, along with Krishna Narayanaswamy, co-founder and chief scientist of Netskope, discuss the top five strategies that healthcare technology and security leaders are adopting to get the most out of the cloud, while protecting patient health data and maintaining their organization’s compliance.
Attendees will learn how to:
- Think about cloud services in relation to business objectives
- Triage Shadow IT and consolidate on the most enterprise-ready cloud services
- Create checks and policies to identify and prevent PHI leaks
- Turn their business stakeholders into security champions
Forrester Research: Securing the Cloud When Users are Left to Their Own DevicesNetskope
90% of cloud apps in the enterprise are being used without IT’s knowledge. Whether brought in by individuals or lines of business, there’s an average of 508 apps per enterprise and more than 5,000 in the world from which people can choose. Where things get even more interesting is when cloud and mobile combine and the opportunity for data loss and breaches multiply.
These slides are from a webinar where leading identity management, cloud security, and fraud management expert Andras Cser from Forrester and Netskope’s Sr. Director of Product Marketing Bob Gilbert talk about the importance of understanding which employees are using which cloud apps and from where they’re accessing them.
View the on-demand webinar here:
http://www.netskope.com/webinars/securing-cloud-users-left-devices/
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
Jamie Barnett from Netskope describes how to enable SaaS while Securing Data. For more information about netskope, see: https://www.wesecure.nl/producten/netskope/
The Definitive CASB Business Case Kit - PresentationNetskope
As #1 on Gartner’s information security agenda, CASB is a must-have. But is your business case lined up? Get started now with the definitive CASB business case starter kit. The kit includes:
- The Gartner Market Guide to Cloud Access Security Brokers
- A CASB justification letter that you can tailor and deliver to your decision-maker
- A CASB ROI calculator into which you can enter your assumptions, plus a 3-slide companion executive presentation
- A sample Cloud Risk Assessment so you know what to expect when you request this analysis from your CASB
- The Netskope Cloud Report, which contains the latest cloud security benchmarks
- The 15 Most Critical CASB Use Cases eBook, which will help you understand and prioritize your CASB use cases
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
One of today's biggest cloud trends is enterprise adoption of the Microsoft Office 365 suite. There is one wrinkle, though. Your business wants to move quickly to get immediate value, while your security team needs to proceed a little more cautiously to ensure they can govern usage and protect sensitive data. Can organizations move quickly and instrument the proper controls?
Join Adrian Sanabria, Senior Security Analyst from 451 Research, Shamiana Soderberg, Senior Business Development Manager Cloud Productivity from Microsoft, and Jamie Barnett, CMO of Netskope for a look at safe enablement best practices for Office 365, and the role Cloud Access Security Brokers play in this effort.
Attendees will come away with the ten real-world requirements that every organization should consider when adopting a sanctioned cloud productivity suite like Office 365. These requirements will address areas like:
- Granular administrative and user controls across the Office 365 suite
- DLP for content “at rest” within and “en route” to or from the suite
- Usage and data governance within the suite and its ecosystem
Making Cloud Security Part of Your DNA Webinar SlidesNetskope
To watch the full Making Cloud Security Part of Your DNA webinar video, please go to: https://resources.netskope.com/h/i/65967799-making-cloud-security-part-of-your-dna
Summary:
As Chief Security Officer for leading cancer diagnostic company Genomic Health, Craig Guinasso makes cloud a strategic advantage while solving some of today’s most complex security challenges.
Join Craig, along with Sanjay Beri, CEO of Netskope, Missy Krasner, Managing Director of Healthcare at Box, and David Baker, CSO of Okta, for a webinar on the top five strategies that healthcare technology leaders should adopt to get the most out of the cloud while also protecting patient health data and keeping their organizations compliant.
In this powerpoint, you will get a glimpse into the webinar where we discussed how to:
- Think about cloud services in relation to business objectives
- Triage Shadow IT and consolidate on the most enterprise-ready cloud services
- Create checks and policies to identify and prevent PHI leaks
- Turn their business stakeholders into security champions
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
For enterprise and mid-sized companies who have deployed Office 365 but have not realized the full value of their investment, Forcepoint removes the barriers to full adoption by enhancing security and compliance, taking back unsanctioned IT, and implementing the right architecture.
ThinAir speaking session on endpoint data visibility and healthcare security compliance by Brian Reed. Connect with us on LinkedIn or twitter @thinairlabs for more details and live demo
The findings of a recent survey, commissioned by NetIQ through IDG Connect, found that increased cloud-based software-as-a-service (SaaS) application use by businesses has led to more confidence amongIT decision-makers that corporate data is better secured now than it has been in the past.
5 Highest-Impact CASB Use Cases - Office 365Netskope
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in Salesforce, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
This presentation covers the top Office 365-specific five CASB use cases that have the highest impact on cloud-consuming enterprises.
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
There is an art to securely using cloud apps and services, including SaaS, PaaS, and IaaS. In this Symantec webcast, hear from Steve Riley, a Gartner senior director analyst who focuses on public cloud security, and Eric Andrews, Symantec’s vice president of cloud security, as they share best practices with practical tips for deploying CASB. Watch here: https://symc.ly/2QTyUec.
The Internet of Security Things (A Story about Change) Lori MacVittie
Lots of change is impacting security. This presentation looks at four key security concerns that are most impacted by application and technology trends and what we can look for in solutions to address those concerns.
Is your security solution having trouble keeping up? Explore what a modern security solution looks like—built to tackle the evolving threat landscape while adapting to today’s global, mobile workforce.
Cloud adoption introduces new attack vectors and poses new security challenges. Learn how a visibility platform can help protect your data and applications in the cloud.
Securing medical apps in the age of covid finalDevOps.com
The COVID-19 pandemic has drastically altered the connected healthcare landscape, accelerating the usage of telemedicine and other remote healthcare delivery systems by as much as 11,000% for some populations. How has this unprecedented push affected healthcare and medical device application security? The security team at Intertrust recently analyzed 100 Android and iOS medical apps to find out.
In this webinar, we'll discuss:
Medical application and device threat trends
The top mHealth security vulnerabilities uncovered in our analysis
Strategies to keep your mHealth apps safe
Future advances in digital healthcare and how your security can evolve with it
Office 365 and other SaaS apps offer a number of advantages over premises-based apps, from easy access and deployment to lower costs. A key advantage of SaaS apps is IT's ability to shift the burden for app and infrastructure security to the cloud vendor while data security remains the responsibility of the enterprise. Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and many more.
Bitglass and (ISC)2 presents Episode 2 of our CASB Wars webinar trilogy where we explore the security gaps in Office 365 and how a Cloud Access Security Broker (CASB) can help mitigate the threat of data leakage across all SaaS apps. Using real-world use cases, see where native Office 365 security falls short and how a CASB can protect data end-to-end, from cloud to device.
June 2016 Worldwide Netskope Cloud Report Netskope
In this Netskope Cloud Report™, we’ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform™. Report findings are based on usage seen across millions of users in hundreds of accounts globally, and represent usage trends from January 1 through March 31, 2016.
Report highlights:
- Three-quarters of cloud apps in use lack key capabilities to comply with the upcoming European Union General Data Protection Regulation.
- Malware continues its rise in enterprise clouds, with an average of 11.0 percent of enterprises detecting malware in their sanctioned apps.
- 26.2 percent of malware files discovered in sanctioned apps are shared with internal or external users or publicly.
- Enterprises have an average of 935 cloud apps in use, a slight rise from 917 last quarter. The Microsoft Office 365 suite continues to lead the pack in top-used business productivity apps, with Office 365 Outlook.com, OneDrive for Business, SharePoint, Yammer, and Lync in the number 2, 3, 12, 19, and 20 spots, respectively.
- Cloud Storage apps dominate cloud DLP violations, with 73.6 percent of the total.
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
Jamie Barnett from Netskope describes how to enable SaaS while Securing Data. For more information about netskope, see: https://www.wesecure.nl/producten/netskope/
The Definitive CASB Business Case Kit - PresentationNetskope
As #1 on Gartner’s information security agenda, CASB is a must-have. But is your business case lined up? Get started now with the definitive CASB business case starter kit. The kit includes:
- The Gartner Market Guide to Cloud Access Security Brokers
- A CASB justification letter that you can tailor and deliver to your decision-maker
- A CASB ROI calculator into which you can enter your assumptions, plus a 3-slide companion executive presentation
- A sample Cloud Risk Assessment so you know what to expect when you request this analysis from your CASB
- The Netskope Cloud Report, which contains the latest cloud security benchmarks
- The 15 Most Critical CASB Use Cases eBook, which will help you understand and prioritize your CASB use cases
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
One of today's biggest cloud trends is enterprise adoption of the Microsoft Office 365 suite. There is one wrinkle, though. Your business wants to move quickly to get immediate value, while your security team needs to proceed a little more cautiously to ensure they can govern usage and protect sensitive data. Can organizations move quickly and instrument the proper controls?
Join Adrian Sanabria, Senior Security Analyst from 451 Research, Shamiana Soderberg, Senior Business Development Manager Cloud Productivity from Microsoft, and Jamie Barnett, CMO of Netskope for a look at safe enablement best practices for Office 365, and the role Cloud Access Security Brokers play in this effort.
Attendees will come away with the ten real-world requirements that every organization should consider when adopting a sanctioned cloud productivity suite like Office 365. These requirements will address areas like:
- Granular administrative and user controls across the Office 365 suite
- DLP for content “at rest” within and “en route” to or from the suite
- Usage and data governance within the suite and its ecosystem
Making Cloud Security Part of Your DNA Webinar SlidesNetskope
To watch the full Making Cloud Security Part of Your DNA webinar video, please go to: https://resources.netskope.com/h/i/65967799-making-cloud-security-part-of-your-dna
Summary:
As Chief Security Officer for leading cancer diagnostic company Genomic Health, Craig Guinasso makes cloud a strategic advantage while solving some of today’s most complex security challenges.
Join Craig, along with Sanjay Beri, CEO of Netskope, Missy Krasner, Managing Director of Healthcare at Box, and David Baker, CSO of Okta, for a webinar on the top five strategies that healthcare technology leaders should adopt to get the most out of the cloud while also protecting patient health data and keeping their organizations compliant.
In this powerpoint, you will get a glimpse into the webinar where we discussed how to:
- Think about cloud services in relation to business objectives
- Triage Shadow IT and consolidate on the most enterprise-ready cloud services
- Create checks and policies to identify and prevent PHI leaks
- Turn their business stakeholders into security champions
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
For enterprise and mid-sized companies who have deployed Office 365 but have not realized the full value of their investment, Forcepoint removes the barriers to full adoption by enhancing security and compliance, taking back unsanctioned IT, and implementing the right architecture.
ThinAir speaking session on endpoint data visibility and healthcare security compliance by Brian Reed. Connect with us on LinkedIn or twitter @thinairlabs for more details and live demo
The findings of a recent survey, commissioned by NetIQ through IDG Connect, found that increased cloud-based software-as-a-service (SaaS) application use by businesses has led to more confidence amongIT decision-makers that corporate data is better secured now than it has been in the past.
5 Highest-Impact CASB Use Cases - Office 365Netskope
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in Salesforce, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
This presentation covers the top Office 365-specific five CASB use cases that have the highest impact on cloud-consuming enterprises.
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
There is an art to securely using cloud apps and services, including SaaS, PaaS, and IaaS. In this Symantec webcast, hear from Steve Riley, a Gartner senior director analyst who focuses on public cloud security, and Eric Andrews, Symantec’s vice president of cloud security, as they share best practices with practical tips for deploying CASB. Watch here: https://symc.ly/2QTyUec.
The Internet of Security Things (A Story about Change) Lori MacVittie
Lots of change is impacting security. This presentation looks at four key security concerns that are most impacted by application and technology trends and what we can look for in solutions to address those concerns.
Is your security solution having trouble keeping up? Explore what a modern security solution looks like—built to tackle the evolving threat landscape while adapting to today’s global, mobile workforce.
Cloud adoption introduces new attack vectors and poses new security challenges. Learn how a visibility platform can help protect your data and applications in the cloud.
Securing medical apps in the age of covid finalDevOps.com
The COVID-19 pandemic has drastically altered the connected healthcare landscape, accelerating the usage of telemedicine and other remote healthcare delivery systems by as much as 11,000% for some populations. How has this unprecedented push affected healthcare and medical device application security? The security team at Intertrust recently analyzed 100 Android and iOS medical apps to find out.
In this webinar, we'll discuss:
Medical application and device threat trends
The top mHealth security vulnerabilities uncovered in our analysis
Strategies to keep your mHealth apps safe
Future advances in digital healthcare and how your security can evolve with it
Office 365 and other SaaS apps offer a number of advantages over premises-based apps, from easy access and deployment to lower costs. A key advantage of SaaS apps is IT's ability to shift the burden for app and infrastructure security to the cloud vendor while data security remains the responsibility of the enterprise. Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and many more.
Bitglass and (ISC)2 presents Episode 2 of our CASB Wars webinar trilogy where we explore the security gaps in Office 365 and how a Cloud Access Security Broker (CASB) can help mitigate the threat of data leakage across all SaaS apps. Using real-world use cases, see where native Office 365 security falls short and how a CASB can protect data end-to-end, from cloud to device.
June 2016 Worldwide Netskope Cloud Report Netskope
In this Netskope Cloud Report™, we’ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform™. Report findings are based on usage seen across millions of users in hundreds of accounts globally, and represent usage trends from January 1 through March 31, 2016.
Report highlights:
- Three-quarters of cloud apps in use lack key capabilities to comply with the upcoming European Union General Data Protection Regulation.
- Malware continues its rise in enterprise clouds, with an average of 11.0 percent of enterprises detecting malware in their sanctioned apps.
- 26.2 percent of malware files discovered in sanctioned apps are shared with internal or external users or publicly.
- Enterprises have an average of 935 cloud apps in use, a slight rise from 917 last quarter. The Microsoft Office 365 suite continues to lead the pack in top-used business productivity apps, with Office 365 Outlook.com, OneDrive for Business, SharePoint, Yammer, and Lync in the number 2, 3, 12, 19, and 20 spots, respectively.
- Cloud Storage apps dominate cloud DLP violations, with 73.6 percent of the total.
This is the way I like to present my web traffic reports.
Please if you have any doubt of comment share it with me, it will help to improve my work.
Thank you very much!!
E
PS: It looks better if you download it ;)
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in Salesforce, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
This presentation covers the top five CASB use cases that have the highest impact on cloud-consuming enterprises.
Want to view and control your internet traffic?
With NetScope you can easily monitor and view your network traffic in full graphical format. Look at live data in per second resolution, then drill down and zoom in on any part of that traffic you like.
Then Shape it! Prioritize important data, give lower priority to less important data and BLOCK data that should not be on your network.
We at EveryCloud, help you to be more cloud confident, we do this in a number of ways that include email security, web security, insider threat management, identity and access management, cloud communications and cloud access security.
Web Security – preventing DLP, URL spoofing, malicious sties, rogue web applications etc. Control access to networks, apps and websites, visualise users, data and device behaviour
Email Security – preventing phishing, ransomware, spam and data exposure. Improved protection against malware and other threats, increase employee and network efficiency.
Identity Access Management - helping your business to stay safe, by providing powerful solutions for MFA, password vulnerabilities, improve visibility and reporting, helping you reduce high volume helpdesk tickets, on boarding and off boarding staff, contractors and suppliers, leveraging best of breed SaaS, unify API access and management to keep apps and data safe, automate user lifecycles by connecting business and IT processes
Insider Threat protection - providing a 360-degree view of activities around your data – the who, what, where and when – by monitoring user behaviour and data flow – then instantly alerting to any anomalous or malicious activity.
Cloud Communications - we help your journey to a Cloud based Contact Centre improving Customer Service in an omni-channel environment integrating Call Centre, Email, Live Chat, co-browsing, Instant Messaging and much more.
Cloud Access Security - we assist you to govern your business’ cloud usage with visibility and control. We help you to understand risky activity, protect and prevent the loss of sensitive data and guard against cloud-based threats such as malware and ransomware.
Email us discover@everycloud.co.uk or visit our website www.everycloud.co.uk - we are happy to help you
Top 3 Reasons to Move Existing Applications to the CloudVMware
This slideshow presentation highlights the top three reasons businesses should consider moving their existing applications to public cloud with vCloud Air. The presentation features the business value benefits of using vCloud Air to move applications without change, gain seamless bi-directional application portability, and maintain full control of managing applications in the cloud.
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
If you’re implementing Office 365, Box, Salesforce, Google Apps – or virtually any SaaS application – and concerned about balancing security, compliance, and privacy, this is a session you can’t afford to miss. Join Bob Gilbert, Netskope’s Chief Evangelist and the author of the popular white paper, No Tradeoffs: Cloud Security and Privacy Don’t Need to Be at Odds: How Netskope Supports Privacy by Design, for a lively and interactive session featuring:
Cloud security best practices for business & IT leaders
Overcoming the shadow IT "chicken or egg" compliance dilemma
Dr. Cavoukian's Privacy by Design framework, how it applies to SaaS and how Cloud Access Security Brokers can help
Real-world case studies for balancing security and privacy in cloud security
The 1% Who Can Take Down your OrganizationCloudLock
The Cloud Cybersecurity Lessons We Learned from 10M Users. Learn about the top cloud cybersecurity trends that fly under your radar, what the distribution of cloud cybersecurity risk means for your ability to act on it, along with 3 key security skills you should master for an immediately safer cloud environment.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
DZone’s 2016 Guide To Building And Deploying Applications In The CloudSingaram Subramanian
How can you take advantage of the granularity,
elasticity, and pre-baked-ness of modern cloud services?
And, on the flip side, as your applications expand
outside blade-boxes and even beyond individual
data centers, how do you design (and troubleshoot)
applications that treat network links like secondgeneration
buses, that won’t hang if a service a
continent (and an SLA) away just isn’t working, and that
store sensitive data on machines whose geolocation and
hardware configuration you don’t even know?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Sarah Nirschl
Protecting enterprise systems against cyber threats is a strategic priority, yet only 42% of executives are confident they could recover without impacting their business from a cyber event. Find out the hidden risks of shadow IT, cloud and cyber insurance.
Cloud Computing IT Lexicon's Latest Hot SpotTech Mahindra
Cloud computing, a highly flexible deployment model is emerging because of enhancing interdependence of business and IT. Effective and efficient resource sharing, interconnecting between people, department and companies is possible because of this emerging technology. Cloud computing also provides a stable environment where Telcos can improve business outcomes by leveraging their experience in offering IT centric managed services. Though not without its flaws, cloud computing looks to change the way companies do business in the near future.
What kept your CISO up last night? What market forces and threats are most impactful to your peers? How will these shape the future of enterprise security? Bill Burns, Informatica CISO and former Scale Venture Partners Executive-in-Residence, formed an InfoSec investment thesis by combining his 20+ years of domain expertise with over 100 CISO peer interviews and online survey responses. In this session Bill will share his results and perspectives on what's ahead for practical enterprise security.
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaCristian Garcia G.
Hoy en día, una media de más de 1000 aplicaciones Cloud se está utilizando en cada empresa, de las cuales, el 98% se categoriza como «Shadow IT», lo cual significa que la dirección IT no las controla.
Además, 80% de la información que sale afuera de las empresas se comparte utilizando aplicaciones Cloud. Y más de 50% del acceso y uso de las aplicaciones Cloud se realiza desde fuera de las redes corporativas.
Top 5 Mistakes You Don’t Want to Make When Moving to the CloudInternap
The cloud is becoming an increasingly viable infrastructure deployment option, but is it the right choice for all of your applications? What differences in cloud offerings do you need to be aware of before you take the plunge? Learn the key considerations and success criteria for cloud adoption.
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Netskope
Security teams are constantly keeping up with complex attacks leveraging the cloud, but traditional security stacks just can’t keep pace with malicious actors or insiders. In the session, we’ll explore Gartner’s new SASE framework and how organizations can utilize Zero Trust, visibility into cloud-based traffic and cloud threat protection to build a modernized cloud-first stack.
In this Netskope Cloud Report™, we’ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform™. Report findings are based on usage seen across millions of users in hundreds of accounts globally, and represent usage trends from January 1 through March 31, 2016.
Report highlights:
- Three-quarters of cloud apps in use lack key capabilities to comply with the upcoming European Union General Data Protection Regulation.
- Malware continues its rise in enterprise clouds, with an average of 11.0 percent of enterprises detecting malware in their sanctioned apps.
- 26.2 percent of malware files discovered in sanctioned apps are shared with internal or external users or publicly.
- Enterprises have an average of 777 cloud apps in use, a slight rise from 769 last quarter. The Microsoft Office 365 suite continues to lead the pack in top-used business productivity apps, with Office 365 Outlook.com, OneDrive for Business, SharePoint, Yammer, and Lync in the number 2, 3, 12, 19, and 20 spots, respectively.
- Cloud Storage apps dominate cloud DLP violations, with 73.6 percent of the total.
In this Netskope Cloud Report infographic, we've compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform.
Fall 2015 Worldwide Netskope Cloud Report Netskope
In this Netskope Cloud Report infographic, we've compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform.
In this edition of the Netskope Cloud Report infographic for Europe, Middle East, and Africa, we've compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform.
In this Netskope Cloud Report infographic, we've compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform.
NetskopeTM is the leader in cloud app analytics and policy enforce- ment. Only Netskope eliminates the catch-22 between being agile and being secure and compliant by providing complete visibility, enforcing sophisticated policies, and protecting data in cloud apps.
In the third Netskope Cloud Report, we’ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform.
Here are some of the highlights from the report:
- Cloud app control at the firewall has led to “exception sprawl”, with 90% of usage in “blocked” apps
- 85% of apps aren’t enterprise-ready, and many of those are business-critical
- The top policy violations in cloud apps are upload, edit, and post
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
2. These slides are part of an on-demand webinar. To watch
the on-demand video with commentary, please visit:
http://www.netskope.com/webinars/data-breach-cloud-multiplier-effect/
8. Of respondents don’t think IT is vetting cloud
service security enough before deploying
8
69%
* Includes “unsure” responses
9. Do you think your cloud service provider would
notify you if they had a data breach?
9
72% of
respondents
said:
“NO”
10. The invisible cloud is troubling to IT
10
The percentage of cloud
services respondents think
they know about22.5 =
Netskope data shows it’s
actually more like 10%
11. 11
Actual:
461
IT estimate:
40-50
85% cloud apps aren’t
enterprise-ready
Cloud procurement
happens outside of IT
App redundancy:
• 41 HR
• 27 storage
• 27 finance
Source: Netskope Data
12. The following are contributors to
the cloud multiplier effect
12
Cloud app
adoption
Mobile and
consumerization
Ease and speed
of data sharing
13. 13
Increase use and
increase probability
If your organization had 100 cloud apps and added 25 more in a
12-month period, you would increase your probability (and
expected economic impact) of a data breach by 75%
14. We looked at 2 data breach types
14
Loss or theft of 100,000
customer records
Theft of high-value
information
17. The probability adjusted estimated
economic impact
11.8% of $20.1 =
$2.37M
25.4% of $11.8 =
$2.99M
18. Effects of cloud on the probability of theft or
loss of 100,000 or more customer records
18
Use of
cloud services
(SaaS)
Backup and storage of
sensitive and/or
confidential information
Increase use of cloud by 50% in 12 months
19. 19
Use of
cloud services
(SaaS)
Backup and storage of
sensitive and/or
confidential
information
Increase use of cloud by 50% in 12 months
Effects of cloud on the probability of theft of
high-value information
21. Invisible to IT
21
36% of business-critical
apps are in the cloud.
IT isn’t aware of nearly
half of them.
30% of business information
resides in the cloud.
IT doesn't have visibility into
more than one third of it.
24. 24
MEASURE:
Discover the cloud
apps running in your
enterprise
• 3rd party tools like
Netskope can analyze
firewall logs (and others)
for this information
• Resist the urge to
immediately blacklist
unsanctioned apps
27. 27
ACT:
Take action based on risk,
usage criticality
• Identify business-critical apps. Are they risky?
• If alternatives exist, consolidate users to low-risk apps
• If not, enforce usage and data policies to ensure protect data
and ensure compliance
• Monitor key apps for usage and data anomalies, alert on
known risky behaviors, and perform periodic forensic analysis
28. ACT:
Take action based on risk, usage
criticality
ANALYZE:
Understand the context of app usage at
a deeper level
MEASURE:
Discover the cloud apps running in your
enterprise
29. Granular Context
ONLY NETSKOPE
Any App Any Device
• Cover sanctioned or
unsanctioned apps
• API-level understanding
• Cover web-based or
native mobile apps
• Covers remote access
• User
• Device, browser
• App risk score
• Time
• Location
• Content
• DLP profile
• Activity
• With whom (sharing)
In Real-time
30. 30
The real face of shadow IT is
you and me.
Ultimately, this is simply
unmanaged risk.
31. Allow is the new block (allow is new block green
light slide)
31
S
M
Editor's Notes
Cloud computing is one of the most dramatic workplace shifts we’ve seen in decades. When we think about cloud app growth, it’s often about individuals’ usage of apps like Box and Dropbox. The reality is every line of business is adopting cloud apps, whether for HR, finance, supply chain, or business intelligence. Mobile, the other major crossover we’re seeing – with mobile devices and access surpassing that of PCs in virtually every measure – has fueled this shift. Cloud is no longer a question – it’s the way we do business.
There are nearly 5000 enterprise apps today. This is up from 3,000 6 months ago and we’re adding somewhere in the range of 100-150 of these apps per month on average. These are the most common apps and some apps you’ve never even heard of. I talk to customers who a year ago were trying to get their heads around deployments of apps we’ve all heard of like Evernote and HipChat… today these customers are calling me about apps like Trello and Seamless. These things aren’t just grow up in numbers, they’re growing out in category redundancy – we’ll talk about that in a minute. But why is this happening? How has it come to be?
The answer is closer to you than you think. Reach into your pocket and pull out your phone. Take out that tablet. Grab 1 of the 3 devices we all carry around with us everyday… We love these devices and we love these apps!
All of this is troubling to IT departments. When we talk to CIOs and CISOs there’s just a lot of uncertainty and anxiety about the quickly changing environment and pace of change. We’ve seen this before with other trends like mobile.
We wanted to find out the effect this was having on the perceived vulnerability and how cloud might effect the estimated economic impact of a data breach. We asked the Ponemon Institute to conduct a study. They surveyed more than 600 IT and security professionals, all of whom had knowledge of their use of cloud services. 61% of whom report to the CIO
However, for all of this cloud app goodness also comes tremendous cloud app sprawl. We at Netskope perform cloud assessments for our prospects and find that while IT usually estimates that they have about 40-50 apps running in their organizations (only a handful of which they manage), we discover about 400. Beyond the sheer volume of apps, the number of apps in business-critical or risky categories is surprising. In HR we find an average of 35 apps, and in finance/accounting, we find an average of 18. We also measure these apps’ enterprise-readiness, and find that more than three-quarters of them score a “medium” or below in our Cloud Confidence Index, which means they don’t meet enterprise standards for security, auditability, and business continuity. With the majority of cloud app procurement happening outside of IT, there is risk – risk of security events, data loss, and non-compliance. For IT, this creates a catch-22: Enable the cloud, but protect the business.
IT considers the following to be contributors to the cloud multiplier effect
Cloud app adoption
Mobile and consumerization
Ease and speed of data sharing
According to survey respondents, if you increase use of cloud services, you increase the probability of a data breach. By 3.1x actually, depending on the scenario involved.
So, for example, if you organization had 100 cloud apps and added 25 more in a 12-month period, you would increase your probability of a data breach by 75%
We examined 2 types of data breaches
Loss or theft of 100,000 or more customer records
Theft of high-value information such as intellectual property
In the study of data breaches over the years these are commonly used methods of examination
Leveraging previously calculated amounts from actual data breaches we know that the baseline cost of a data breach is $20.1 million for the loss or theft of 100,000 or more customer records and $11.8 million for the theft of high-value information. This comes from the Ponemon Institute’s study of the Cost of a Data Breach conducted with IBM in May of 2014.
This survey considered respondents answers and determined that their estimated baseline probability of a data breach of these two types was 11.8% and 25.4% respectively. This is, essentially, how they feel about their current environment, absent any changes. This is not “before cloud” and doesn’t consider how much they are, or are not, using the cloud today. It’s simply their “current state”.
So, if you consider their estimated probability today you get a probability adjusted estimate of the economic impact.
11.8% times $20.1 million gets you to $2.37 million for the loss or theft of 100,000 or more customer records.
25.4% times $11.8 million gets you to $2.99 million for the theft of high-value information
Of course IF a data breach of one of these types were to happen to them then the actual cost would be different, but this gives us a baseline from which to work.
The baseline established previously is important for estimating the economic impact that comes from increasing use of cloud in the enterprise. For instance, if you increase the use of SaaS by 50% in a 12 month period, you increase the probability of the loss or theft of 100,000 or more customer records by 2.6 times. When you factor in the probability adjusted economic impact, the cost goes up from $2.37 million to $6.08 million.
Similarly, the baseline established previously is important for estimating the economic impact that comes from increasing use of cloud in the enterprise. So, if you increase the use of cloud-based backup and storage for your sensitive or confidential information, you increase the probability of theft of high-value information by 1.6 times. When you factor in the probability adjusted economic impact, the cost goes up from $2.99 million to $4.93 million.
Survey respondents indicate that IT is still skittish about BYOD and that increasing access of cloud apps from personally owned mobile devices increases the probability of a data breach by 124 percent
Visibility into the use of cloud services is a big component of the challenges and why we think that the perceptions reflected in this study are resulting in the cloud multiplier effect. When business critical apps are in the cloud and IT can’t see half of them, this is naturally going to lead to uncertainty about security and the perception that cloud will lead to an increased probability of a data breach.
Love doesn’t have to be blind.
So, let’s start to talk about some solutions and how we find our way out of this morass. Here are a few things IT can do to get a better handle on things
Step 1: Let’s rip off our blind folds. Seeing is believing and knowing definitively the number of cloud apps people are using in your enterprise is the first step.
Your firewall alone isn’t going to be able to tell you this. You need a tool that’s tuned to see the 5000+ apps in existence that traverse your firewall or web gateway. And to be honest, that’s just the beginning. The portion of apps that will never touch a perimeter device is growing, so consider how you discover in real-time, beyond the network and in remote and mobile situations
Once you discover, take a moment and resist the urge to blacklist apps. You’ll find that many of these apps are actually considered business critical today.
Context is critical and you’d be surprised how deep an understanding you can get
Understand
App risk
Who is using the service and where they’re using it from
Understand the devices that are being used to access these apps
Understand the content and if it’s sensitive or not
Get to know the types of activities that people are conducting in these apps. In the case of sharing, understand who they are sharing with.
Act: With all the information you’ve gathered, you can start to come up with a plan and start making decisions.
When doing this, don’t think that you alone must assess every app. There are companies out there that will provide this information for you and some of them are leveraging the Cloud Controls Matrix from CSA. This matrix provides guidance for people in plain English and I think they’ve done a good job at capturing the criteria that should be used to evaluate cloud services.
The usage/popularity of apps can really help guide your triage. If a particularly risky app is being used by 300 people, you need to be a lot more thoughtful about your next steps than if it’s 1 or 2 people. Unless of course that 1 person is the CEO… and then you’ve got another problem on your hands. :)
And remember that Context Matters. The usage of an app can be risky and this is another pivot point you should consider in your triage. Coming at it from an activity point of view can be helpful. Saying “I want to look at sharing first, regardless of app risk”
Here, in summary. I think it’s a good starting point and I hope you think so to. Because ultimately ….
What makes Netskope unique? We developed our solution with three core assumptions in mind.
The first is we assumed that IT wouldn’t always manage the app. Unlike other solutions that may provide analytics and policy enforcement for apps that IT manages, they don’t do those things for any app, including unmanaged ones. This is important because, for example, if you set a policy against the upload of ePHI to cloud storage, you want to enforce it across the board, not just for the apps you manage or even know about.
Second, we assumed that users would be anywhere, on premises or on mobile devices. We architected the solution to support both on-premises and remote devices, PC and mobile, and web-based or native apps. So whether your user is accessing an app via the web at work or via the mobile version of that app via at Starbucks, you will have visibility and control over that usage.
Third, we assumed that beyond gaining visibility, IT would want the option to assert some control over cloud usage. This prompted us to provide the ability to enforce policies across any app, in real-time.
These three core assumptions are the basis for our philosophy and capabilities are unique to our solution and architecture.
Here’s the real face of shadow IT. A lot of the time it’s not at all sinister. They’re people like you and me, getting their jobs done and trying to do a better job of that all the time. And for IT, let’s just face it. It’s just a risk that has gone unmanaged and for quite some time now. So let’s do something about it…
But during that, let’s remember not to repeat the heavy-handed sins of the past instead, remember a simple mantra…