Presented at Secure 360 in May 2015: Based on my blog post: 5 Ways Silicon Valley “Startups” Are Approaching Security Differently – Available here: http://blog.opendns.com/2014/09/26/5-ways-silicon-valley-startups-approaching-security-differently The perimeter is dissolving. Your users are going mobile. The Cloud is descending upon us. However you say it, the IT landscape is definitely changing, and thanks to these seismic shifts, cracks in your security have developed that allow the bad guys in. So if you could start from scratch and design your IT organization again with the benefit of today’s technology, how would you do it differently? I asked that question and got answers from a few of the who’s who of the Silicon Valley “startups” that have experienced explosive growth in recent years. While it may be impossible or impractical to immediately apply these changes to your organization, understanding their approach could give you a valuable window into how your organization may be forced to change in the coming months or years if you hope to be successful securing your IT environment of the future.

1. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
How Silicon Valley startups are
approaching security differently
a.k.a. The New Security Stack
Scott Cressman
Senior Product Manager, OpenDNS
@scott_cressm

2. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
</me>
• BEng, Computer
• Early experience in Support &
Professional Services
• Over 12 years in security doing
Product Management
• Regularly work with security
thought leaders of Fortune 500, Bay
Area “startups”
<me>

3. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Agenda
@scott_cressm
• Baseline
• Who are these “Silicon Valley startups?”
• How do they approach security differently?
• Bringing it all together
• What can you do?

4. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
BASELINE
Why we’re here. Why they’re adapting.
@scott_cressm

5. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Last 20 years of security:
Got a problem?
BUY A BOX
FIREWALL
@scott_cressm

6. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
VPN
EMAIL GATEWAY
WEB PROXY
DLP
NEW OFFICE
Another problem?
ANOTHER BOX!
Keep Stacking…
SANDBOX
FASTER ROUTER
FIREWALL
@scott_cressm

7. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
BUT,
your users have
left the building…
@scott_cressm

8. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
AND, your apps are in the Cloud…
@scott_cressm

9. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
DarkHotel
Attack
OFF NETWORK
AND SUPPLIERS
BRANCH OFFICE/
STORE/CLINIC
HQ
Attackers are
Targeting the
Weakest Links
@scott_cressm

10. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
WHO ARE THESE “STARTUPS”?
How they’re different
@scott_cressm

11. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Who are they?
@scott_cressm

12. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
How do they work?
@scott_cressm

13. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
What do they value?
@scott_cressm
Productivity over obstruction
Mobility over control
Visibility over prevention
Automation over repetition
Outsourcing over distraction
Partnership over dictatorship

14. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
HOW ARE THEY DOING IT?
Differently…
@scott_cressm

15. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
A lighter touch

16. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
Mostly Microsoft

17. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
Content filtering focus

18. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
Traditional Web Proxy

19. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
Heavyweight endpoint agents

20. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
Off-network security VPN dependence

21. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Focus on mobility
@scott_cressm

22. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Off-network devices
@scott_cressm

23. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Maintain security without violating privacy
@scott_cressm

24. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Federate Identity
@scott_cressm

25. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Federated Identity is a prerequisite
@scott_cressm

26. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Identity always, everywhere
@scott_cressm

27. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
The device is expendable
@scott_cressm

28. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Optimize for productivity
@scott_cressm
+
=

29. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Invest in security teams & automation
@scott_cressm

30. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Internal focus on simplification & discovery
@scott_cressm
• “Internal” focus
• Shift to discovery from prevention
• Simplification of their “protection ecosystem”

31. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Demand openness from their vendors
@scott_cressm

32. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Analysts actually doing security
@scott_cressm
• Analysts spending time on analysis
• Run security drills
• Threat Intelligence sharing (STIX/TAXII)
• Consumption of threat intel (e.g. FBI Flash
bulletins, FS-ISAC, etc.)

33. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Operationalize their intelligence
@scott_cressm

34. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Threat Intelligence Platforms
@scott_cressm

35. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
BRINGING IT ALL TOGETHER
The new Security Stack & Protection Ecosystem
@scott_cressm

36. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
The Shifting Security Stack
@scott_cressm

37. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org @scott_cressm
UMBRELLA
Enforcement
Instant protection on- and off-
network.
Reporting
Near real-time visibility on- and off-
network of all DNS traffic.
INVESTIGATE
Intelligence
Enrich threat intel and assist with
investigations and IR (incident
response).
context on
domains,
IPs, or ASNs
GET
Internal
Systems
logs
SECURITY
INCIDENT &
EVENT
MANAGEMENT
THREAT
INTEL
PLATFORM
logs
GET
POST
events
Example security lifecycle

38. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
WHAT CAN YOU DO?
Today and in the coming months & years
@scott_cressm

39. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Revisit your priorities
@scott_cressm

40. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Demand more of your vendors
@scott_cressm

41. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Invest in (cloud) identity management
@scott_cressm

42. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
Invest in your security team & automation
@scott_cressm

43. Celebrating a decade
of guiding security
professionals.
@Secure360 or www.Secure360.org
OPEN CONVERSATION
Questions & commentary
@scott_cressm