The Riskiest Industries in the Cloud
•
0 likes•193 views
This document summarizes a webinar presented by CloudLock on lessons learned from their CyberLab research facility. Some of the key points covered include: - CloudLock's CyberLab conducts threat intelligence, proactive monitoring, independent research and breach investigations based on data from over 10 million users and 1 billion files. - Their research found the riskiest industries for cloud security are financial services, healthcare, and technology due to factors like excessive sharing of sensitive data. - A real world example was presented of a credentials reaping attack at a technology company that compromised 3 users and spread to over 2,500 emails through password recycling and geographic hopping over 2 weeks. - Recommendations to help prevent these types
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Similar to The Riskiest Industries in the Cloud
Similar to The Riskiest Industries in the Cloud (20)
Recently uploaded
Recently uploaded (20)
The Riskiest Industries in the Cloud
- 1. Lessons Learned from Our CyberLab Riskiest Industries in the Cloud 1
- 2. Continuing Professional Education (CPE) Credits Claim your CPE credit for attending this webinar https://www.isc2.org/ For more information or questions please contact us info@cloudlock.com 2
- 3. Q4 2015 Cloudlock CyberLab Report
- 4. Presenters Bernd Leger VP of Marketing Yishai Beeri Director of Cybersecurity Research 4
- 5. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 5 05 Lessons Learned
- 6. CloudLock CyberLab Based in Tel-Aviv, CyberLab is CloudLock’s formal cybersecurity research facility. CyberLab Leverages CloudLock’s unique background from Israeli and U.S. Intelligence communities 6
- 7. CyberLab Services 7 Threat Intelligence CyberLab Proactive Monitoring Independent Research Threat Assessment Breach Investigations
- 9. Basis for CyberLab Research 9 10 Million Users 1 Billion Files 101,000+ Unique Apps CloudLock based findings on anonymized usage data across:
- 10. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 10 05 Lessons Learned
- 11. Attack Surface is Increasing While Cloud Usage is Exploding 111111 10x Files Stored in Public Cloud Apps increase in 1 Year 52,000 Third-Party App Installs by Privileged & Administrative Users 4,000 per organization contain usernames and passwords exposed files
- 12. External Collaboration on the Rise 12
- 13. If Done the Wrong Way... 13
- 14. The 1% who can take down your Organization: Quantifying the Risk 14
- 15. Key Findings
- 16. The 1% Who Can Take Down Your Organization 16 No Industry is Immune
- 17. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 17 05 Lessons Learned
- 18. Riskiest Industries in the Cloud: Where Do You Stand? Concerned with Excessive Sharing Concerned with Password Protection 18
- 19. Riskiest Industries in the Cloud: Where Do You Stand? Concerned with PII Concerned with PCI 19
- 20. Riskiest Industries in the Cloud: Where Do You Stand? Public Exposures Caused by 1% of Users Organization-Wide Exposures Caused by 1% of Users Highly Concentrated Exposure Risk in Financial Services 20
- 21. Top Cloud Cybersecurity Concerns in Retail 21
- 22. Top Cloud Cybersecurity Concerns in Manufacturing 22
- 23. Top Cloud Cybersecurity Concerns in K-12 23
- 24. Top Cloud Cybersecurity Concerns in Higher Ed 24
- 25. Top Cloud Cybersecurity Concerns in Government 25
- 26. Top Cloud Cybersecurity Concerns in Technology 26
- 27. Top Cloud Cybersecurity Concerns in Healthcare 27
- 28. Top Cloud Cybersecurity Concerns in Financial Services 28
- 29. Agenda 01 02 03 04 CloudLock’s CyberLab We All Want (World Peace and) Security Where The Differences Lie Real World Example 29 05 Lessons Learned
- 30. Real world example - Cloud Credentials Reaping ● Technology Services ● 1,000+ Employees ● Global presence 30 ● Basic phishing email ● Targets Google Apps ● 3 breached users ● 2,500 emails (spread) ● 2-week wait ● No data leak (yet) Victim Profile Attack Profile
- 31. Credentials Reaping - Timeline 31 Dec 2 Incoming phishing email wave Several accounts compromised Dec 3 2 accounts breached Outgoing ~600 emails Password changes & cleanup Dec 16 3rd account breached ~1800 emails in 2nd wave Dec 17 Request to engage CyberLab
- 32. Credentials Reaping - Actual Breach 32
- 33. Credentials Reaping - Takeaways High spread (3 users → 2500 emails) Geography Hopping Longer attack durations 33
- 34. Credentials Reaping - Recommendations User & Entity Behavior Analytics (UEBA) to detect Forensics to determine impact User education - every user counts Broad password recycling 34
- 36. 16% Decrease in Risk in 1 Day 36
- 37. Customer Story - Rapid ROI 37 ● US based company in the travel industry. ● 62% of decrease in public exposures in one day by leveraging UEBA ● Reached out to top users with public exposures ● Rapid return on investment ● Revealed gaps in employee security training
- 38. Next Step: Get a Cybersecurity Assessment bit.ly/cloudlock-assessment
- 39. Q&A Bernd Leger VP of Marketing 39 Yishai Beeri Director of Cybersecurity Research
- 40. Thank You Questions & Answers www.cloudlock.com info@cloudlock.com 781.996.4332 40