SlideShare a Scribd company logo

The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g

Download as PPTX, PDF
Ulf Mattsson
Ulf Mattsson

How should we prepare for this new brave world where many 3rd party security providers disappeared into cloud providers? This will greatly impact many 3rd party security vendors, organizations and investors. Cloud transformations are accelerating. By 2020, cloud will increase by 157% and on-premises ’traditional’ IT infrastructure will decrease by 54%, according to 452 Research, 2018. We will cover how many security solutions will change, including: - WAF – Web Application Firewalls - SIEM - Firewalls - Encryption - Tokenization - Key Management - AV – Anti Virus - Network - And more...

1 of 58
1 The Day When 3rd Party Security Providers Disappear into Cloud Ulf Mattsson TokenEx stuffyoushouldknow
2 • Head of Innovation at TokenEx • Chief Technology Officer at Protegrity • Chief Technology Officer at Atlantic BT Security Solutions • Chief Technology Officer at Compliance Engineering • Developer at IBM Research and Development • Inventor of 70+ issued US patents • Providing products and services for Data Encryption and Tokenization, Data Discovery, Cloud Application Security Broker, Web Application Firewall, Managed Security Services, Security Operation Center, and Bench-marking/Gap-analysis. Ulf Mattsson
3 • Verizon Data Breach Investigations Report • Enterprises are losing ground in the fight against persistent cyber-attacks • We simply cannot catch the bad guys until it is too late. This picture is not improving • Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools • JP Morgan Chase data breach • Hackers were in the bank’s network for months undetected • Network configuration errors are inevitable, even at the larges banks • Capital One data breach • A hacker gained access to 100 million credit card applications and accounts • Amazon Web Services, the cloud hosting company that Capital One was using Enterprises Losing Ground Against Cyber-attacks
4 Source: ISSA Evolution of Cyber Attacks
5Source: Verizon 2019 DBIR, data-breach-investigations-report Threat Actors
6Source: Verizon Threat actors in breaches over time
7Source: Verizon 2019 DBIR, data-breach-investigations-report Webapp Servers in Payment Data Breaches
8
9 Tactics and Commonalities
10 The Day When 3rd Party Security Providers Disappear into Cloud • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Public Cloud / Multi- cloud Example pricing: 10 % of on-premises alternatives On-premises
11 Security monitoring and operations Monitor for malicious activity, handle security incidents, and support operational processes that prevent, detect, and respond to threats. •Cloud Security Command Center •Security center - G Suite •Alert center - G Suite •Data regions - G Suite •Access Transparency •Access Transparency - G Suite •Event Threat Detection •Cloud Audit Logs Infrastructure security Rely on a secure-by-design infrastructure with hardening, configuration management, and patch and vulnerability management. •Cloud Infrastructure Security Overview •Container Security Overview •Shielded VMs •Binary Authorization Network security Help secure the network with products that define and enforce your perimeter and allow for network segmentation, remote access, and DoS defense. •Virtual Private Cloud •Cloud Load Balancing •Encryption in transit •Application Layer Transport Security •Cloud Armor Endpoint security Help secure endpoints and prevent compromise with device hardening, device management, and patch and vulnerability management. •Chromebooks •Chrome OS •Chrome Browser •G Suite Device Management •Safe Browsing Data security Make sensitive data more secure with data discovery, controls to prevent loss, leakage, and exfiltration, and data governance. •Encryption at Rest •Cloud KMS •Cloud Data Loss Prevention •G Suite Data Loss Prevention - Gmail •G Suite Data Loss Prevention - Drive •G Suite Information Rights Controls •Cloud HSM •VPC Service Controls •G Suite enhance phishing and malware protection •G Suite third-party application access controls •G Suite security sandbox Identity and access management Manage and secure employee, partner, customer, and other identities, and their access to apps and data, both in the cloud and on-premises. •Cloud Identity •Identity Platform •Cloud IAM •Policy Intelligence •Cloud Resource Manager •Cloud Identity-Aware Proxy •Context-aware access •Managed Service for Microsoft Active Directory •Security key enforcement •Titan Security Key Application security Protect and manage your business applications with application testing, scanning, and API security features. •Cloud Security Scanner •Apigee User protection services Keep your users safe on the web. •Phishing Protection •ReCAPTCHA Enterprise •Web Risk API
12 Public Cloud / Multi-cloud
13 Public Cloud / Multi- cloud
14 Shared responsibilities across cloud service models Source: Microsoft
15 Shared responsibilities across cloud service models Source: Microsoft Bench-marking / Gap-analysis
16 Public Cloud / Multi- cloud • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities: • User Identity Management • Application Security • Data Security X
17 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity Management 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Security inside the application, container security, …
18 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities • User Identity Management • Application Security • Data Security X Emerging Industry Standards Public Cloud / Multi- cloud
19 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Data Tokenization Secure Cloud Security Separation Armor.com
20 Cloud Access Security Broker (CASB) Administrator Data Security for including encryption, tokenization or masking of fields or files (at transit and rest) Remote User Internal User Cloud Encryption Gateway (CASB) Secure Cloud Security Separation Armor.co m
21 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity Management 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Data Tokenization / encryption Secure Cloud Security Separation Armor.co m Data Protection for Multi-cloud
22 Payment Application Payment Systems Remote User Internal User Payment Application Data Protection for Multi-cloud Data Tokenization / encryption Secure Cloud Armor.co m Payment Network Data Tokens
23
24 We need some cloud compute!
25 We need some cloud compute!
26 Macro trends in Cloud security
27 Micro trends in Cloud security
28
29 Overall IT strategy is multi-cloud
30 IaaS features planned for implementation
31 Developing portable software
32 Security is a kay issue for public cloud
33 Management direction is clear
34 Securing Cloud Workloads – Greatest Increase in Spending
35
36 Trends in Data Masking, Tokenization and Encryption
37 Encryption and Privacy Models • Privacy enhancing data de-identification terminology and classification of techniques (ISO) Source: INTERNATIONAL STANDARD ISO/IEC 20889 Encrypted data has the same format Server model Local model Differential Privacy (DP) Formal privacy measurement models (PMM) De-identification techniques (DT) Cryptographic tools (CT) Format Preserving Encryption (FPE) Homomorphic Encryption (HE) Two values encrypted can be combined* K-anonymity model Responses to queries are only able to be obtained through a software component or “middleware”, known as the “curator**” The entity receiving the data is looking to reduce risk Ensures that for each identifier there is a corresponding equivalence class containing at least K records *: Multi Party Computation (MPC) **: Example Apple and Google
38 Encryption and Privacy Models Source: INTERNATIONAL STANDARD ISO/IEC 20889 Homomorphic Encryption (HE) *: Multi Party Computation (MPC) Oper (Enc_D1, Enc_D2) HE Dec HE Enc HE Enc Clear 12 Protected Key Clear D2 Enc D1 Enc D2 “Untrusted Party*” • Format Preserving Encryption (FPE), Homomorphic Encryption (HE) and Multi Party Computation (MPC) Clear 123 Format Preserving Encryption (FPE) FPE Enc Clear D1 FPE Dec Clear 123 Protected Keys 897
39 Encryption and Privacy Models ISSA International 39 Source: INTERNATIONAL STANDARD ISO/IEC 20889 Differential Privacy (DP) k-Anonymity Model __ __ __ *: Example Apple and Google Clear Protected Curator* Filter Clear Cleanser Filter Cleanser Filter Clear __ __ __ Protected DB DB • Differential Privacy (Google, Apple) and k-Anonymity Model
40 EU General Data Protection Regulation (GDPR) • What is Personal Data according to GDPR? Article 4 – Definitions • (1) ‘personal data’ means any information relating to an identified or identifiable natural person • (5) ‘pseudonymisation’ means the processing personal data in such a manner that the data can no longer be attributed to a specific data subject
41 GDPR Fines • When French regulators cited Europe's fledgling General Data Protection Act in fining Google $57 million earlier this year for playing fast and loose with consumer data in personalizing ads, experts called what was then the biggest fine issued under the new law the "tip of the iceberg.“ • The U.K.'s Information Commissioner's Office (ICO) on July 8 cited GDPR in announcing it would seek a $230 million fine against British Airways (equal to 1.5 percent of the company's annual revenue) for a September 2018 breach in which attackers accessed the protected data of nearly 500,000 customers through the airline's website and mobile applications. • The ICO alleged that ineffective security practices were to blame. • ICO added Marriott to the list, saying it intends to seek nearly $124 million from Marriott (or 3 percent of its annual revenue) for a breach that saw hackers maintain access to the Starwood guest reservation database between 2014 and 2018, compromising 383 million customer records. Source: rsaconference.com
42 Source: IBM Encryption and Tokenization Discover Data Assets Security by Design GDPR Security Requirements – Encryption and Tokenization
43 GDPR and California Consumer Privacy Act (CCPA) ISSA International
44 GDPR and California Consumer Privacy Act (CCPA) ISSA International
45 Example of Cross Border Data-centric Security Data sources Data Warehouse In Italy Complete policy-enforced de- identification of sensitive data across all bank entities
46 What is the difference? • Encryption - A data security measure using mathematic algorithms to generate rule-based values in place of original data • Tokenization - A data security measure using mathematic algorithms to generate randomized values in place of original data Tokens are versatile • Format-preserving tokens can be utilized where masked information is required Encryption vs Tokenization
47 Examples of Protected Data Field Real Data Tokenized / Pseudonymized Name Joe Smith csu wusoj Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA Date of Birth 12/25/1966 01/02/1966 Telephone 760-278-3389 760-389-2289 E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org SSN 076-39-2778 076-28-3390 CC Number 3678 2289 3907 3378 3846 2290 3371 3378 Business URL www.surferdude.com www.sheyinctao.com Fingerprint Encrypted Photo Encrypted X-Ray Encrypted Healthcare / Financial Services Dr. visits, prescriptions, hospital stays and discharges, clinical, billing, etc. Financial Services Consumer Products and activities Protection methods can be equally applied to the actual data, but not needed with de- identification
48 Token Scheme Example Data Example Token sixTOKENfour 4242424242424242 424242925164242 fourTOKENfour 4242424242424242 424276225864242 TOKENfour 4242424242424242 635276725864242 GUID ThisIsATest 25892e17-80f6-415f-9c65-7395632f0223 SSN 123456789 958475126 nGUID 25947582 25892e17-80f6-415f-9c65-7395632f0223 nTOKENfour 9876543210 1234563210 nTOKEN 9876543210 8631457809 sixANTOKENfour 4242424242424242 424242AV5124242 fourANTOKENfour 4242424242424242 4242ZYAV5124242 ANTOKENfour 4242424242424242 9TY2ZYAV5124242 ANTOKEN 9876543210 5FR962FGT0 sixASCIITOKENfour 1324-123-4845796 1324-1TFTFO5796 fourASCIITOKENfour 1324-123-484 1324DI2-484 ASCIITOKEN 1324-123-484 D258G4F7R4FG sixNTOKENfour 999999999999999 999999685129999 fourNTOKENfour 9999999999999 9999017819999 TOKEN ThisIsATest DUH3JSLDTAYHUCO51MXY7IINZ8HLNDU90FMTTM sixTOKENfourNonLuhn 4242424242424242 424242925864242 fourTOKENfourNonLuhn 4242424242424242 424276925864242 TOKENfourNonLuhn 4242424242424242 635276925864242 Data Security And Format Flexibility
49 Minimization Devaluation/Pseudonymisation Data Hashing/Masking Encryption DataUtility Data Protection Max Utility Min Utility Min Protection Max Protection Source:TokenEx Data Security Approaches
50 Type of Data Use Case I Structured How Should I Secure Different Types of Data? I Un-structured Simple – Complex – PCI PHI PII Encryption of Files Card Holder Data Tokenization of Fields Protected Health Information Personally Identifiable Information
51 A PCI SAQ A contains 22 controls compared to more than 300 for the full PCI DSS • Use a hosted iFrame or payments page provided by a validated service provider to capture and tokenize CHD • Do not transmit, process or store CHD via any other acceptance channel and utilize payment services of tokenization provider to process transactions Minimize Cost of PCI Tokenization
52 IAM technologies and authentication
53 #1 Siloed (Centralized) Identity YOU ACCOUNT ORG STANDARDS: Source: Sovrin.org
54 #2 Third-Party IDP (Federated) Identity YOU ACCOUNT ORG STANDARDS: IDP Source: Sovrin.org
55 #3 Self-Sovereign Identity (SSI) YOU CONNECTION PEER DISTRIBUTED LEDGER (BLOCKCHAIN) Source: Sovrin.org The Sovrin Network is the first public-permissioned blockchain designed as a global public utility exclusively to support self-sovereign identity and verifiable claims. Recent advancements in blockchain technology now allow every public key to have its own address, which is called a decentralized identifier (DID).
56 #3 Self-Sovereign Identity (SSI) PEER DISTRIBUTED LEDGER (BLOCKCHAIN) DIGITAL WALLET CONNECTION GET CREDENTIAL SHOW CREDENTIAL 1 DIDs 2 DKMS 3 DID AUTH 4 Verifiable Credentials Source: Sovrin.org
57 Best Data Security Software (G2 Crowd Grid)
58 Thank You! Ulf Mattsson, TokenEx www.TokenEx.com

Recommended

Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
Abbie Hosta
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineering
Peter Wood
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Ulf Mattsson
 
PCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the CloudPCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the Cloud
ControlCase
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
Peter Wood
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 

Recommended

Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
Abbie Hosta
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineering
Peter Wood
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Ulf Mattsson
 
PCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the CloudPCI-DSS Compliance in the Cloud
PCI-DSS Compliance in the Cloud
ControlCase
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
Peter Wood
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09
tverbeck
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
Nikec Solutions
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and Security
Alex Hyer
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Securitydocomusa
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
Usman Anjum
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
SsendiSamuel
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
Yu-Hsin Hung
 
Encrytpion information security last stand
Encrytpion information security last standEncrytpion information security last stand
Encrytpion information security last standGeorge Delikouras
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Adri Jovin
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
Jeff Katz
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
Radouane Mrabet
 
What I learned from RSAC 2019
What I learned from RSAC 2019What I learned from RSAC 2019
What I learned from RSAC 2019
Ulf Mattsson
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
Awais Haider
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
Security Innovation
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
Hadi Fadlallah
 
Information security and research data
Information security and research dataInformation security and research data
Information security and research data
Tomppa Järvinen
 
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Intergen
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
Eurotech
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 

More Related Content

What's hot

General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09
tverbeck
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
Nikec Solutions
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and Security
Alex Hyer
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Securitydocomusa
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
Usman Anjum
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
SsendiSamuel
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
Yu-Hsin Hung
 
Encrytpion information security last stand
Encrytpion information security last standEncrytpion information security last stand
Encrytpion information security last standGeorge Delikouras
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Adri Jovin
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
Jeff Katz
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
Radouane Mrabet
 
What I learned from RSAC 2019
What I learned from RSAC 2019What I learned from RSAC 2019
What I learned from RSAC 2019
Ulf Mattsson
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
Awais Haider
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
Security Innovation
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
Hadi Fadlallah
 
Information security and research data
Information security and research dataInformation security and research data
Information security and research data
Tomppa Järvinen
 
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Intergen
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
Eurotech
 

What's hot (20)

General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and Security
 
DocomUSA Cyber Security
DocomUSA Cyber SecurityDocomUSA Cyber Security
DocomUSA Cyber Security
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Encrytpion information security last stand
Encrytpion information security last standEncrytpion information security last stand
Encrytpion information security last stand
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
What I learned from RSAC 2019
What I learned from RSAC 2019What I learned from RSAC 2019
What I learned from RSAC 2019
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
 
Information security and research data
Information security and research dataInformation security and research data
Information security and research data
 
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
 

Similar to The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g

Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
Ulf Mattsson
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5
MarketingArrowECS_CZ
 
What i learned at gartner summit 2019
What i learned at gartner summit 2019What i learned at gartner summit 2019
What i learned at gartner summit 2019
Ulf Mattsson
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
Ulf Mattsson
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
Nuno Godinho
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
Ulf Mattsson
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
Tryzens
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
Precisely
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
Precisely
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile Applications
Greg Patton
 
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
MarketingArrowECS_CZ
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copy
yuliana_mar
 
Emerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for CloudEmerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for Cloud
Ulf Mattsson
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Precisely
 

Similar to The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g (20)

Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5
 
What i learned at gartner summit 2019
What i learned at gartner summit 2019What i learned at gartner summit 2019
What i learned at gartner summit 2019
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile Applications
 
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copy
 
Emerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for CloudEmerging Data Privacy and Security for Cloud
Emerging Data Privacy and Security for Cloud
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
 

More from Ulf Mattsson

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
Ulf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Ulf Mattsson
 
Book
BookBook
Book
Ulf Mattsson
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
Ulf Mattsson
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
Ulf Mattsson
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
Ulf Mattsson
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
Ulf Mattsson
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
Ulf Mattsson
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
Ulf Mattsson
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
Ulf Mattsson
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
Ulf Mattsson
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Ulf Mattsson
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
Ulf Mattsson
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
Ulf Mattsson
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
Ulf Mattsson
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
Ulf Mattsson
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
Ulf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
Ulf Mattsson
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Ulf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
Ulf Mattsson
 

More from Ulf Mattsson (20)

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Book
BookBook
Book
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 

Recently uploaded

Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g

  • 1. 1 The Day When 3rd Party Security Providers Disappear into Cloud Ulf Mattsson TokenEx stuffyoushouldknow
  • 2. 2 • Head of Innovation at TokenEx • Chief Technology Officer at Protegrity • Chief Technology Officer at Atlantic BT Security Solutions • Chief Technology Officer at Compliance Engineering • Developer at IBM Research and Development • Inventor of 70+ issued US patents • Providing products and services for Data Encryption and Tokenization, Data Discovery, Cloud Application Security Broker, Web Application Firewall, Managed Security Services, Security Operation Center, and Bench-marking/Gap-analysis. Ulf Mattsson
  • 3. 3 • Verizon Data Breach Investigations Report • Enterprises are losing ground in the fight against persistent cyber-attacks • We simply cannot catch the bad guys until it is too late. This picture is not improving • Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools • JP Morgan Chase data breach • Hackers were in the bank’s network for months undetected • Network configuration errors are inevitable, even at the larges banks • Capital One data breach • A hacker gained access to 100 million credit card applications and accounts • Amazon Web Services, the cloud hosting company that Capital One was using Enterprises Losing Ground Against Cyber-attacks
  • 5. 5Source: Verizon 2019 DBIR, data-breach-investigations-report Threat Actors
  • 7. 7Source: Verizon 2019 DBIR, data-breach-investigations-report Webapp Servers in Payment Data Breaches
  • 8. 8
  • 10. 10 The Day When 3rd Party Security Providers Disappear into Cloud • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Public Cloud / Multi- cloud Example pricing: 10 % of on-premises alternatives On-premises
  • 11. 11 Security monitoring and operations Monitor for malicious activity, handle security incidents, and support operational processes that prevent, detect, and respond to threats. •Cloud Security Command Center •Security center - G Suite •Alert center - G Suite •Data regions - G Suite •Access Transparency •Access Transparency - G Suite •Event Threat Detection •Cloud Audit Logs Infrastructure security Rely on a secure-by-design infrastructure with hardening, configuration management, and patch and vulnerability management. •Cloud Infrastructure Security Overview •Container Security Overview •Shielded VMs •Binary Authorization Network security Help secure the network with products that define and enforce your perimeter and allow for network segmentation, remote access, and DoS defense. •Virtual Private Cloud •Cloud Load Balancing •Encryption in transit •Application Layer Transport Security •Cloud Armor Endpoint security Help secure endpoints and prevent compromise with device hardening, device management, and patch and vulnerability management. •Chromebooks •Chrome OS •Chrome Browser •G Suite Device Management •Safe Browsing Data security Make sensitive data more secure with data discovery, controls to prevent loss, leakage, and exfiltration, and data governance. •Encryption at Rest •Cloud KMS •Cloud Data Loss Prevention •G Suite Data Loss Prevention - Gmail •G Suite Data Loss Prevention - Drive •G Suite Information Rights Controls •Cloud HSM •VPC Service Controls •G Suite enhance phishing and malware protection •G Suite third-party application access controls •G Suite security sandbox Identity and access management Manage and secure employee, partner, customer, and other identities, and their access to apps and data, both in the cloud and on-premises. •Cloud Identity •Identity Platform •Cloud IAM •Policy Intelligence •Cloud Resource Manager •Cloud Identity-Aware Proxy •Context-aware access •Managed Service for Microsoft Active Directory •Security key enforcement •Titan Security Key Application security Protect and manage your business applications with application testing, scanning, and API security features. •Cloud Security Scanner •Apigee User protection services Keep your users safe on the web. •Phishing Protection •ReCAPTCHA Enterprise •Web Risk API
  • 12. 12 Public Cloud / Multi-cloud
  • 13. 13 Public Cloud / Multi- cloud
  • 15. 15 Shared responsibilities across cloud service models Source: Microsoft Bench-marking / Gap-analysis
  • 16. 16 Public Cloud / Multi- cloud • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities: • User Identity Management • Application Security • Data Security X
  • 17. 17 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity Management 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Security inside the application, container security, …
  • 18. 18 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities • User Identity Management • Application Security • Data Security X Emerging Industry Standards Public Cloud / Multi- cloud
  • 19. 19 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Data Tokenization Secure Cloud Security Separation Armor.com
  • 20. 20 Cloud Access Security Broker (CASB) Administrator Data Security for including encryption, tokenization or masking of fields or files (at transit and rest) Remote User Internal User Cloud Encryption Gateway (CASB) Secure Cloud Security Separation Armor.co m
  • 21. 21 • WAF • SIEM • Firewall • Encryption • Tokenization • Key Management • AV – Anti Virus • Network Sec Remaining User Responsibilities 1. User Identity Management 2. Application Security 3. Data Security X Public Cloud / Multi- cloud Data Tokenization / encryption Secure Cloud Security Separation Armor.co m Data Protection for Multi-cloud
  • 22. 22 Payment Application Payment Systems Remote User Internal User Payment Application Data Protection for Multi-cloud Data Tokenization / encryption Secure Cloud Armor.co m Payment Network Data Tokens
  • 23. 23
  • 24. 24 We need some cloud compute!
  • 25. 25 We need some cloud compute!
  • 26. 26 Macro trends in Cloud security
  • 27. 27 Micro trends in Cloud security
  • 28. 28
  • 29. 29 Overall IT strategy is multi-cloud
  • 30. 30 IaaS features planned for implementation
  • 32. 32 Security is a kay issue for public cloud
  • 34. 34 Securing Cloud Workloads – Greatest Increase in Spending
  • 35. 35
  • 37. 37 Encryption and Privacy Models • Privacy enhancing data de-identification terminology and classification of techniques (ISO) Source: INTERNATIONAL STANDARD ISO/IEC 20889 Encrypted data has the same format Server model Local model Differential Privacy (DP) Formal privacy measurement models (PMM) De-identification techniques (DT) Cryptographic tools (CT) Format Preserving Encryption (FPE) Homomorphic Encryption (HE) Two values encrypted can be combined* K-anonymity model Responses to queries are only able to be obtained through a software component or “middleware”, known as the “curator**” The entity receiving the data is looking to reduce risk Ensures that for each identifier there is a corresponding equivalence class containing at least K records *: Multi Party Computation (MPC) **: Example Apple and Google
  • 38. 38 Encryption and Privacy Models Source: INTERNATIONAL STANDARD ISO/IEC 20889 Homomorphic Encryption (HE) *: Multi Party Computation (MPC) Oper (Enc_D1, Enc_D2) HE Dec HE Enc HE Enc Clear 12 Protected Key Clear D2 Enc D1 Enc D2 “Untrusted Party*” • Format Preserving Encryption (FPE), Homomorphic Encryption (HE) and Multi Party Computation (MPC) Clear 123 Format Preserving Encryption (FPE) FPE Enc Clear D1 FPE Dec Clear 123 Protected Keys 897
  • 39. 39 Encryption and Privacy Models ISSA International 39 Source: INTERNATIONAL STANDARD ISO/IEC 20889 Differential Privacy (DP) k-Anonymity Model __ __ __ *: Example Apple and Google Clear Protected Curator* Filter Clear Cleanser Filter Cleanser Filter Clear __ __ __ Protected DB DB • Differential Privacy (Google, Apple) and k-Anonymity Model
  • 40. 40 EU General Data Protection Regulation (GDPR) • What is Personal Data according to GDPR? Article 4 – Definitions • (1) ‘personal data’ means any information relating to an identified or identifiable natural person • (5) ‘pseudonymisation’ means the processing personal data in such a manner that the data can no longer be attributed to a specific data subject
  • 41. 41 GDPR Fines • When French regulators cited Europe's fledgling General Data Protection Act in fining Google $57 million earlier this year for playing fast and loose with consumer data in personalizing ads, experts called what was then the biggest fine issued under the new law the "tip of the iceberg.“ • The U.K.'s Information Commissioner's Office (ICO) on July 8 cited GDPR in announcing it would seek a $230 million fine against British Airways (equal to 1.5 percent of the company's annual revenue) for a September 2018 breach in which attackers accessed the protected data of nearly 500,000 customers through the airline's website and mobile applications. • The ICO alleged that ineffective security practices were to blame. • ICO added Marriott to the list, saying it intends to seek nearly $124 million from Marriott (or 3 percent of its annual revenue) for a breach that saw hackers maintain access to the Starwood guest reservation database between 2014 and 2018, compromising 383 million customer records. Source: rsaconference.com
  • 42. 42 Source: IBM Encryption and Tokenization Discover Data Assets Security by Design GDPR Security Requirements – Encryption and Tokenization
  • 43. 43 GDPR and California Consumer Privacy Act (CCPA) ISSA International
  • 44. 44 GDPR and California Consumer Privacy Act (CCPA) ISSA International
  • 45. 45 Example of Cross Border Data-centric Security Data sources Data Warehouse In Italy Complete policy-enforced de- identification of sensitive data across all bank entities
  • 46. 46 What is the difference? • Encryption - A data security measure using mathematic algorithms to generate rule-based values in place of original data • Tokenization - A data security measure using mathematic algorithms to generate randomized values in place of original data Tokens are versatile • Format-preserving tokens can be utilized where masked information is required Encryption vs Tokenization
  • 47. 47 Examples of Protected Data Field Real Data Tokenized / Pseudonymized Name Joe Smith csu wusoj Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA Date of Birth 12/25/1966 01/02/1966 Telephone 760-278-3389 760-389-2289 E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org SSN 076-39-2778 076-28-3390 CC Number 3678 2289 3907 3378 3846 2290 3371 3378 Business URL www.surferdude.com www.sheyinctao.com Fingerprint Encrypted Photo Encrypted X-Ray Encrypted Healthcare / Financial Services Dr. visits, prescriptions, hospital stays and discharges, clinical, billing, etc. Financial Services Consumer Products and activities Protection methods can be equally applied to the actual data, but not needed with de- identification
  • 48. 48 Token Scheme Example Data Example Token sixTOKENfour 4242424242424242 424242925164242 fourTOKENfour 4242424242424242 424276225864242 TOKENfour 4242424242424242 635276725864242 GUID ThisIsATest 25892e17-80f6-415f-9c65-7395632f0223 SSN 123456789 958475126 nGUID 25947582 25892e17-80f6-415f-9c65-7395632f0223 nTOKENfour 9876543210 1234563210 nTOKEN 9876543210 8631457809 sixANTOKENfour 4242424242424242 424242AV5124242 fourANTOKENfour 4242424242424242 4242ZYAV5124242 ANTOKENfour 4242424242424242 9TY2ZYAV5124242 ANTOKEN 9876543210 5FR962FGT0 sixASCIITOKENfour 1324-123-4845796 1324-1TFTFO5796 fourASCIITOKENfour 1324-123-484 1324DI2-484 ASCIITOKEN 1324-123-484 D258G4F7R4FG sixNTOKENfour 999999999999999 999999685129999 fourNTOKENfour 9999999999999 9999017819999 TOKEN ThisIsATest DUH3JSLDTAYHUCO51MXY7IINZ8HLNDU90FMTTM sixTOKENfourNonLuhn 4242424242424242 424242925864242 fourTOKENfourNonLuhn 4242424242424242 424276925864242 TOKENfourNonLuhn 4242424242424242 635276925864242 Data Security And Format Flexibility
  • 49. 49 Minimization Devaluation/Pseudonymisation Data Hashing/Masking Encryption DataUtility Data Protection Max Utility Min Utility Min Protection Max Protection Source:TokenEx Data Security Approaches
  • 50. 50 Type of Data Use Case I Structured How Should I Secure Different Types of Data? I Un-structured Simple – Complex – PCI PHI PII Encryption of Files Card Holder Data Tokenization of Fields Protected Health Information Personally Identifiable Information
  • 51. 51 A PCI SAQ A contains 22 controls compared to more than 300 for the full PCI DSS • Use a hosted iFrame or payments page provided by a validated service provider to capture and tokenize CHD • Do not transmit, process or store CHD via any other acceptance channel and utilize payment services of tokenization provider to process transactions Minimize Cost of PCI Tokenization
  • 53. 53 #1 Siloed (Centralized) Identity YOU ACCOUNT ORG STANDARDS: Source: Sovrin.org
  • 54. 54 #2 Third-Party IDP (Federated) Identity YOU ACCOUNT ORG STANDARDS: IDP Source: Sovrin.org
  • 55. 55 #3 Self-Sovereign Identity (SSI) YOU CONNECTION PEER DISTRIBUTED LEDGER (BLOCKCHAIN) Source: Sovrin.org The Sovrin Network is the first public-permissioned blockchain designed as a global public utility exclusively to support self-sovereign identity and verifiable claims. Recent advancements in blockchain technology now allow every public key to have its own address, which is called a decentralized identifier (DID).
  • 56. 56 #3 Self-Sovereign Identity (SSI) PEER DISTRIBUTED LEDGER (BLOCKCHAIN) DIGITAL WALLET CONNECTION GET CREDENTIAL SHOW CREDENTIAL 1 DIDs 2 DKMS 3 DID AUTH 4 Verifiable Credentials Source: Sovrin.org
  • 58. 58 Thank You! Ulf Mattsson, TokenEx www.TokenEx.com